<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Times New Roman; font-size: 12pt; color: #000000'>If clients directly hitting Directory server for auth, DNS round robin is sufficient, but if the hit to directory from a single host (say as in Oserome's case SAMBA PDC), it will hit the next server only after the TTL value got expired. Otherwise it will hit o the same server only. And for logging purpose it doesn't require Master, replica will be fine. ----- Original Message ----- From: "John A. Sullivan III" <jsullivan@opensourcedevel.com> To: "General discussion list for the Fedora Directory server project." <fedora-directory-users@redhat.com> Cc: fedora-directory-devel@redhat.com Sent: Friday, February 6, 2009 7:44:12 PM GMT +05:30 Chennai, Kolkata, Mumbai, New Delhi Subject: Re: [Fedora-directory-users] Challenges with Fedora DS Out of curiosity (I am still learning much about LDAP and DS), is a load balancer necessary or could it be done simply through round robin dns? For example, in our testing, we set up a replica ds. One is ldap01, the other is ldap02 and their certificates both have ldap as well as ldap01 or ldap01 in their subjAltNames. There are two entries in DNS for ldap - one pointing to ldap01 and the other to ldap02. Will such a setup work? For simply logging in, is a master necessary or can one use a read-only replica? Thanks - John On Fri, 2009-02-06 at 01:55 -0700, Premod Dev wrote: > Hi Oserome, > > Why cant you try as follows, > * Create multiple masters (multi master replication) > * Use a load balancer ( hardware or software ie like linux > virtual server) for load balance between these multi master > servers. > * Give a common fqdn in SAMBA which should resolve to load > balancer and rest will do the load balancer. > > Thanks, > Premod > > ----- Original Message ----- > From: "osereme.osobase" <osereme.osobase@gtbank.com> > To: fedora-directory-devel@redhat.com > Cc: fedora-directory-users@redhat.com > Sent: Wednesday, February 4, 2009 11:54:37 PM GMT +05:30 Chennai, > Kolkata, Mumbai, New Delhi > Subject: [Fedora-directory-users] Challenges with Fedora DS > > Hi, > > I currently use Fedora-DS integrated with Samba as my domain > controller in an organization with 141 offices. With only one domain > controller I am able to authenticate a user population of 5000 users, > however as my organization grows I have challenges daily with > authentication. Every morning users trying to logon to my Windows > domain keep getting errors while siging on and this frequently leads > to account lockouts and frustation of users. > > After going through your documentation on multiple load balanced FDS > server installation I still have all traffic coming to one server on > the network. My challenge is setting up FDS in the data centre on > multiple servers to authenticate my users while accommodating growth. > Is there any suggestion you can offer me or documentation where I can > go through setup of a centalized FDS cluster for a large user base? > > I will greatly appreciate any help you can proffer. > > Regards > > Osereme Osobase > Enterprise Infrastructure Support > Technology > GTBank Nigeria - http://www.gtbank.com > > -- Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan@opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society -- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users </div></body></html>