I can not give an authoritative answer, but if your active directory is 2003
server your active directory itself is multimaster ( no more PDC and SDC ).
It seems theorically possible to install active directory sync on both nodes
but leave it running only on one domain controller. Something like this:
AD2 <-> AD1
|
LoadBalancer
|
FD2 <->FD1
Here are some maybes. The configuration of the winsync agreements might have
issues communicating with a proxy or load balanced LDAP server. Also I do
not know of any HA product that would be able to fail winsync on a windows
server.
On 3/19/07, Paxton, Darren <darren.paxton at mercer.com> wrote:
> Hi again all,
>
> Managed to get myself to a pretty good place with my configuration, but
> would appreciate another pointer from yourselves.
>
> Currently I have the system up and running with two servers (master1 and
> master2) in a 2-way multi-master replication mode.
>
> Master1 also has a Windows Synchronisation Agreement with adserver1, which
> is also working, however it is working in a two-way mode, propagating
> changes made on the Fedora Directory back to Active Directory.
>
> Unfortunately, our current strategy is to have Active Directory as the
> single Directory for user management so as to make our Service Desk more
> efficient. We also have a policy of removing all single points of failure
> from within our enterprise, therefore I was looking at having two windows
> sync agreements from two Fedora Master servers to two different members of
> the same Active Directory.
>
> The two Fedora Servers would also obviously need to be in sync (hence the
> multi-master setup) but probably with a number of read-only consumer servers
> dotted around the globe.
>
> The question, therefore, is what would be the best way in terms of
> replication design, to achieve this objective?
>
> Basically, I want to achieve the following:
>
> AD2 -> FD2 <-> FD1 <- AD1
> / | |\
> / | | \
> V V V V
> FD3 FD4 FD5 FD6
>
> Thanks in advance for any assistance you can provde.
>
> Cheers
>
> Darren
>
>
>
> This e-mail and any attachments may be confidential or legally
> privileged.If you received this message in error or are not the intended
> recipient, you should destroy the email message and any attachments or
> copies, and you are prohibited from retaining, distributing, disclosing or
> using any information contained herein. Please inform us of the erroneous
> delivery by return e-mail. Thank you for your co-operation.
>
> Mercer Human Resource Consulting Limited is authorised and regulated by
> the Financial Services Authority. Registered in England No. 984275.
> Registered Office: 1 Tower Place West, Tower Place, London, EC3R 5BU.
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20070319/03436411/attachment.html
