Quote:
Originally Posted by gtr33m  Does this mean that I have openldap setup on the second server, or is it authenticating against the PDC using it's ldap. I would guess that it's the later, but not sure why I copy /etc/ldap over.
The second machine is currently running zimbra, but will be decomissioned as the new one is brought online, so copying /etc/ldap over will be fine, but I don't want to screw up the current zimbra install until then. |
Hmm... it was under my impression that the first server was running both Samba PDC and Zimbra.
This is how it works :
Zimbra has an LDAP server which has all the users with their password. The Samba PDC uses the Zimbra LDAP server to lookup users and check passwords. Since it's a PDC it will handle Windows logons. That is basically the only difference between a normal Samba server and a Samba PDC. When a normal Samba server then has to check users/passwords when they access the shares, it will use the same process as the Samba PDC. It will look up in the Zimbra LDAP server. It's not excactly a BDC since it doesn't have anything to do with the Window logon process.
Compared to a Windows setup the second server doesn't need to join the domain and have a good relation to the PDC to do lookups. You can stop the Samba PDC server and the secondary servers will still be able to authenticate users for shares, as long as the Zimbra LDAP is running.