I can not give an authoritative answer, but if your active directory is 2003
server your active directory itself is multimaster ( no more PDC and SDC ).
It seems theorically possible to install active directory sync on both nodes
but leave it running only on one domain controller. Something like this:
AD2 <-> AD1
|
LoadBalancer
|
FD2 <->FD1
Here are some maybes. The configuration of the winsync agreements might have
issues communicating with a proxy or load balanced LDAP server. Also I do
not know of any HA product that would be able to fail winsync on a windows
server.
On 3/19/07, Paxton, Darren <darren.paxton(a)mercer.com> wrote:
Hi again all,
Managed to get myself to a pretty good place with my configuration, but
would appreciate another pointer from yourselves.
Currently I have the system up and running with two servers (master1 and
master2) in a 2-way multi-master replication mode.
Master1 also has a Windows Synchronisation Agreement with adserver1, which
is also working, however it is working in a two-way mode, propagating
changes made on the Fedora Directory back to Active Directory.
Unfortunately, our current strategy is to have Active Directory as the
single Directory for user management so as to make our Service Desk more
efficient. We also have a policy of removing all single points of failure
from within our enterprise, therefore I was looking at having two windows
sync agreements from two Fedora Master servers to two different members of
the same Active Directory.
The two Fedora Servers would also obviously need to be in sync (hence the
multi-master setup) but probably with a number of read-only consumer servers
dotted around the globe.
The question, therefore, is what would be the best way in terms of
replication design, to achieve this objective?
Basically, I want to achieve the following:
AD2 -> FD2 <-> FD1 <- AD1
/ | |\
/ | | \
V V V V
FD3 FD4 FD5 FD6
Thanks in advance for any assistance you can provde.
Cheers
Darren
This e-mail and any attachments may be confidential or legally
privileged.If you received this message in error or are not the intended
recipient, you should destroy the email message and any attachments or
copies, and you are prohibited from retaining, distributing, disclosing or
using any information contained herein. Please inform us of the erroneous
delivery by return e-mail. Thank you for your co-operation.
Mercer Human Resource Consulting Limited is authorised and regulated by
the Financial Services Authority. Registered in England No. 984275.
Registered Office: 1 Tower Place West, Tower Place, London, EC3R 5BU.
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users