[Samba] Migration of 2 samba3 PDC+OpenLDAP in one new Samba4 AD
Marc Muehlfeld
mmuehlfeld at samba.org
Thu Apr 9 12:55:14 MDT 2015
Hello Denis,
Am 09.04.2015 um 15:37 schrieb Denis Cardon:
> could you please develop on that RODC support? I am very curious to know
> what should be working and what should not.
>
> Actually I've been using RODC with partial success: RODC join, user and
> machine account preload (with corresponding patch), dns update throught
> netlogon service on RWDC, connexion when RWDC is disconnected. It has
> been running in production in our datacenter for webapp authentication
> for months, albeit with some hicups. I has never been completly fine
> from a stability and reproductibility point of view, and I switched it
> back to RWDC earlier this week....
Do you need a real AD RODC for that case? Or do your services just need
to retrieve information via LDAP from AD? In the last case, you can
setup an openLDAP proxy with read-only access:
https://wiki.samba.org/index.php/Authenticating_other_services_against_AD#openLDAP_proxy_to_AD
Regards,
Marc
More information about the samba
mailing list