Account Synchronization - Remote Office

This is part 2 of our series on deploying account synchronization on multiple ClearOS systems. If you missed the first part, you can get find it here:

Big Picture

Now that we have our central directory with domain controller (PDC) running in the head office, it is time walkthrough deploying the gateway systems.

Configuring the Slave Node

Preparing the Master Node

Before configuring your first slave node, the firewall on the master node must be configured to allow connections from the slaves. TCP ports 81 (ClearOS) and 636 (secure LDAP) need to be accessible on the master node.

Setting the Mode

ClearOS Slave Node Just like the master node, account synchronization is done during the first boot installation wizard. There is a simple dropdown to select the system mode and in this case Slave mode is the item to choose (as shown in the screenshot).

Type in the IP address or hostname of the master node along with the synchronization key. You can find this key on the master node:

  • Go to <navigation>System|Account Manager|Account Synchronization</navigation>
  • Copy and paste the synchronization key into the slave system form

Configuring Windows Backup Domain Controller - BDC

ClearOS BDC Mode Just like the master node, now is a good time to configure Windows Networking.

All slave systems are configured as backup domain controllers, so it is a good idea to have at least one slave configured at all remote offices. With the full replication used in Account Synchronization, Windows Networking authentication services continue to work even when the connection to the primary domain controller (PDC) is offline.

  • Go to <navigation>Server|File|Windows Networking</navigation> in the menu.


content/en_us/kb_bestpractices_account_synchronization_-_remote_office.txt · Last modified: 2018/05/10 15:36 by nickh