[Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???

Jason C. Waters jwaters at h2os.com
Fri Jun 18 12:00:21 GMT 2004


Isn't the slave ldap directory suppose to be only read only?  So when 
the master is down the users can't change their passwords, but 
everything else should work.  What do you smb.conf and slapd.conf files 
look like for the master and the slave?  I'm having some troubles 
getting the failover to work, so I wouldn't mind a peek.  Thanks

Jason

Michael Gasch wrote:

> hi
>
> i'm looking for hints/experiences concering samba v3, openldap AND 
> redundancy
>
> my setup is:
>
> Samba PDC with LDAP Master
> Samba BDC with LDAP Slave
> Samba Member Server, contacting first PDC, then BDC if the first fails
>
> if all instances are working properly, everything is okay
> replication is also fine (from Master -> Slave)
>
> and now imagine:
>
> LDAP Master dies
> all smbd are contacting LDAP Slave and make their changes in the Slave 
> directory
> cause replication only works from Master->Slave, if Master comes up 
> again, i have inconsistency in my LDAP Backends
> e.g. a machine changes its machine password in Slave directory and 
> can't logon anymore cause the password change isn't replicated on Master
>
> we also tried to setup slurpd (LDAP replication) on both LDAP Servers 
> - if both are up, everything is okay, if one is down, changes are made 
> in one directory, samba tells me it fails (e.g. changing passwords), 
> allthough it changes the attributes and so on....
>
> so the problem is: if Slave dies, everything should go on working, 
> because PDC/BDC use at first LDAP Master
> if slave comes up, replication is done properly
>
> but if Master dies, i get an inconsistent domain
>
> how do you get redundancy in your LDAP backend?
> PDC/BDC redundancy works well, the single-point-of-failure is LDAP
>
> thx




More information about the samba mailing list