[Samba] Samba/LDAP Domains and multiple File Servers

Matt Ingram mingram at cbnco.com
Wed Mar 22 15:01:42 GMT 2006

>> hmm are you referring to the chapter on Making Happy Users?  That 
>> chapter does not address the the scenario I am going for.   The sample 
>> given is still using home drives that reside on the PDC and mounted on 
>> the BDC via NFS; which is not what I'm looking for.  What I'm looking 
>> for is, Site one's users home drives exclusively running off of BDC1; 
>> site 2's users home drives exclusively running off of BDC2, and so on.
>> Here's what I've tried:
>> on the BDC's smbldap-tools I've set the smbldap-tools.conf SID to that 
>> of the PDC instead of the BDC's SID, while things like the home drive 
>> are pointing to the BDC, instead of the PDC.  This seems to work, the 
>> way I was hoping.. are you aware of any problems having the setup like this?
> ----
> let's keep this on list please.
> doesn't sound remotely like the samba documentation describes it and if
> it works for you - great.
> The intent of samba software is that PDC and any/all BDC's have the
> exact same LDAP data - at least as far as all Samba user/group/computer
> attributes are concerned and a BDC would have it's own SID, not the same
> SID as the PDC. That would track the methodology of a Windows NT 4 type
which is what I'm doing.   The BDC still does have its own SID and it 
uses the exact same ldap data as the PDC.   It's just in the 
/etc/smbldap-tools/smbldap.conf file on the BDC, I set the SID to use 
that of the PDC.  When I had the SID set to the BDC (in the 
smbldap.conf), logons didn't work when an account was generated with the 
smbldap-useradd on the BDC. I'm assuming the SID of a user on the domain 
has to have the SID prefix of the PDC, not any other server on the domain.
> Since a passdb of LDAP or tdb types actually permit you to have user
> home drives and profiles set individually, it really isn't much effort
> to assign these paths individually for users to whichever server you
> want them to use.
you're right, it isn't much effort to modify the home drives a users on 
different servers.  But being able to use the smbldap-tools to do all of 
that for you, is a smoother solution, imo - assuming there is no issues 
in doing it.
> Am I aware of any problems having the setup like you have described
> yours to be? No - but I tend towards setting things up as they were
> intended to be done.
I don't think I'm doing anything that strange here.. I've just added the 
smbldap-tools to the BDC as well, and modified the smbldap.conf file so 
that it will create users home drives and ldap settings to use a home 
drive on the BDC.   If I am doing something strange here, in a way samba 
is not intended to be used, please point it out to me. I don't want to 
shoot myself in the foot later on ;).

Thanks greatly for your help.


Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited

More information about the samba mailing list