[Samba] Samba PDC in many branch offices + one LDAP database
- how to change passwords?
mangoo at interia.pl
Thu Oct 28 15:40:53 GMT 2004
Paul Gienger wrote:
>> Heh, ask at OpenLDAp group, they point you to Samba group; ask at
>> Samba group, they point you back to OpenLDAP :)
> That's partially the fault of your approach to the problem. You're
> trying to eat all the meals for the day at once. Try to get ldap
> working fine at the system level (breakfast) then once you have that
> foundation laid you can start layering on dependant services like samba,
> mail, apache auth, etc. (dinner, supper, midnight snack).
I have it working fine already - OpenLDAP works as a central server,
replicates to each branch office, in each office there is a Samba 3
working as a PDC that looks for a password in OpenLDAP slave which is
located in the same office.
The only problem I have, is when in a branch office user changes
password - it should be somehow uploaded to the master OpenLDAP - and
from there propagated to the rest of slaves in other branches.
>> "From my (limited) knowledge of samba (3.0.X), it allows to configure
>> both the slave and the master DSA for users storage,
> Nope, it only allows you to specify one. Well really you can put in more
> than one, but there isn't anything to specify which is master/slave,
> they're all just 'there'. That is why you need to have your LDAP
> structure working first, it will handle referring the updates.
> smbldap-tools will allow you to specify master and slave so that it
> writes to the master directly for useradds and such.
OK, thanks, will try that approach.
More information about the samba