[Samba] LDAP Master/Slave

[Simon Hobson]

rruegner wrote:

>let me explain....if you have conected smb ldap master pdc with
>a vpn ( ie. Openvpn ) to a bdc smb ldap slave and if the vpn
>brakes , win clients from the vpn network are working with
>the last entries from the slave ldap.
>As in the blackout period the pdc isnt exist and the bdc ldap slave 
>is not writeable , you cant make any changes ( like bringing up new 
>machines on the fly, chnage passwords etc )until the vpn is up again 
>to the pdc ldap master.
>This belongs to the fact that a bdc is read only.
>This is my understanding....and practised...or do you now something
>other workaround? ( which might be possible with ldap in principal, 
>but will end in heavly syncing the ldap directory in network 
>blackout periods )

I've been watching this thread since I'm looking at implementing 
backup servers at two remote sites next week. Could I just clarify 
what I believe happens :

During a network break :

Clients at the remote site will be reliant on the backup servers, but 
for obvious reasons will not be able to update the LDAP server.

During normal operations :

Clients can use any of the servers for authentication etc. If a 
change is made via one of the remote servers, then it is either 
replicated or redirected to the primary LDAP server depending on the 
LDAP setup.

Is this correct ?

Simon

-- 
Simon Hobson MA MIEE, Technology Specialist
Colony Gift Corporation Limited
Lindal in Furness, Ulverston, Cumbria, LA12 0LD
Tel 01229 461100, Fax 01229 461101

Registered in England No. 1499611
Regd. Office : 100 New Bridge Street, London, EC4V 6JA.