[Samba] Samba PDC in many branch offices + one LDAP database -how
to change passwords?
listas at opendf.com.br
Thu Oct 28 15:48:04 GMT 2004
As far as I know there´s a command used in smb.conf that makes a
samba BDC redirect changes to the master LDAP. I never used it before but
ldap replication sleep (G)
When Samba is asked to write to a read-only LDAP replica, we are
redirected to talk to the read-write master server. This server then
replicates our changes back to the 'local' server, however the replication
might take some seconds, especially over slow links. Certain client
activities, particularly domain joins, can become confused by the 'success'
that does not immediately change the LDAP back-end's data.
This option simply causes Samba to wait a short time, to allow the LDAP
server to catch up. If you have a particularly high-latency network, you
may wish to time the LDAP replication with a network sniffer, and increase
this value accordingly. Be aware that no checking is performed that the data
has actually replicated.
The value is specified in milliseconds, the maximum value is 5000 (5
Default: ldap replication sleep = 1000
----- Original Message -----
From: "Adam Tauno Williams" <adam at morrison-ind.com>
To: "Tomasz Chmielewski" <mangoo at interia.pl>
Cc: <samba at lists.samba.org>
Sent: Thursday, October 28, 2004 1:50 PM
Subject: Re: [Samba] Samba PDC in many branch offices + one LDAP
database -how to change passwords?
>> >> As it is relatively easy to have one LDAP database across all office
>> >> branches, I don't know how to make Samba 3 to read/retrieve
>> >> usernames/passwords from local OpenLDAP slave, but to write added
>> >> machines/changed passwords to the master OpenLDAP server (which would
>> >> then replicate the changes to all its slaves).
>> > If you have the smbldap-tools configured properly with the right master
>> > and slave set, then adding machines is not a problem. Changing
>> > passwords is also not a problem provided you have LDAP referrals set up
>> > properly. Setting up referrals is really more of a question for the
>> > openldap folks, and probably covered in the setup guide at openldap.
>> Heh, ask at OpenLDAp group, they point you to Samba group; ask at Samba
>> group, they point you back to OpenLDAP :)
> Just to clarify, mostly for the archives: Setting up referrals is NIETHER
> Samba OR OpenLDAP question. It is an LDAP issue, referrals are a
> standard LDAP
> thing, supported by every decent DSA. The OpenLDAP lists are for
> SPECIFICALLY for OpenLDAP related issues, referrals would not be such an
> *ANY* decent LDAP text will cover referrals, and questions about referrals
> would be appropriate to the ldap at umich.edu list (generic LDAP
> discussion) - but
> again, they are a well documented standard type of thing.
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba