On Wed, 2007-01-31 at 17:52 -0800, Chuck Theobald wrote:
Hi,
Is it possible to run a non-PDC file server which references an
authentication server via the "password server" directive as a BDC to
the PDC? In short, I have one machine that serves as the LDAP auth
server and PDC for my domain. I have another machine that is the file
server and uses the aforementioned "password server" directive to
authenticate users. Now, I would like to run the file server as a BDC as
well. I have set up the file server as a slave LDAP server per Jerry's
"LDAP System Administration" book, and am working from John Terpstra's
chapter on Backup Domain Control.
My aim is to have the file server fail over to itself for both domain
control and authentication should my main LDAP server/PDC go offline.
Otherwise, the file server should reference the main server for both
domain control and authentication.
I guess the question boils down to: What should I have password server,
passdb backend, and security set to?
If your fileserver becomes a BDC, and holds a copy of the authentication
database in it's local LDAP slave, why should it ever contact the PDC?
What do you gain by adding load to the PDC to obtain information
available locally?
In any case, samba is either a DC or a member server, never some weird
mix between the two...
Andrew Bartlet