[Samba] Antwort: Re: central PDC + remote BDCs: LDAP strategy, my lack of comprehension
Michael Heydon
michaelh at jaswin.com.au
Fri Aug 21 02:46:01 MDT 2009
sven.ehret at comdok.de wrote:
> Thanks Michael, this did advance my progress. With “domain master = no”,
> “password server” set to the central server and “passdb backend” pointing
> to the local LDAP replica, my XP client now contacts the central SAMBA
> server when joining the domain. But now it is always logging on to the
> central server and not using the other, remote samba server at all (which
> honestly is in the same LAN in my testing environment). This is unwanted,
> partly because the logon script resides on the remote system and to reduce
> network traffic between client and central server (which would be fragile
> WAN traffic once rolled out).
>
> Is there any way I can influence to which server the client logs on to?
>
Windows will log on using what it considers the "closest" server. The
only way I know of to influence how "close" a server is considered is to
move it to another subnet.
>> My question is: When the remote SAMBA server only talks to its own local,
>>
>> read-only LDAP slave, how is it going to change user/machine passwords or
>>
>> add machine accounts (when joining the domain)?
>>
>> In my test setup an XP client inisisted on trying to join the BDC, failing
>>
>> because a) smbldap-tools is not installed or b) it could not write to the
>>
>> slave LDAP directory.
>>
Your read only slave should be able to return a referral to the master
when it gets a write request (at least that is how I remember it, it has
been a while since I have had to touch my LDAP setup).
*Michael Heydon - IT Administrator *
michaelh at jaswin.com.au <mailto:michaelh at jaswin.com.au>
More information about the samba
mailing list