[CentOS] Samba PDC + BDC using LDAP

Fri Jul 30 14:16:24 UTC 2010
Craig White <craigwhite at azapple.com>

On Fri, 2010-07-30 at 16:11 +0530, Basil Kurian wrote:
> I am trying to implement Samba Domain Controller with replication
> using LDAP . 
> My intention is to create two Samba DC servers with LDAP backend ,
> then to set one as master and other as slave , then replicate LDAP
> database  in master to slave
> I shutdown second samba server  and only first samba DC was running .
> Then I added one XP client to first samba server , I can successfully
> logged in to the domain
> Then I shutdown first server and  started second server (every
> settings in first and second server is same . Also the ID is set to
> same value using setlocalid command )
> but the xp can't login to the domain .. 
> please help me to figure out the problem
> I documented every thing in a wiki ....... please go through the
> steps .........
> http://wiki.basil-kurian.co.cc/index.php/SMB_DC_WITH_REPLICATION
didn't bother looking at the wiki but...

Only the PDC should have a localsid and domainsid that are the same. The
BDC should be joined to the domain and will have a different localsid.

It would seem that your LDAP needs to support multi-master replication
so 'writes' could happen at either the PDC or the BDC and LDAP will
handle the sync'ing of the changes.

You can look at the logs in the samba log directory for whichever
machine is having a problem logging in to determine the reason for the
login failure.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.