[Fedora-directory-users] Replication Possibilities

Eddie C edlinuxguru at gmail.com
Mon Mar 19 14:06:47 UTC 2007 

I can not give an authoritative answer, but if your active directory is 2003
server your active directory itself is multimaster ( no more PDC and SDC ).
It seems theorically possible to install active directory sync on both nodes
but leave it running only on one domain controller. Something like this:


AD2 <-> AD1
        |
LoadBalancer
        |
FD2 <->FD1

Here are some maybes. The configuration of the winsync agreements might have
issues communicating with a proxy or load balanced LDAP server. Also I do
not know of any HA product that would be able to fail winsync on a windows
server.

On 3/19/07, Paxton, Darren <darren.paxton at mercer.com> wrote:

> Hi again all,
>
> Managed to get myself to a  pretty good place with my configuration, but
> would appreciate another pointer from yourselves.
>
> Currently I have the system up and running with two servers (master1 and
> master2) in a 2-way multi-master replication mode.
>
> Master1 also has a Windows Synchronisation Agreement with adserver1, which
> is also working, however it is working in a two-way mode, propagating
> changes made on the Fedora Directory back to Active Directory.
>
> Unfortunately, our current strategy is to have Active Directory as the
> single Directory for user management so as to make our Service Desk more
> efficient. We also have a policy of removing all single points of failure
> from within our enterprise, therefore I was looking at having two windows
> sync agreements from two Fedora Master servers to two different members of
> the same Active Directory.
>
> The two Fedora Servers would also obviously need to be in sync (hence the
> multi-master setup) but probably with a number of read-only consumer servers
> dotted around the globe.
>
> The question, therefore, is what would be the best way in terms of
> replication design, to achieve this objective?
>
> Basically, I want to achieve the following:
>
> AD2 -> FD2 <-> FD1 <- AD1
>             / |              |\
>           /   |              |  \
>         V   V             V  V
>     FD3   FD4     FD5  FD6
>
> Thanks in advance for any assistance you can provde.
>
> Cheers
>
> Darren
>
>
>
> This e-mail and any attachments may be confidential or legally
> privileged.If you received this message in error or are not the intended
> recipient, you should destroy the email message and any attachments or
> copies, and you are prohibited from retaining, distributing, disclosing or
> using any information contained herein. Please inform us of the erroneous
> delivery by return e-mail. Thank you for your co-operation.
>
> Mercer Human Resource Consulting Limited is authorised and regulated by
> the Financial Services Authority. Registered in England No. 984275.
> Registered Office: 1 Tower Place West, Tower Place, London, EC3R 5BU.
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070319/03436411/attachment.htm>

More information about the Fedora-directory-users mailing list