rruegner wrote:
let me explain....if you have conected smb ldap master pdc with
a vpn ( ie. Openvpn ) to a bdc smb ldap slave and if the vpn
brakes , win clients from the vpn network are working with
the last entries from the slave ldap.
As in the blackout period the pdc isnt exist and the bdc ldap slave is not writeable , you cant make any changes ( like bringing up new machines on the fly, chnage passwords etc )until the vpn is up again to the pdc ldap master.
This belongs to the fact that a bdc is read only.
This is my understanding....and practised...or do you now something
other workaround? ( which might be possible with ldap in principal, but will end in heavly syncing the ldap directory in network blackout periods )
I've been watching this thread since I'm looking at implementing backup servers at two remote sites next week. Could I just clarify what I believe happens :
During a network break :
Clients at the remote site will be reliant on the backup servers, but for obvious reasons will not be able to update the LDAP server.
During normal operations :
Clients can use any of the servers for authentication etc. If a change is made via one of the remote servers, then it is either replicated or redirected to the primary LDAP server depending on the LDAP setup.
Is this correct ?
Simon
-- Simon Hobson MA MIEE, Technology Specialist Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101
Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
