[Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???

Michael Gasch gasch at eva.mpg.de
Fri Jun 18 14:08:07 GMT 2004

> maybe I am missing something here - but why does your master ldap fail so often?  
it doesn't - i'm just building the worst case szenario =)

>I agree with the other poster, the slave LDAPS should be 
> (and I would almost move to _need_ to be) read only .. 
and now tell me please how the master can replicate his LDAP tree to the 
slave to get a 1:1 copy and a backup of my LDAP tree, if it's readonly 

>I am also curious as to why you have a samba server contacting either the PDC/BDC 
> ldap servers when it could just be running a replicated LDAP DB itself...which is how all the docs say to do it - maybe this is something new with 
> 3.xx - not sure, but it alwyas seemed more logical to have all your samba boxes be thier own DC in terms of login/user information
if each smbd has it's own ldap instance running (DMs too), i have to 
ensure, that all LDAP instances have the same information
before i can't solve the replication problem (MASTER=dead, changes are 
made to SLAVE, MASTER comes back => inconsistency in LDAP trees) in case 
of the MASTER dies and information has to be written to one of the 
SLAVEs, i won't give each smbd his own passdb backend

it's my plan to have one PDC, one BDC, x DMs and one LDAP instance on 
both DCs

> If your master does fail - and I mean dead, need to rebuild, etc..I would make one of the slaves the write/master get the original MASTER 
> back on line, but not in production until you can do a slapcat of the LDAP to it, change the everything back to what it needs to be, and have 
> your system running again....
this is my temporary solution


More information about the samba mailing list