Hello, I have a rather experimental question to ask. I know that under standard circumstances, that you cannot have multiple PDC for a single domain, as they will conflict with each other. I am dealing with a case of a school district, where there are multiple buildings.There are T-1s that tie together each of the buildings, then a bonded T-1 grants access to the internet through the main admin building. They would like to have a single domain, but would like to keep T-1 traffic to a minimum. They also want to continue with service when T-1 outages occur. What I was wondering is, if this could be made possible.. a PDC at each building, that ties into a slave LDAP server. At the Administration Building, There is a master LDAP Server. Optimally, if the Administration building could have a single BDC (Obviously, BDC functionality would only be available when T-1 connectivity is functioning), that would be great. I am wondering if this could somehow be accomplished with intelligent usage of nmbd services keeping PDC selection problems out of the way.. Optimally, having a method of a full mapping of all hosts via nmbd would be the best scenario, proxying to a central wins server. I fear that may result in PDC in-fighting.. Thanks to any clever, savvy person who can help, -- Matt Schillinger mschilli@vss.fsi.com
Am Fr, 2003-09-12 um 22.51 schrieb Matt Schillinger:> Hello, > > I have a rather experimental question to ask. > > I know that under standard circumstances, that you cannot have multiple > PDC for a single domain, as they will conflict with each other. > > I am dealing with a case of a school district, where there are multiple > buildings.There are T-1s that tie together each of the buildings, then a > bonded T-1 grants access to the internet through the main admin > building. They would like to have a single domain, but would like to > keep T-1 traffic to a minimum. They also want to continue with service > when T-1 outages occur. > > What I was wondering is, if this could be made possible.. > > a PDC at each building, that ties into a slave LDAP server.The only way to archive this, would be to hide those PDCs from each other. So you would have to block ports 137-139 at each T1 router.> At the Administration Building, There is a master LDAP Server. > > Optimally, if the Administration building could have a single BDC > (Obviously, BDC functionality would only be available when T-1 > connectivity is functioning), that would be great. > > I am wondering if this could somehow be accomplished with intelligent > usage of nmbd services keeping PDC selection problems out of the way.. > Optimally, having a method of a full mapping of all hosts via nmbd would > be the best scenario, proxying to a central wins server. I fear that may > result in PDC in-fighting..I have to admit that I don't see why you can't live live one PDC and X BDCs. You would have construct your LDAP servers this way anyway. If a PDC goes down (or the connection breaks) the BDC would still be able process logons on his own. ciao Dariush