[Samba] Samba 3 with OpenLDAP multimaster or Fedora-DS

[Charlie]

Lots of folks have samba 3 running over OpenLDAP.  Syncrepl is what
I'd use if I was setting it up today, but I have a very reliable and
mature implementation already running slurpd, so I am going to stick
with that for the moment.

As for multi-master, I agree with Zeilinga's comments on LDUP.  Google
for "multimaster considered harmful" or read
http://www.openrowley.com/2006/10/05/is-multi-master-replication-really-harmful/
if you don't know what I'm talking about.

We have one PDC and WINS server per physical site, which is more
reliable and fault-tolerant than anything else I've tried, but it does
make LDAP configuration a bit dicey since the Samba Team doesn't yet
understand why anyone would want to combine a unified authentication
infrastructure with geographically localized network control.  Setting
up domain trusts with our configuration is tricky.

--Charlie

On Mon, Jun 16, 2008 at 10:44 AM, Carlos Eduardo Pedroza Santiviago
<carlos at santiviago.com> wrote:
> Hi,
>
> I'd like to know if any of you have ever implemented Samba 3 with
> OpenLDAP multimaster (using syncrepl, maybe) or Fedora-DS. The basic
> idea would be:
>
> - WAN link dies, the remote office's BDC would promote itself to PDC
> (using some kind of monitoring script), and will start accepting
> changes to the user base. Also, some change to the local WINS server
> would be necessary.
> - WAN link returns, the changes are replicated back to the original
> PDC, and the WAN's PDC is demoted to BDC again, and changes again the
> WINS database.
>
> From what i've read, NT4 seems to do this "automagically", and i'm
> having some complaints about that.
>
> What do you guys think?
>
> Best regards,
> --
> Carlos Eduardo Pedroza Santiviago - <carlos at santiviago.com>
> http://softwarelivre.net | Passo-a-passo rumo à liberdade!
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>