Hello, We have three Windows ADS servers on three separate networks all connected to each other with a VPN tunnel. test.com site02.test.com site03.test.com Our test.com is our master ldap server and autheticating against it works. The problem that we are facing is that if we configure the Linux (CentOS) servers to point to the ldap authentication against the site02.test.com server, it stats hanging and does not lookup any users which are in the test.com server. So if the test.com ADS server goes down we have no failover which causes problems with our Linux servers. I have enabled the Global catalog for both the site02 and site03 servers but that has not helped. Both the site02 and site03 servers are under the test.com forrest if that helps. Can anyone help out as to where the problem might be? Thanks, Nick

I never did it but a quick search on Google show the use of Samba to make it happen. http://www.howtoforge.com/samba_ads...

What does the Samba configuration have to do with LDAP? I want to authenticate ADS users on my Linux servers using LDAP, not Window shares.

Ok, the best I can find is reference to the /etc/nsswitch.conf and /etc/nsswitch.ladp files, which need to be configured to make the authentication work. http://www.howtoforge.com/linux_lda... http://wiki.archlinux.org/index.php...

I have LDAP setup the problem is on the Windows ADS side. As mentioned in my first post, I can authenticate everything against the master ADS server. It is the child servers on the site02 and site03 networks that I am having problems with. I have enabled the Global Catalog on both the site02 and site03 servers but that has not helped.

Let me suggest that you join the forum at www.minasi.com You can probably get a detailed answer there.