On 01/11/10 09:31, Rob Shinn wrote:
Alberto Moreno wrote:
Is possible to sync both ldap servers every time I change something
in ldap? or a better way to do it?Alberto Moreno wrote:
You could probably do this with OpenLDAP's syncrepl replication
facility. You may also wish to consider combining everything into one
LDAP database, containing two different Samba domains, with a common
OU for user accounts. You could keep the LDAP servers as they are,
just set up one as a secondary LDAP server using syncrepl. That would
have the advantage of centralizing everything and ease user
administration, since users created in one domain would automatically
be included in both.
Without knowing the specifics, however, it's hard to say to which way
would be best.
I don't think one user in LDAP could be in two different domains- each
user has to have a distinct SambaSID entry.
I use Sun's Directory Server for my LDAP backend- it was already in
place for another project which is why I went with it rather than with
OpenLDAP. It supports replication between ldap servers and has a GUI
for setting up the replication parameters. Although, too be fair,
there is a bit of a learning curve with this product.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
