samba - Dec 2009 - Ldap replication

Hi all,

i have a setup where by there is a PDC thats authenticating users
through ldap. i have several other BDCs' that are doing the
replication of the main server. am trying to setup the users to be
authenticated by the BDC but am not able to. Any suggestions will be
quite helpful

Regards
kevin

On 12/02/09 01:51, Kevin Kimani wrote:
> Hi all,
>
> i have a setup where by there is a PDC thats authenticating users
> through ldap. i have several other BDCs' that are doing the
> replication of the main server. am trying to setup the users to be
> authenticated by the BDC but am not able to. Any suggestions will be
> quite helpful
>
> Regards
> kevin
>    
Do you mean samba replication or ldap replication?

All DC's should be configured for
     security=user
     domain logons=yes
    passdb backend = ldapsam:ldap://yourldapserver



They don't actually have to point to the same ldap server-  they should 
be able to point to a replica ldap server (if that exists.)  The PDC 
would have to point either to a master LDAP server or a writable 
replica.   I have been setting this up with Sun Directory Server so I 
can't comment on OpenLDAP.

On each DC the " net getdomainsid" should show that the machine SID is
the same as the domain SID.

I would also make sure that the output of "net groupmap list" and 
"pbedit -Lv"  is the same on all DC's.

I would make sure that the following "net rpc user info" command is 
returning the same results from each DC.

e.g

# net rpc user info someuser  -U Administrator -S mypdc
Password:
Domain Users
Sales
Marketing
#


Make sure that all machines are using the same WINS server.   I have my 
PDC as the WINS server.

2009/12/2 Gaiseric Vandal <gaiseric.vandal at gmail.com>:
[...]
> Make sure that all machines are using the same WINS server. ? I have my PDC
> as the WINS server.
What needs to be done if the PDC fails?  Update the config on all the
machines to point to another WINS server?

-- 
Michael Wood <esiotrot at gmail.com>