I would suggest that putting the PDC and LDAP server on the same machine does make sense, since they are (from the point of view of windows clients) so closely integrated. It is correctly that if you have the both services on the same machine, then if that machine goes down you lose both functionality. However, if the PDC and LDAP server are on separate machines, if the LDAP server goes down your PDC server is effectively disabled anyway.
If you want redundancy I suggest configuring two machines- each machine is an LDAP server (with replication enabled) and each machine is a samba domain controller (1 PDC and 1 or more BDC's.) -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Rob Townley Sent: Sunday, August 01, 2010 7:26 PM To: John Drescher Cc: [email protected]; masatheesh Subject: Re: [Samba] Need suggestion for domain controller Please elaborate on why you do not like OpenLDAP and SambaPDC same machine? RedHat sponsored FreeIPA.org does Samba, 389 ldap, Dns, pki all on one machine. So does win ads. On 7/31/10, John Drescher <[email protected]> wrote: >> I wish to establish domain controller based on Centos 5.x.I am >> considering below setups. >> >> 1) Samba PDC >> 2) OpenLDAP >> 3) Combination of Samba PDC + LDAP >> >> I am confused to select one among above.Can anyone please suggest me? > > All are valid. I mean when setting up a samba domain with open ldap > you should have at least 1 machine that is a PDC and at least 1 > machine that has openldap on it. Unless this is a home install I > believe you should have at least 2 of each. The choice of how to > combine these services is up to the user. For my department (of less > than 50 users but 30TB of raid on a 100% gigabit network) I have 3 DCs > and 3 openldap servers. At the moment they are PDC + Openldap. Also > since I have no user shares on the domain controllers (all data is on > dual / quad core domain member servers) I have these as guests under a > vps (openvz or lxc). > > John > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
