Software: OS: Redhat 9 Samba Ver: Samba 3.0.0 (Plus excel writelock patch, waiting for 3.0.2!) OpenLDAP Ver: 2.0.27-8 Just a quick question about PDC / BDC interaction, my plan is to distribute Samba (with slave ldap backend) BDCs to remote facilities, as well as have one on each network segment in the hopes of avoiding unnecessary nmb broadcast traffic. My question is this: Will the PDC / BDC(s), acting as master browsers for their segments, exchange netbios information (i.e. netbios names, browsing info, etc.) via nmb? Or do they exchange this information via tcp? Or at all for that matter? Also as a complete sidenote, what I think would be a nifty feature: (This would only be useful to those running an ldap backend (possibly mysql?) When setting an account to disabled, have an option to set the loginShell attribute to something, such as /sbin/nologin (Should be configurable of course). Should be a fairly trivial thing.. just altering another attribute, if my C foo wasn't so weak I might attempt to add this feature myself. Just a possible suggestion :) As always, big kudos to the Samba Team, thanks for your time folks. -- Cy
On Tue, 2004-01-27 at 08:44, Cybr0t McWhulf wrote:> Software: > OS: Redhat 9 > Samba Ver: Samba 3.0.0 (Plus excel writelock patch, waiting for 3.0.2!) > OpenLDAP Ver: 2.0.27-8 > > Just a quick question about PDC / BDC interaction, my plan is to distribute > Samba (with slave ldap backend) BDCs to remote facilities, as well as > have one on each network segment in the hopes of avoiding unnecessary > nmb broadcast traffic. > > My question is this: Will the PDC / BDC(s), acting as master browsers > for their segments, exchange netbios information (i.e. netbios names, > browsing info, etc.) via nmb? Or do they exchange this information via > tcp? Or at all for that matter?If they can't see each other, they will not exchange it at all. If it is intended that they not see each other, you may set each up as a 'PDC' on each site.> Also as a complete sidenote, what I think would be a nifty feature: > (This would only be useful to those running an ldap backend (possibly > mysql?) > When setting an account to disabled, have an option to set the loginShell > attribute to something, such as /sbin/nologin (Should be configurable of > course). Should be a fairly trivial thing.. just altering another > attribute, if my C foo wasn't so weak I might attempt to add this > feature myself. Just a possible suggestion :)We would rather not modify attributes that are not mandated by our schema, but I would certainly look favourably on a patch that allowed integrated updates with things like posixAccount and the shadow attributes. (The problem with setting a shell to /sbin/nologin is deciding what to set it back to...) Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040127/c206d627/attachment.bin
Sorry, that was a bit vague, my apologies. My real question is, in the event where netbios is not being passed between network segments (In this particular case, a WAN), where the PDC is at one site, and the BDC is at another, are there any provisions for failover? Or am I just going to have to run them both as PDC's for their network segment? Thanks again for your time, I really appreciate it. -- Cy> Date: Tue, 27 Jan 2004 18:34:04 +1100 > From: Andrew Bartlett <abartlet@samba.org> > To: Cybr0t McWhulf <cybre@killcybre.org> > Cc: samba@lists.samba.org > Subject: Re: [Samba] PDC/BDC Questions > > On Tue, 2004-01-27 at 08:44, Cybr0t McWhulf wrote: > > Software: > > OS: Redhat 9 > > Samba Ver: Samba 3.0.0 (Plus excel writelock patch, waiting for 3.0.2!) > > OpenLDAP Ver: 2.0.27-8 > > > > Just a quick question about PDC / BDC interaction, my plan is to distribute > > Samba (with slave ldap backend) BDCs to remote facilities, as well as > > have one on each network segment in the hopes of avoiding unnecessary > > nmb broadcast traffic. > > > > My question is this: Will the PDC / BDC(s), acting as master browsers > > for their segments, exchange netbios information (i.e. netbios names, > > browsing info, etc.) via nmb? Or do they exchange this information via > > tcp? Or at all for that matter? > > If they can't see each other, they will not exchange it at all. If it > is intended that they not see each other, you may set each up as a 'PDC' > on each site. > > > Also as a complete sidenote, what I think would be a nifty feature: > > (This would only be useful to those running an ldap backend (possibly > > mysql?) > > When setting an account to disabled, have an option to set the loginShell > > attribute to something, such as /sbin/nologin (Should be configurable of > > course). Should be a fairly trivial thing.. just altering another > > attribute, if my C foo wasn't so weak I might attempt to add this > > feature myself. Just a possible suggestion :) > > We would rather not modify attributes that are not mandated by our > schema, but I would certainly look favourably on a patch that allowed > integrated updates with things like posixAccount and the shadow > attributes. (The problem with setting a shell to /sbin/nologin is > deciding what to set it back to...) > > Andrew Bartlett > > -- > Andrew Bartlett abartlet@pcug.org.au > Manager, Authentication Subsystems, Samba Team abartlet@samba.org > Student Network Administrator, Hawker College abartlet@hawkerc.net > http://samba.org http://build.samba.org http://hawkerc.net >