[Samba] Clustering and winbindd

Peter Giorgilli pgiorgilli at theage.fairfax.com.au
Mon Dec 29 06:16:43 GMT 2003


Hi all!

I'm working on a project that, funnily enough, involves clustering and 
"winbindd". Specifically, we have a 2-node cluster configured in an 
active-active configuration whereby both servers are running Samba, each 
"exporting" different filesystems that are backed on a shared storage 
subsystem such that at any given time, one node can takeover from the other.

The problem: if I run "winbindd" on both systems independently, the 
Windows-domain user accts are mapped to different UNIX uids/gids, which in turn creates a problem when a particular share is relocated from one node to 
the other because of the different file permissions. (Ideally, both nodes would see the same "winbindd_idmap.tdb".)

Can I effectively configure "winbindd" in a master/backup configuration such 
that only one of the nodes is able to update the database, whilst the other is only able to read the database? I thought to set the "winbind cache time" 
to a value such as 1 day that would effectively relegate one of the nodes to 
"backup" status. At the same time, the "backup" server would periodically "rsync" the "winbindd_idmap.tdb" database to pickup any changes.

Can anyone see any problems with this approach and/or suggest a better way of 
going about it?

I should also mention that I'm running on Red Hat Linux Advanced Server 
release 2.1AS, using the latest "rpm" released by Red Hat which as best I can 
understand is based on Samba release 2.2.7, plus select patches back-ported from 2.2.8.

TIA

Peter


*********************************************************************************
The information contained in this e-mail message and any accompanying files is or may be confidential.  If you are not the intended recipient, any use, dissemination, reliance, forwarding, printing or copying of this e-mail or any attached files is unauthorised. This e-mail is subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. If you have received this e-mail in error, please advise the sender immediately by return e-mail, or telephone and delete all copies. Fairfax does not guarantee the accuracy or completeness of any information contained in this e-mail or attached files. Internet communications are not secure, therefore Fairfax does not accept legal responsibility for the contents of this message or attached files.
*********************************************************************************



More information about the samba mailing list