Buchan Milne wrote: > C.Lee Taylor wrote: > > OK, I stayed a bit late, waiting for things to finish compiling etc ... > and did some tests. It seems to work. What I did was just point the > production DC at a slave server, and then > > 1)try and change my password > a)while both ldap servers were running (works) > b)while only the slave is running (doesn't work) > c)while only the master is running (doesn't work) > > 2)connect to my homes share > a)while both servers were running (works) > b)while only the slave was running (works) > c)while only the master is running (doesn't work) > > So, it seems to be all correct, but it would be nice to have ldap > failover (multiple ldap servers listed in smb.conf?), but not absolutely > necessary. Now our WAN setup should work! >
Well, not quite. I did a new test, this time with: ldap/pdc: master ldap server and original dc bgmilne: slave ldap hercules: slave ldap, 2nd dc thinkpad1: win2k/linux dual-boox client pdc, hermes and hercules are on the same net, thinkpad1 is on a crossover cable with hercules. I could authenticate to hercules after doing the ldap setup only (did not join hercules to the domain, just imported the domain SID). However, I could not change the password, either from win2k, or from the commandilne on hercules (smbpasswd -r hercules). I will go through the unav.es howto again and see if I have missed soemthing. Also, for some reason the profile didn't work. It's not specificed in LDAP, but works on PDC when in the normal net. Ditto for login scripts. The shares defined in hercules's smb.conf are accessible after login though (but profiles are on root-squashed NFS to pdc, could be the issue). Failover (ldap server = bgmilne ldap) seems to work, but wasn't tested extensively. Regards, Buchan -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba