[Samba] Samba PDC + OpenLDAP replica
jukka.hienola at helsinki.fi
Tue Nov 8 13:40:36 GMT 2005
Finally got it working... For some reason my RHEL4 servers change
certificate file permissions by default when restarting/reloading services.
Andrew Bartlett wrote:
>On Fri, 2005-11-04 at 10:23 +0200, Jukka Hienola wrote:
>Should it be BDC server
>instead of PDC?
>There should be one PDC per isolated netbios namespace.
>>Should I set up one departmental level master server
>>with master LDAP and Samba PDC, and many LDAP slaves (replicas) with
>>Samba BDCs? But in this case the different VLANs are coing to be a
>>problem for traffic between Samba PDC and BDCs, or so I have understood,
>>since switches connecting different VLANs don't route NetBIOS traffic.
>Samba doesn't do netbios between it's various DCs, but clients will want
>to see one PDC per netbios scope.
So, Samba PDC and BDCs could communicate with each other, but Samba
clients can't communicate with PDC, if they are in a different VLAN? In
my case it would be much more easier (again from administrative point of
view) if I could set up only BDCs in different VLANs, since I'm planning
to use a single organization level LDAP directory to store user/client
data in it (which of course will be replicated to slave/BDC servers).
At the moment I'm having a PDC per every sub-organizational VLAN, but
different sambaSIDs on different PDCs give me a headache. If I could
have a single LDAP based user/client pool on PDC, with BDCs and LDAP
replicas on every VLAN, I could control user/client accesses to
different services or subtrees simply by ACLs on my master LDAP server.
University of Helsinki
More information about the samba