[Samba] sharing samba smbpasswd

John Drescher drescherjm at gmail.com
Mon Dec 29 15:56:00 GMT 2008


> 1) LDAP where one server runs ldap and all servers authenticate against it.
>  Advantages: easy to replicate and easily extendable for other uses.
>  Disadvantages: difficult to set up if you don't know what you are doing.
>
With syncrepl pretty easy to add more ldap servers. I generally use 1
master and several read only replicas. I would never run a network (of
more than 3 machines) with only 1 ldap server.

http://www.zytrax.com/books/ldap/ch7/#ol-syncrepl-ro

On the subject of domain controllers using LDAP. Since I have been
doing this for > 5 years, I have a few comments. The ldap servers do
not have to be on the same machine as the PDC or BDC. At work I have 3
LDAP servers. All 3 of them are on VIRTUAL machines. I have 1 my PDC
on xen and my BDC on openvz. And the PDC and BDC do not have any samba
file shares on them.  One nice thing about this is moving the LDAP
servers or domain controllers in this case becomes trivial. And also I
do have backup servers on other virtual machines that are offline and
can be turned on as needed and in less than 5 minutes any of these
virtual machines can be the PDC and/or be the master ldap server.

John


More information about the samba mailing list