Rob, I am curious if you think an extension of this idea might work to centrally control and manage many domains?
Mothership LDAP [Hosted Highly Redundant setup] - Domain 1 (SyncRepl only portion of LDAP) - Domain 2 (SyncRepl only portion of LDAP) ... - Domain 26 (SyncRepl only portion of LDAP) Ideally each local subnet might also be VPNed up to the mothership so that local machines could still authenticate (slowly) if the local PDC were unavailable. Long term each domain would be Samba4 based and fully AD ready. Would love to discuss this idea with someone familiar with multi-domain setups like this. thanks, Larry -----Original Message----- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Rob Shinn Sent: Monday, January 11, 2010 9:33 AM To: Alberto Moreno Cc: samba@lists.samba.org Subject: Re: [Samba] samba+ldap two domains db sync? Alberto Moreno wrote: > Is possible to sync both ldap servers every time I change something > in ldap? or a better way to do it?Alberto Moreno wrote: You could probably do this with OpenLDAP's syncrepl replication facility. You may also wish to consider combining everything into one LDAP database, containing two different Samba domains, with a common OU for user accounts. You could keep the LDAP servers as they are, just set up one as a secondary LDAP server using syncrepl. That would have the advantage of centralizing everything and ease user administration, since users created in one domain would automatically be included in both. Without knowing the specifics, however, it's hard to say to which way would be best. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba