summaryrefslogtreecommitdiff
path: root/docs/htmldocs/samba-bdc.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/samba-bdc.html')
-rw-r--r--docs/htmldocs/samba-bdc.html62
1 files changed, 49 insertions, 13 deletions
diff --git a/docs/htmldocs/samba-bdc.html b/docs/htmldocs/samba-bdc.html
index ef06a89416..42f653fb7d 100644
--- a/docs/htmldocs/samba-bdc.html
+++ b/docs/htmldocs/samba-bdc.html
@@ -5,8 +5,7 @@
>How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.77+"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
@@ -14,7 +13,7 @@ REL="UP"
TITLE="Type of installation"
HREF="type.html"><LINK
REL="PREVIOUS"
-TITLE="How to Configure Samba as a NT4 Primary Domain Controller"
+TITLE="Samba as a NT4 or Win2k Primary Domain Controller"
HREF="samba-pdc.html"><LINK
REL="NEXT"
TITLE="Samba as a ADS domain member"
@@ -73,13 +72,17 @@ WIDTH="100%"></DIV
CLASS="CHAPTER"
><H1
><A
-NAME="SAMBA-BDC">Chapter 7. How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain</H1
+NAME="SAMBA-BDC"
+></A
+>Chapter 6. How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1127">7.1. Prerequisite Reading</H1
+NAME="AEN1274"
+></A
+>6.1. Prerequisite Reading</H1
><P
>Before you continue reading in this chapter, please make sure
that you are comfortable with configuring a Samba PDC
@@ -94,7 +97,9 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1131">7.2. Background</H1
+NAME="AEN1278"
+></A
+>6.2. Background</H1
><P
>What is a Domain Controller? It is a machine that is able to answer
logon requests from workstations in a Windows NT Domain. Whenever a
@@ -137,7 +142,9 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1139">7.3. What qualifies a Domain Controller on the network?</H1
+NAME="AEN1286"
+></A
+>6.3. What qualifies a Domain Controller on the network?</H1
><P
>Every machine that is a Domain Controller for the domain SAMBA has to
register the NetBIOS group name SAMBA#1c with the WINS server and/or
@@ -152,7 +159,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1142">7.3.1. How does a Workstation find its domain controller?</H2
+NAME="AEN1289"
+></A
+>6.3.1. How does a Workstation find its domain controller?</H2
><P
>A NT workstation in the domain SAMBA that wants a local user to be
authenticated has to find the domain controller for SAMBA. It does
@@ -169,7 +178,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1145">7.3.2. When is the PDC needed?</H2
+NAME="AEN1292"
+></A
+>6.3.2. When is the PDC needed?</H2
><P
>Whenever a user wants to change his password, this has to be done on
the PDC. To find the PDC, the workstation does a NetBIOS name query
@@ -183,13 +194,19 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1148">7.4. Can Samba be a Backup Domain Controller?</H1
+NAME="AEN1295"
+></A
+>6.4. Can Samba be a Backup Domain Controller to an NT PDC?</H1
><P
>With version 2.2, no. The native NT SAM replication protocols have
not yet been fully implemented. The Samba Team is working on
understanding and implementing the protocols, but this work has not
been finished for version 2.2.</P
><P
+>With version 3.0, the work on both the replication protocols and a
+suitable storage mechanism has progressed, and some form of NT4 BDC
+support is expected soon.</P
+><P
>Can I get the benefits of a BDC with Samba? Yes. The main reason for
implementing a BDC is availability. If the PDC is a Samba machine,
a second Samba machine can be set up to
@@ -200,7 +217,9 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1152">7.5. How do I set up a Samba BDC?</H1
+NAME="AEN1300"
+></A
+>6.5. How do I set up a Samba BDC?</H1
><P
>Several things have to be done:</P
><P
@@ -265,7 +284,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1169">7.5.1. How do I replicate the smbpasswd file?</H2
+NAME="AEN1317"
+></A
+>6.5.1. How do I replicate the smbpasswd file?</H2
><P
>Replication of the smbpasswd file is sensitive. It has to be done
whenever changes to the SAM are made. Every user's password change is
@@ -279,6 +300,21 @@ rsync. rsync can use ssh as a transport. ssh itself can be set up to
accept *only* rsync transfer without requiring the user to type a
password.</P
></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN1321"
+></A
+>6.5.2. Can I do this all with LDAP?</H2
+><P
+>The simple answer is YES. Samba's pdb_ldap code supports
+binding to a replica LDAP server, and will also follow referrals and
+rebind to the master if it ever needs to make a modification to the
+database. (Normally BDCs are read only, so this will not occur
+often).</P
+></DIV
></DIV
></DIV
><DIV
@@ -325,7 +361,7 @@ ACCESSKEY="N"
WIDTH="33%"
ALIGN="left"
VALIGN="top"
->How to Configure Samba as a NT4 Primary Domain Controller</TD
+>Samba as a NT4 or Win2k Primary Domain Controller</TD
><TD
WIDTH="34%"
ALIGN="center"