View previous topic :: View next topic |
Author |
Message |
petrjanda Veteran


Joined: 05 Sep 2003 Posts: 1557 Location: Brno, Czech Republic
|
Posted: Sun Jan 02, 2005 5:24 pm Post subject: Samba BDC??? |
|
|
How to set up samba as a Backup Domain Controller in case PDC fails? _________________ There is, a not-born, a not-become, a not-made, a not-compounded. If that unborn, not-become, not-made, not-compounded were not, there would be no escape from this here that is born, become, made and compounded. - Gautama Siddharta |
|
Back to top |
|
 |
barbar Guru

Joined: 16 Apr 2003 Posts: 397 Location: Austria
|
|
Back to top |
|
 |
moocha Watchman

Joined: 21 Oct 2003 Posts: 5722
|
Posted: Sun Jan 02, 2005 9:11 pm Post subject: |
|
|
If you're using Active Directory, forget it. You can try using samba-tng instead of samba, but note that it's not production quality software. Not by a long shot.
If your PDC is a Microsoft NT4 PDC, there's no way to do it.
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id2516969 wrote: | The following functionalities are not provided by Samba-3:
SAM replication with Windows NT4 Domain Controllers (i.e., a Samba PDC and a Windows NT BDC or vice versa). This means Samba cannot operate as a BDC when the PDC is Microsoft-based or replicate account data to Windows BDCs.
Acting as a Windows 2000 Domain Controller (i.e., Kerberos and Active Directory). In point of fact, Samba-3 does have some Active Directory Domain Control ability that is at this time purely experimental that is certain to change as it becomes a fully supported feature some time during the Samba-3 (or later) life cycle. However, Active Directory is more then just SMB it's also LDAP, Kerberos, DHCP, and other protocols (with proprietary extensions, of course). |
If your PDC is a Samba PDC, see http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/. _________________ Military Commissions Act of 2006: http://tinyurl.com/jrcto
"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
-- attributed to Benjamin Franklin |
|
Back to top |
|
 |
nobspangle Veteran


Joined: 23 Mar 2004 Posts: 1318 Location: Manchester, UK
|
Posted: Mon Jan 03, 2005 12:03 am Post subject: |
|
|
having a BDC doesn't help much if your PDC fails (unless you promote it to a PDC) they're more to help take the load off of the PDC on a large domain.
To use a PDC and BDC with samba you pretty much have to be using the LDAP backend, you can do it without but your domain will break very quickly as samba has no way of keeping the databases in sync. |
|
Back to top |
|
 |
petrjanda Veteran


Joined: 05 Sep 2003 Posts: 1557 Location: Brno, Czech Republic
|
Posted: Mon Jan 03, 2005 1:37 pm Post subject: |
|
|
The PDC is Samba 3.x.x. I know I need OpenLDAP server master on the PDC, and then slave LDAP server on the BDC. Im asking this: if PDC fails, will users still be able to domain logon through the BDC? I'm also planning nightly data replication over NFS, so they still have their files/profiles. _________________ There is, a not-born, a not-become, a not-made, a not-compounded. If that unborn, not-become, not-made, not-compounded were not, there would be no escape from this here that is born, become, made and compounded. - Gautama Siddharta |
|
Back to top |
|
 |
nobspangle Veteran


Joined: 23 Mar 2004 Posts: 1318 Location: Manchester, UK
|
Posted: Mon Jan 03, 2005 1:53 pm Post subject: |
|
|
if the PDC fails they will still be able to logon, but they would still be able to logon using cached data even if there wasn't a BDC.
I would use rsync to duplicate the netlogon share rather than messing around with NFS. |
|
Back to top |
|
 |
moocha Watchman

Joined: 21 Oct 2003 Posts: 5722
|
Posted: Mon Jan 03, 2005 5:09 pm Post subject: |
|
|
nobspangle wrote: | I would use rsync to duplicate the netlogon share rather than messing around with NFS. |
That's very wise advice! NFS can bring you a lot of headache, not to mention it adds unnecessary complexity to an already complex system. _________________ Military Commissions Act of 2006: http://tinyurl.com/jrcto
"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
-- attributed to Benjamin Franklin |
|
Back to top |
|
 |
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|