Re: [SOGo] Outlook Integration / Active Directory

Thu, 11 Oct 2012 00:00:37 -0700 

On 10.10.2012 16:30, Wolfgang Sourdeau wrote:






I do understand the part with the Exchange schema, and installing the
demo is a nice trick. However "mirror domain controller" is not a term
I'm familiar with, and it doesn't exist in the samba4 documentation
either :) So, I'm sorry if that's a dumb question, but what exactly are
you referring to?



No, that term is my own invention. In previous versions of Windows 
(NT) servers, you had the concept of "Primary" and "Backup" domain 
controllers (PDC, BDC). With versions >= 2003 (I think, it could even 
be 2000), since MS started to use an ldap implementation named "active 
directory", the role of what used to be a "BDC" no longer exists. So 
you can only have one or many domain controllers. In fact, you will 
always have a "master", since this is the one you will likely 
reference when using its ip, but basically, all domain controllers 
handling the same domain will be replicas, hence my naming of 
"mirror". Because here, the goal is that the domain controller handled 
on the OpenChange machine should not be modified locally.





Aha! So do I understand this correctly: Although the documentation that 
" joining Samba 4 to your Active Directory domain as a member will 
currently not work", the actual process of joining the domain with 
samba4 as another DC actually DOES work, but will break if you use any 
of the samba tools to actually manager users, but I'll be fine as long 
as all changes in the directory happen exclusively through the 
replication with the existing domain? That would be okay ... in fact 
that's how I was planning to do it anyways :)



I'd love to set up samba4 as read-only domain controller - something 
that samba claims to partially support, but the last documentation 
update seems to be from 2010, and I'm not quite sure how usable that 
feature has become by now. One document says "it's in its very infancy", 
but another document lists all except one "to do" item as "finished". 
Not quite sure what to make of that. Has anybody here ever tried it?


best regards,

Sven


--
users@sogo.nu
https://inverse.ca/sogo/lists






















					Reply via email to