[Samba] * script parameter and BDC

Andrew Bartlett abartlet at samba.org
Wed Mar 3 09:30:43 GMT 2004

On Wed, 2004-03-03 at 15:21, Beast wrote:
> * Andrew Bartlett <abartlet at samba.org> nulis:
> > On Tue, 2004-03-02 at 23:36, Beast wrote:
> > > When BDC will not make any changes in ldap, is it safe to not set any *script paramater in smb.conf?
> > 
> > If you can keep the scripts identical between PDC and BDC, this will
> > avoid supprises.
> > 
> > BDCs will not normally be asked to make changes, but if asked, Samba
> > BDCs will happily try.
> > 
> Is there any (not normal) cases where BDC is asked to make any changes?

Machine accounts are the main case.  Machines will change their password
on *any* DC - basicly the one they are connected to.  That is why we
keep saying that 'smbpasswd+rsync != BDC'.

Also, I often suggest that multi-site domains split their netbios space
up, so that each site is a single netbios domain (with a 'PDC'), but the
DCs are backed onto the same ldap store. 
Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040303/6e08ff5c/attachment.bin

More information about the samba mailing list