[Samba] LDAP BDC- Classic Domain

Denis Cardon dcardon at tranquil.it
Thu Mar 8 08:00:06 UTC 2018 

Hi Praveen,

> We're trying to add a  BDC in Samb4 classic domain setup.  The Samba
> 3 How -To and Samb3 by Example covers this but uses the old
> slapd.conf option, we are using the slapd.d config. I couldn't find
> a similar document for Samba4
>
> Can you please advise that the following steps will work?  LDAP in
> the existing PDC is working using the smbldap tools
>
>
> -          Setup the LDAP in BDC exactly like the PDC, including the
> ldifs.
>
> -          Copy the /etc/passwd and /etc/groups from PDC to BDC
>
> -          Remove the contents of the /var/lib/samba in BDC
>
> -          Run the smbpasswd -a in BDC
>
> -          net rpc getsid in BDC
>
> -          Do we need join the BDC to the domain? If so , does the
> smb.conf in BDC will only have the following in the smb.conf before
> the join? The confusion on my part is if the machine is already a
> BDC with smb.conf stuff does it have to be added to the domain?

If the two servers are not on the same network subnet, then you can
configure your BDC the same way as your PDC with a multi-master LDAP
configuration. It works great (at least it worked great when it was 
still in production, now it is upgraded to Samba-AD :-)

And you shouldn't need to add your users to /etc/passwd and /etc/group 
if your /etc/nsswitch.conf is properly configured (provided that you 
have uidnumber and gidnumber in your LDAP).

Cheers,

Denis




>
> workgroup = LIN
>
> netbios name = LIN-BDC
>
> password server = LIN-PDC
>
> security = domain
>
> client ipc signing = auto
>
> -          If not then do we setup smb.conf with the whole ldap
> settings ? passdb backend = ldapsam : ldap: //LIN-PDC.LIN
>
> -          How do we sync the ldap settings? Consumer-Provider
> model? Setting up ldifs.
>
> -          This is more a general question about BDC. The PDC has
> folders that have been shared. If we changed BDC to PDC, how will
> the folders be shared? If we define the shares in the BDC do we then
> have to go //unc path of the share?
>
>
> Regards,
>
> Praveen Ghimire
>

-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil.it

Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr

More information about the samba mailing list