[Samba] LDAP Master/Slave
rruegner
robert at ruegner.org
Wed Aug 18 16:44:01 GMT 2004
Hi,
if you want to stay bdc stay alive, in cases
when vpn broke so on your bdc smb.conf
your slave ldap should be the first entry in the passwd backend,
so if vpn brake , the slave ldap operates with its last
entries from the master and will give the win clients any chance
to operate just like if the pdc is alive.
If vpn is up again it the ldap should refresh the slave automatic.
But note, a bdc is read only so changes can olny be made to the master
ldap on the pdc.So no changes can be made to the domain during the
blackout period.
If you want a full functional bdc you also should setup user clients
homes and profiles in your outside ( vpn ) office hosted on the bdc.
( a seperate dhcp server and an bind slave with longtime zone caching is
very usefull, too )
Regards
Jason C. Waters schrieb:
> Is anyone using this? My smb.conf file has this line in server1(master)
>
> passwd backend = ldapsam:"ldaps://ldap.server1 ldaps://ldap.server2"
>
> and this is what server2(slave ldap, BDC) looks like:
>
> passwd backend = ldapsam:"ldaps://ldap.server1 ldap.server2"
>
> This is what happens. When I take down server 1's ldap server, server2
> just starts using its local ldap server. But if I take down the VPN
> between the two, I try the same test, pdbedit -L, it works but it take
> about 6 seconds for it to timeout on server1. Is this normal or do I
> need to change some DNS setting? Thanks for your help.
>
> Jason
More information about the samba
mailing list