Hello,
I would like to have a central LDAP-Server in my main office and a
replicated one in my satellite office, connected via VPN. Then I want my
SAMBA-PDC in the satellite to use the local LDAP. I think this should
end in:
READ
----
Samba <-> Replicate
WRITE
-----
Samba -> Replicate
<-referrer-
Samba <-> Central LDAP
Am I right with my assumption? Is this setup possible and advisable?
Cheers
Jochen
--
Jochen Witte <devnull@alpha-lab.net>
We do it like that; your writes actually will go 'straight' to the
master
LDAP (not Samba as your diagram shows).
The master LDAP is configured so that it updates the slave.
So, the master LDAP is the only writer to the slave. (via a referer)
It is as safe as your VPN (quite safe)
Kind regards
Bert De Ridder
PeopleWare NV - Head Office
Cdt.Weynsstraat 85
B-2660 Hoboken
Tel: +32 3 448.33.38
Fax: +32 3 448.32.66
PeopleWare NV - Branch Office Geel
Kleinhoefstraat 5
B-2440 Geel
Tel: +32 14 57.00.90
Fax: +32 14 58.13.25
http://www.peopleware.be
http://www.mobileware.be
Jochen Witte <devnull@alpha-lab.net>
Sent by: samba-bounces+bdr=peopleware.be@lists.samba.org
10/02/2005 11:13
To
samba@lists.samba.org
cc
Subject
[Samba] Replicated LDAP
Hello,
I would like to have a central LDAP-Server in my main office and a
replicated one in my satellite office, connected via VPN. Then I want my
SAMBA-PDC in the satellite to use the local LDAP. I think this should
end in:
READ
----
Samba <-> Replicate
WRITE
-----
Samba -> Replicate
<-referrer-
Samba <-> Central LDAP
Am I right with my assumption? Is this setup possible and advisable?
Cheers
Jochen
--
Jochen Witte <devnull@alpha-lab.net>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Jochen Witte wrote:>Hello, > >I would like to have a central LDAP-Server in my main office and a >replicated one in my satellite office, connected via VPN. Then I want my >SAMBA-PDC in the satellite to use the local LDAP. I think this should >end in: > >A very admirable goal. One thing about setting it all up, don't jump at everything at once. Make sure that your LDAP setup is good and tight before adding samba. That is, make sure that you've got your machines authenticating well with it, make sure replication is good, and you've got a secure (TLS) connection going first, if desired. ONLY after you have the underlying system running well should you layer on samba. -- -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Systems Architect Fax: 701-281-1322 URL: www.ae-solutions.com mailto: pgienger@ae-solutions.com