[K12OSN] Moving the primary LDAP/PDC functions

David Hopkins dahopkins429 at gmail.com
Fri Oct 12 23:06:58 UTC 2007 

I have been trying to figure out how to move the primary LDAP/PDC server to
a system which only acts as the LDAP/SMB PDC.  My biggest concern is that I
will have to rejoin all the Windows machines to the domain, and also have
other DOMAIN related issues.

What I have tried is to use the smbldap-installer scripts.  Since I am using
CentOS5, the script doesn't quite work for installing the correct rpms. It
uses the dag repositories. However, I removed the dag rpms and replaced them
with rpmforge rpms for those packages.  At that point, I had all the
required packages installed. Then, I used net getlocalsid on the existing
LDAP/PDC to get the DOMAIN sid.  I then used net setlocalsid on the system
that is to become the new PDC.  Finally, I ran smbldap-configure to enter
the rest of the information. In particular, I gave the new system the same
DOMAIN information.

I have run slapcat on the existing LDAP server with the intent of importing
everything to the new server, but I have duplicate entries. If I delete the
ldif entries from the slapcat'ed file that are the same as what the
smbldap-installer script created and then sladadd what is left, this should
leave me with a new system that can act as the new LDAP/SMB PDC.  I checked
the DOMAIN ldif info and it looks the same.  I tested with one account, and
I can log in on Linux with it. Without activating smb though, I can't verify
the Windows login.

So,  before I do this, I wanted to ask the list if they see anything wrong
with this approach, or is there a simpler approach?  For instance, I have a
slave ldap server running as well.  Is it possible to just make the slave
become the master, and also make it the PDC server as well?  In this case,
moving the ldap/pdc is just creating a slave replica and promoting it. I
haven't seen any notes on how to do this though.

Sincerely,
Dave Hopkins
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20071012/ae2fd9d4/attachment.htm>

More information about the K12OSN mailing list