On Mon, 2004-02-09 at 07:35, J�r�me Tournier wrote:
> Hi all !
> In the samba-Howto, i was looking on informations on how to set up
> both a samba PDC and a samba BDC controller with ldap backend.
> I can read:
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Do not install a Samba PDC on a OpenLDAP slave server...
> Possible PDC/BDC plus LDAP configurations include:
> . PDC -> LDAP master server, BDC -> LDAP slave server.

I have removed this comment.  With the addition of the 'ldap replication
sleep' parameter, this can be made to work quite well.

> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> 
> And now i am wondering this questions :
> . if the samba DBC contain the following configuration
>   => passdb backend = ldapsam:"ldap://slave.quenya.org ldap://master.quenya.org";
>   will samba store informations in the master ldap server or will it fail ?

This will work fine.  Samba will talk to the master for updates.  Set
'ldap replication sleep' to the amount of time you expect the slave to
take to catch up to reality.  (Oh, and I know that's dody, but better
ideas haven't yet been implemented).

>   Or is it necessary to put the master ldap server first like this :
>   => passdb backend = ldapsam:"ldap://master.quenya.org ldap://slave.quenya.org";
> . can i install a samba BDC with a ldap slave server ? Yes you will answer me
>   but in the case where the master ldap server is unreachable, where does
>   the samba BDC will store new informations (Machine Trust Account password
>   for example wich are periodically changed)

In the configuration, if the master cannot be reached, the slave will be
contacted as a read-only backup.  Updates will fail.

Andrew Bartlett

-- 
Andrew Bartlett                                 [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org     http://build.samba.org     http://hawkerc.net

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to