[Samba] password server vs. passdb

Andrew Bartlett abartlet at samba.org
Thu Feb 1 03:01:47 GMT 2007


On Wed, 2007-01-31 at 17:52 -0800, Chuck Theobald wrote:
> Hi,
> 
> Is it possible to run a non-PDC file server which references an 
> authentication server via the "password server" directive as a BDC to 
> the PDC? In short, I have one machine that serves as the LDAP auth 
> server and PDC for my domain. I have another machine that is the file 
> server and uses the aforementioned "password server" directive to 
> authenticate users. Now, I would like to run the file server as a BDC as 
> well. I have set up the file server as a slave LDAP server per Jerry's 
> "LDAP System Administration" book, and am working from John Terpstra's 
> chapter on Backup Domain Control.
> 
> My aim is to have the file server fail over to itself for both domain 
> control and authentication should my main LDAP server/PDC go offline. 
> Otherwise, the file server should reference the main server for both 
> domain control and authentication.
> 
> I guess the question boils down to: What should I have password server, 
> passdb backend, and security set to?

If your fileserver becomes a BDC, and holds a copy of the authentication
database in it's local LDAP slave, why should it ever contact the PDC?
What do you gain by adding load to the PDC to obtain information
available locally?

In any case, samba is either a DC or a member server, never some weird
mix between the two...

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20070201/e35aaaac/attachment.bin


More information about the samba mailing list