[Samba] my samba3+ldap+SSO plan
tbsky at annsky.com
tbsky at annsky.com
Wed Nov 12 10:27:06 GMT 2003
hi:
thanks a lot for ur help!!
i will use "HQ master ldap" + "slave branch ldap" as our
toplogy. i try to google at internet, and found that openldap
2.2beta now has "sync-based replication". i also found the pdf
file of ibm explain this at
http://www.openldap.org/conf/odd-wien-2003/jong.pdf
just a thought, myabe we can use samba with multi-master ldap
in the near furture?
Best Regards,
tbsky
>> so i think the normal solution is to make every samba as
>> PDC, make HQ ldap server as master, and make branch ldap server as
>> slave, right?
>
> Correct.
>
>> our wan link from HQ to branch site sometimes break, and it may
>> take several hours to fix :(
>> can client keep working when wan link break? it's ok if
>> branch user can not change password or add machine when wan link
>> break. but i want to make sure the existing users can still work.
>> if existing users can still work, then i think this architechture
>> plus ur "ldap rebind sleep" patch is a beautiful solution for
>> me!!
>
> Yep - it would be pointless having a BDC that couldn't work without a
> PDC around, and this should be fine :-)
>
>> and since all machine account change their password against
>> master ldap server and replicate to branch, so i think machines
>> can travel arround the branch sites. right?
>
> Exactly.
>
>> thanks again for ur information. i m lucky to understand
>> these before i deploy :)
>
> Always well worth doing,
More information about the samba
mailing list