Hi, I want to set up SaMBa PDC and BDC with LDAP. I read the TOSHARG2, but don't understand something:
>Samba-3 cannot participate in true SAM replication and is therefore not able to employ >precisely the same protocols used by MS Windows NT4. A Samba-3 BDC will not create >SAM update delta files. Ok, I understand until that, but: >It will not interoperate with a PDC (NT4 or Samba) to synchronize >the SAM from delta files that are held by BDCs. >The BDC is said to hold a read-only of the SAM from which it is able to process network >logon requests and authenticate users. The BDC can continue to provide this service, >particularly while, for example, the wide-area network link to the PDC is down. So, when I have SaMBa PDC (with master LDAP) and BDC (with slave LDAP), can BDC update machine and/or user information or not? As I understood, only the LDAP solution is suitable for a PDC-BDC setup, because "domain member servers and workstations periodically change the Machine Trust Account password", so BDC has to update some data. As I understood, BDC can change at least Machine Trust Account passwords. Additional question: can a user change his/her login password, when he/she connected to the BDC (in case PDC is available and in case PDC is temporarily unavailable)? I read in TOSHARG2 too that in the BDC's smb.conf, I don't need user/group modification scripts, so I guess, I cannot add/modify them from the BDC. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
