[Samba] Re: Transfering Machine Accounts / MACHINE.SID

John H Terpstra jht at samba.org
Sat Dec 27 06:48:33 GMT 2003


On Sat, 27 Dec 2003, Beast wrote:

> Saturday, December 27, 2003, 5:41:37 AM, Andrew wrote:
>
> > On Sat, 2003-12-27 at 07:10, Information Technology wrote:
> >>
> >> My goal is to rebuild my PDC as I mentioned earlier.  I stated in another
> >> thread my plan was to create a 3.0.1 BDC; tranfer the accounts; transfer the
> >> shares; then, move the user and system accounts into LDAP.  Once the PDC is
> >> rebuild and I need to transfer control back, It should be simple to move the
> >> LDAP first, point the new Samba to the new primary LDAP, and demote the
> >> temporary PDC back down to BDC.
>
> > And to make it a real BDC, setup an LDAP slave.
>
> If I put PDC in slave ldap, is this means that it will update the
> slave (because samaba will bind as ldap-root which has authority of
> updating this replica)?
> No way to prevent samba to using other ldap account to update the
> directory?

Have you trtied this? Did you monitor it using ethereal?

If not, I recommend that you do this.

-- 
John H Terpstra
Email: jht at samba.org


More information about the samba mailing list