<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Times New Roman; font-size: 12pt; color: #000000'>If clients directly hitting Directory server for auth, DNS round robin is sufficient, but if the hit to directory from a single host (say as in Oserome's case SAMBA PDC), it will hit the next server only after the TTL value got expired. Otherwise it will hit o the same server only.<br><br>And for logging purpose it doesn't require Master, replica will be fine.<br><br><br>----- Original Message -----<br>From: "John A. Sullivan III" <jsullivan@opensourcedevel.com><br>To: "General discussion list for the Fedora Directory server project." <fedora-directory-users@redhat.com><br>Cc: fedora-directory-devel@redhat.com<br>Sent: Friday, February 6, 2009 7:44:12 PM GMT +05:30 Chennai, Kolkata, Mumbai, New Delhi<br>Subject: Re: [Fedora-directory-users] Challenges with Fedora DS<br><br>Out of curiosity (I am still learning much about LDAP and DS), is a load<br>balancer necessary or could it be done simply through round robin dns?<br>For example, in our testing, we set up a replica ds. One is ldap01, the<br>other is ldap02 and their certificates both have ldap as well as ldap01<br>or ldap01 in their subjAltNames. There are two entries in DNS for ldap<br>- one pointing to ldap01 and the other to ldap02. Will such a setup<br>work?<br><br>For simply logging in, is a master necessary or can one use a read-only<br>replica? Thanks - John<br><br>On Fri, 2009-02-06 at 01:55 -0700, Premod Dev wrote:<br>> Hi Oserome,<br>> <br>> Why cant you try as follows,<br>> * Create multiple masters (multi master replication)<br>> * Use a load balancer ( hardware or software ie like linux<br>> virtual server) for load balance between these multi master<br>> servers.<br>> * Give a common fqdn in SAMBA which should resolve to load<br>> balancer and rest will do the load balancer.<br>> <br>> Thanks,<br>> Premod<br>> <br>> ----- Original Message -----<br>> From: "osereme.osobase" <osereme.osobase@gtbank.com><br>> To: fedora-directory-devel@redhat.com<br>> Cc: fedora-directory-users@redhat.com<br>> Sent: Wednesday, February 4, 2009 11:54:37 PM GMT +05:30 Chennai,<br>> Kolkata, Mumbai, New Delhi<br>> Subject: [Fedora-directory-users] Challenges with Fedora DS<br>> <br>> Hi,<br>> <br>> I currently use Fedora-DS integrated with Samba as my domain<br>> controller in an organization with 141 offices. With only one domain<br>> controller I am able to authenticate a user population of 5000 users,<br>> however as my organization grows I have challenges daily with<br>> authentication. Every morning users trying to logon to my Windows<br>> domain keep getting errors while siging on and this frequently leads<br>> to account lockouts and frustation of users.<br>> <br>> After going through your documentation on multiple load balanced FDS<br>> server installation I still have all traffic coming to one server on<br>> the network. My challenge is setting up FDS in the data centre on<br>> multiple servers to authenticate my users while accommodating growth.<br>> Is there any suggestion you can offer me or documentation where I can<br>> go through setup of a centalized FDS cluster for a large user base?<br>> <br>> I will greatly appreciate any help you can proffer.<br>> <br>> Regards<br>> <br>> Osereme Osobase<br>> Enterprise Infrastructure Support<br>> Technology<br>> GTBank Nigeria - http://www.gtbank.com<br>> <br>> -- Fedora-directory-users mailing list<br>> Fedora-directory-users@redhat.com<br>> https://www.redhat.com/mailman/listinfo/fedora-directory-users<br>> --<br>> Fedora-directory-users mailing list<br>> Fedora-directory-users@redhat.com<br>> https://www.redhat.com/mailman/listinfo/fedora-directory-users<br>-- <br>John A. Sullivan III<br>Open Source Development Corporation<br>+1 207-985-7880<br>jsullivan@opensourcedevel.com<br><br>http://www.spiritualoutreach.com<br>Making Christianity intelligible to secular society<br><br>--<br>Fedora-directory-users mailing list<br>Fedora-directory-users@redhat.com<br>https://www.redhat.com/mailman/listinfo/fedora-directory-users<br></div></body></html>