[Samba] Samba AD auth - Backup?

Mark Adams mark at campbell-lange.net
Tue Mar 10 10:33:22 GMT 2009 

That's exactly what I was looking for -- Thanks!

On Mon, Mar 09, 2009 at 01:19:49PM -0500, Dale Schroeder wrote:
> Mark Adams wrote:
>> Hi All,
>>
>> I haven't received a response from anyone on this - Can anyone help?
>>
>> Is there any way to have samba simply use the current records stored in
>> /var/lib/samba/ if the password server(s) is unavailable?
>>   
> Have you already tried these parameters?
>    password server = server1, server2
>    winbind offline logon = Yes
>
> http://wiki.samba.org/index.php/PAM_Offline_Authentication
>
>> Best Regards,
>> Mark
>>
>> On Tue, Mar 03, 2009 at 12:41:35PM +0000, Mark Adams wrote:
>>   
>>> Thanks for the reply's.
>>>
>>> Is there anyway to have Samba just read whatever is in the database for
>>> the UID/GID map if the DC is not available? From my testing as soon as
>>> the DC is unavailable for any reason the ability to login ceases.
>>>
>>> Am I right in thining that by adding 2 x "kdc" selections to
>>> /etc/krb5.cfg I'm setting the 2 DC's to be used for lookups?
>>>     
> http://mailman.mit.edu/pipermail/kerberos/2002-November/002182.html
>>> Regards,
>>> Mark
>>>
>>> On Sun, Mar 01, 2009 at 03:15:33PM -0500, Ryan Bair wrote:
>>>     
>>>> Everything should be looked up by DNS. There's no notion of a PDC/BDC
>>>> in AD (although 2008 has readonly slaves I believe).
>>>>
>>>> On Fri, Feb 27, 2009 at 7:26 AM, Mark Adams <mark at campbell-lange.net> wrote:
>>>>       
>>>>> Hi All,
>>>>>
>>>>> I haven't been able to track down any info on this so would be
>>>>> appreciative of any input. Links to any info on this would also be
>>>>> appreciated.
>>>>>
>>>>> Samba 3.2.5, Debian 5.0
>>>>>
>>>>> Question 1;
>>>>> Is there any way of setting up a "backup" windows domain controller in
>>>>> the samba config? so if they main dc is not available, it automatically
>>>>> queries the backup?
>>>>>
>>>>> Question 2;
>>>>> What is the best way to back up the UID/GID map? and can it be easily
>>>>> imported back to a new install if the server fails for any reason.
>>>>>         
> In addition to backing up /var/lib/samba/*, consider a consistent idmap  
> backend, e.g.
>    idmap backend = rid:DOMAIN=10000-20000 (or whatever numbers you choose)
>
> Dale
>>>>> Thanks
>>>>> Mark
>>>>>         

-- 
Mark Adams
Technical Manager
mark at campbell-lange.net
.
Campbell-Lange Workshop
www.campbell-lange.net
0207 6311 555
3 Tottenham Street London W1T 2AF
Registered in England No. 04551928

More information about the samba mailing list