[Date Prev][Date Next] [Chronological] [Thread] [Top]

multiple samba domains and ldap

I apologize if this has been addressed in a past posting, but I couldn't find anything that answered my question in the archives.
I'm looking to do a migration from WinNT4.0 Domain controllers to Samba 3.0 servers as Domain Controllers with LDAP. We have 3 NT domains (Red, Black, Green) in 3 separate sites with 2-way trusts between each Domain. We currently don't have LDAP in place except for the instance on Lotus Domino (I'll get to that later), and would we'd like to use OpenLDAP.
Reading up on implementing Samba with LDAP, it seems that the best practice is having the LDAP Master servers running on the PDCs and LDAP Slave servers on BDCs. (Now this is where my lack of LDAP knowledge has me stuck.)
Does it make sense to keep the NT Domain structure (3 Domains) Create one LDAP domain (using the Internet Naming Schema) dc=uhuru dc=com, and have the NT Domains correspond to Organizational Units: Red, Black,& Green. Will I have slurpd servers at each site, and a slapd at one?
Will that level of granularity get in the way if I wanted to have the Lotus Domino server use OpenLDAP for its address book?
Should that OU level of granularity be used at all for Samba? Does the Windows' NT Domain Model still make sense in lieu of LDAP and Samba, and does that Samba friendly LDAP setup still allow for such things as solaris and linux automounting (replacing nis), and allowing Domino addressbook lookups for authentication and messaging.
I checked the samba-ldap howto and it doesn't seem to answer this multi-domain problem- perhaps someone on this list has tackled this issue. Any insight into this will be much appreciated. I've posted a similar question to the samba list as well.

Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam