[Samba] Multiple PDCs, Single Domain

[Dariush Forouher]

Am Fr, 2003-09-12 um 22.51 schrieb Matt Schillinger:
> Hello,
> 
> I have a rather experimental question to ask.
> 
> I know that under standard circumstances, that you cannot have multiple
> PDC for a single domain, as they will conflict with each other.
> 
> I am dealing with a case of a school district, where there are multiple
> buildings.There are T-1s that tie together each of the buildings, then a
> bonded T-1 grants access to the internet through the main admin
> building. They would like to have a single domain, but would like to
> keep T-1 traffic to a minimum. They also want to continue with service
> when T-1 outages occur.
> 
> What I was wondering is, if this could be made possible..
> 
> a PDC at each building, that ties into a slave LDAP server.

The only way to archive this, would be to hide those PDCs from each
other. So you would have to block ports 137-139 at each T1 router.

> At the Administration Building, There is a master LDAP Server.
> 
> Optimally, if the Administration building could have a single BDC
> (Obviously, BDC functionality would only be available when T-1
> connectivity is functioning), that would be great.
> 
> I am wondering if this could somehow be accomplished with intelligent
> usage of nmbd services keeping PDC selection problems out of the way..
> Optimally, having a method of a full mapping of all hosts via nmbd would
> be the best scenario, proxying to a central wins server. I fear that may
> result in PDC in-fighting..

I have to admit that I don't see why you can't live live one PDC and X
BDCs. You would have construct your LDAP servers this way anyway. If a
PDC goes down (or the connection breaks) the BDC would still be able
process logons on his own.

ciao
Dariush