Topic: sync 2 ldaps, or config like master and slave with 2 sme7

[lucho115]

i have 2 sme 7 , one is a domain controler and its config in "server-only" mode, the other is mail server and its config in "server and gateway" mode.
I need to have the same user and password in the 2 servers, i was thinks in config the ldaps in master an slave mode, or in make an script to export and import data form one lpad to the other; anyway i dont know how to do it, but think that the first option is the one, because the 2 ldaps would be all the time synced.
Somebody knows how to do this kind of setup? or can helpme with tutorial or other material.
thks
bye

[CharlieBrady]

I need to have the same user and password in the 2 servers, i was thinks in config the ldaps in master an slave mode, or in make an script to export and import data form one lpad to the other;...

The ldap in SME does not contain any passwords, and isn't used for authentication. It's only a read-only user and group list.

[lucho115]

ok, i realise that when start to look at the sme internal, its uso passwd and smbpasswd, an the e-smith accounts.
SO my problem is still the same, i need to have 2 sme7 with the same user and password, and when i update the password of one ,its update the password of the same account in the other, thats posible?
I anybody knows, please helpme.
thks

bye

[Daniel B.]

Well, I'm looking to for a solution to this problem. I didn't take time to make research for now, but maybe there's a way, exporting the passwd file via yellow page service and setting one server to use the file of the other (you can set this in /etc/nsswitch.conf).
there's at least 3 problems:
 * I don't know if it's possible to do this for smbpasswd
 * I don't know if sme support yellow page
 * I don't know if there's security risk using this method

[lucho115]

i was thinking and leasen this:

In sme when you add, mod, remove, lock  a user a list of process update all the system users and passwords, OK?

So if we know who are these process, whe can run it in the second sme to do the same that in the first, THATS mean that we need and event action runing in both pcs that was in the list of process thats the action "x" run when a user is mod, or is created or deleted, CAN YOU UNDERSTAND ME?
I am going to start to find information to try to doit if anybody want help will be welcome .
thks
bye

[lucho115]

i found that using : "passwd %user" to change the password, and then:
signal-event password-modify,
ALL SME is updated with the new password.
SO if we use ypserver , the only that we have to do is run "signal-event password-modify" in the second PC.
TO DOIT we can do a cron task or better we can send a signal to the second PCs , so when it receive this signal it run "signal-event password-modify".
ITS look simple, know iam going to try to doit, if someone can sayme a way to do the second part in the best way, i will be thanksfull
bye

[lucho115]

ok, i realise that doesnt work, smbpasswd was no updated when i run "signal-event password-modify"

so, somebody knows how sme update the password for all the dbs?

[Snoopyski]

Hello,

Have you try a Master and Slave domain controler with SAMBA ? I think I found a HowTo about this... I need to look in my OLD Internet pages !!! if I find it I will let you know...

Snoopyski

[Daniel B.]

And what about synchronising the interesting file with rsync?
You could setup a cron job on both machin wich will copy the passwd, group, secret and smbpasswd files every minutes if it has been modified.
I'll try this solution this afternoon and I'll post the result

[lucho115]

ok, rsync is an option but we still need to update the sme database, and this only could be done by a local command , and a dont know who is
anybody knows=