[Samba] Re: multiple ldap servers in bdc/pdc environment
Stefan Metzmacher
metze at metzemix.de
Tue Dec 16 08:17:28 GMT 2003
Thomas Hannan wrote:
> Hi all,
>
> I'm setting up a number of samba DC's across several branch offices
> using the Samba 3.0.0 release's native LDAP support. I'd like to build
> some redundancy into my setup, such as having slave LDAP servers in case
> the master is down/unavailable. However, when I have multiple ldapsam
> entries in my smb.conf I get duplicate or triplicate users listed when
> performing a /usr/local/samba/bin/pdbedit -L, and all 2 or 3 LDAP
> servers get queried no matter what. Is there anyway to list multiple
> backup LDAP servers instead of just having overlapping SAMs?
>
> Also, there will be some remote offices connected via relatively
> high-latency WAN links to the master LDAP server. Will this be a problem
> in terms of adding machine accounts or changing passwords (and that data
> being replicated to the local slave LDAP server at the branch offices in
> a timely manner)? I'd like to only have the remote offices send traffic
> over the WAN links when absolutely necessary (such as changing passwords
> or receiving replica updates pushed out from the master LDAP server).
>
> Regards,
> Thomas
>
> [global]
passdb backend = ldapsam:ldap://192.168.1.60
> ldapsam:ldap://192.168.1.215
> ldapsam:ldap://192.168.1.98
passdb backend = "ldapsam:ldap://192.168.1.60/ ldap://192.168.1.215/ ldap://192.168.1.98/"
should do the job
> ldap suffix = ou=accounts,ou=people,dc=pharm-olam,dc=com
> ldap group suffix = ou=groups
> ldap machine suffix = ou=machines
> ldap user suffix = ou=users
> ldap admin dn =
> uid=smbldap,ou=accounts,ou=people,dc=pharm-olam,dc=com
> ldap ssl = off
>
>
--
metze
-------------------------------------------
Stefan (metze) Metzmacher <metze at metzemix.de>
More information about the samba
mailing list