[Samba] Samba + LDAP over the WAN
Adam Tauno Williams
awilliam at whitemice.org
Wed Sep 7 01:29:01 GMT 2005
> Since we're on the subject of Samba over the WAN....
> (BTW, I'm running three offices with a Samba 3.0.9 PDC and two Samba
> 3.0.9 BDCs over an FreeSwan based WAN and it works just fine. The
> WINS server is a must in my book though.)
We have a fifteen site WAN with sites linked via Frame Relay, point-to-point
T1s, and ISDN
> Last Thursday and Friday, one of the remove office's WAN lines went
> down. While the outages were significant, nothing major happened
> because of it. But, it got me thinking about what *could* have
> happened and that has raised these questions.
> Background: All servers running RHEL 3.0, up2date'd. Samba version
> is 3.0.9.something.that.RedHat.Adds OpenLDAP used for ldapsam
> password backend. Master OpenLDAP server is located in my office,
> each office has a replica.
Same, we have a central OpenLDAP server on SuSe and various replicants.
> 1). If someone would have decided to change their password while the
> line was down, what would have been the net effect?
The attempt would fail.
> I know the change would not have been applied to the replica LDAP
> server, but would it have been queued until the Master LDAP server
> could have been contacted?
> 2). I know that each workstation in the domain changes its machine
> password at a random time, what would have happened during this
> process if the WAN was down?
The change password would fail, it would try again later.
> 3). Are there any other problems that could be caused by a WAN outage
> that can be called disasterous?
No, we've had sites drop off the WAN for days with no significant issues.
> What would those be?
> 4). Any recommendations to minimize No. 3 above?
Start your own phone company? :) One that doesn't suck.
Adam Tauno Williams - http://www.whitemice.org
More information about the samba