[Samba] Samba4 Secondary DC as Backup DC (redundancy)
Daniel Carrasco Marín
danielmadrid19 at gmail.com
Wed Jun 24 03:12:09 MDT 2015
2015-06-23 20:47 GMT+02:00 Daniel Carrasco Marín <danielmadrid19 at gmail.com>:
>
> El 23/6/2015 8:33 p. m., "Sketch" <smblist at rednsx.org> escribió:
> >
> > On Tue, 23 Jun 2015, Rowland Penny wrote:
> >
> >> On 23/06/15 18:58, Daniel Carrasco Marín wrote:
> >>>
> >>> Hi,
> >>>
> >>> I've sucessfull created a secondary DC using the wiki manual (
> >>> https://wiki.samba.org/index.php/Join_a_domain_as_a_DC), and is
> working
> >>> perfectly, user and groups are synced on both and I can use any of
> them
> >>> for
> >>> login using clients like Owncloud, Prosody, python scripts...
> >>>
> >>> Now my question is: ¿how I can use that secondary DC as backup when
> the
> >>> main fails?.
> >>
> >>
> >> If it is by DHCP, then the dhcp server needs to push out both DCs as
> nameservers, if static, then each client needs to be set to use both DCs as
> nameservers.
> >
> >
> > His quetion is a bit vague, but I would also assume he is using LDAP for
> authentication on Owncloud, etc. In that case, he also needs LDAP to fail
> over. Generally, you can just point LDAP clients at "your.ADdomain.com"
> (whatever it is), which resolves to the IP addresses of all of your DCs. If
> they fail to connect, they will usually retry and get another address, and
> connect to a different DC.
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
> Thanks!!
>
> Yes, i forgot to say that the clients are windows 7 clients. On my
> owncloud server i can put both LDAP servers then i think that if main fails
> it will check the secondary (i've not tried yet).
>
> Greetings!!
>
Thanks Rowland,
Finally is working. Now when i run a "nslookup domain.com" or "host
domain.com" i get both IP addresses, and if i stop the main DC all still
working without problem. Even the command "nltest /dsgetdc:domain" shows
how the Windows machine is using the secondary DC.
One quesiton: ¿Can i add more DC as backup using the same steps?.
Of course all cannot be perfect, and now I've a python script with a weird
problem: When i use secure ldap i can't query to root using base DN
("DC=domain,DC=com"). I only can if I use an OU in base DN
("OU=Users,DC=domain,DC=com"). All works if I use normal ldap.
Someone knows a way to query to root using an OU in base DN?
Greetings!!
More information about the samba
mailing list