This is part 2 of our series on deploying account synchronization on multiple ClearOS systems. If you missed the first part, you can get find it here:
Now that we have our central directory with domain controller (PDC) running in the head office, it is time walkthrough deploying the gateway systems.
Before configuring your first slave node, the firewall on the master node must be configured to allow connections from the slaves. TCP ports 81 (ClearOS) and 636 (secure LDAP) need to be accessible on the master node.
Just like the master node, account synchronization is done during the first boot installation wizard. There is a simple dropdown to select the system mode and in this case Slave mode is the item to choose (as shown in the screenshot).
Type in the IP address or hostname of the master node along with the synchronization key. You can find this key on the master node:
Just like the master node, now is a good time to configure Windows Networking.
All slave systems are configured as backup domain controllers, so it is a good idea to have at least one slave configured at all remote offices. With the full replication used in Account Synchronization, Windows Networking authentication services continue to work even when the connection to the primary domain controller (PDC) is offline.