[Samba] Samba 3 with OpenLDAP multimaster or Fedora-DS

Charlie medievalist at gmail.com
Tue Jun 17 20:39:51 GMT 2008

Lots of folks have samba 3 running over OpenLDAP.  Syncrepl is what
I'd use if I was setting it up today, but I have a very reliable and
mature implementation already running slurpd, so I am going to stick
with that for the moment.

As for multi-master, I agree with Zeilinga's comments on LDUP.  Google
for "multimaster considered harmful" or read
if you don't know what I'm talking about.

We have one PDC and WINS server per physical site, which is more
reliable and fault-tolerant than anything else I've tried, but it does
make LDAP configuration a bit dicey since the Samba Team doesn't yet
understand why anyone would want to combine a unified authentication
infrastructure with geographically localized network control.  Setting
up domain trusts with our configuration is tricky.


On Mon, Jun 16, 2008 at 10:44 AM, Carlos Eduardo Pedroza Santiviago
<carlos at santiviago.com> wrote:
> Hi,
> I'd like to know if any of you have ever implemented Samba 3 with
> OpenLDAP multimaster (using syncrepl, maybe) or Fedora-DS. The basic
> idea would be:
> - WAN link dies, the remote office's BDC would promote itself to PDC
> (using some kind of monitoring script), and will start accepting
> changes to the user base. Also, some change to the local WINS server
> would be necessary.
> - WAN link returns, the changes are replicated back to the original
> PDC, and the WAN's PDC is demoted to BDC again, and changes again the
> WINS database.
> From what i've read, NT4 seems to do this "automagically", and i'm
> having some complaints about that.
> What do you guys think?
> Best regards,
> --
> Carlos Eduardo Pedroza Santiviago - <carlos at santiviago.com>
> http://softwarelivre.net | Passo-a-passo rumo à liberdade!
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list