[Samba] PDC of several domains

Asier Baranguán abaranguan at elpagestion.com
Tue Nov 7 08:58:22 GMT 2006


I've a Samba server (3.0.22) acting as the PDC of the domain. The network is made of one 
Debian server and ~12 Windows 2000/XP client machines. I use OpenLDAP as backend with TLS 
security and works perfect.

Now our office needs to connect to other offices in physically different locations. It 
would be great to use the same LDAP backend across all the offices using it's replication 
capabilities, but I have some questions:

* I've readed that Samba cannot act as PDC for more than one domain ¿it's true? The Samba 
PDC is installed in a server with the kernel linux vserver  patch 
(http://linux-vserver.org/Welcome_to_Linux-VServer.org) so I can have several virtual 
servers. Is this the right way? Perhaps one possible setup would be to have each office 
it's own Samba server and make domain trust relationships between them, but only with one 
OpenLDAP server shared across all the domains: it's mandatory that one user must be able 
to login in any office with only one credentials

* ¿Can OpenLDAP act as a backend of more than one domain? We have the setup from the 
Samba+LDAP authentication from the samba.idealx.com site, but in the documentation they 
only speak about one domain.

Any help? Or pointers to some books or web-sites.

More information about the samba mailing list