On Tuesday 03 May 2005 06:53, Paul Gienger wrote: > > I want to create BDC with smbpasswd backend, just because I run ldap > > master on the same machine as PDC and I don't think that using ldap > > backend will be far better for me. > > <snip> > > > I.e., looks like machines will not change their password when working > > with BDC (i.e. when PDC is down). > > > > Do I understand this right? > > That would appear to be the case. I guess you've found one good reason > (of the many) to use an LDAP backend where multiple servers are involved.
Samba-3 Domain Control has limitations that NT4 Domain Control does not have. With NT4 DC, the BDC will record SAM changes into a local delta file. When the PDC comes up again, at the first PDC trigger to the BDCs to send SAM updates to the PDC the PDC will collect the changes, apply them and then propogate them to all BDCs. Samba-3 does not at this time have this infrastructure. Samba-3 BDCs try to contact the LDAP server directly. So long as the master LDAP server can be contacted by the BDC the machine password change can be written, but if it is down, or can not be contacted the change will fail. In other words, in the absence of the PDC, the BDC can deal with machine account password changes so long as it can contact the master LDAP server. (Jerry, Any comments or corrections?) - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
