3.2. UCS system roles#
In a UCS domain systems can be installed in different system roles. The following gives a short characterization of the different systems.
3.2.1. Primary Directory Node#
A system with the Primary Directory Node role is the primary domain controller of a UCS domain and is always installed as the first system. The domain data (such as users, groups, printers) and the SSL security certificates are saved on the Primary Directory Node.
Copies of these data are automatically transferred to all servers with the Backup Directory Node role.
3.2.2. Backup Directory Node#
All the domain data and SSL security certificates are saved as read-only copies on servers with the Backup Directory Node role.
The Backup Directory Node is the fallback system for the Primary Directory Node. If the latter should fail, a Backup Directory Node can take over the role of the Primary Directory Node permanently (see Converting a Backup Directory Node backup to the new Primary Directory Node).
3.2.3. Replica Directory Node#
All the domain data are saved as read-only copies on servers with the Replica Directory Node role. In contrast to the Backup Directory Node, however, not all security certificates are synchronized.
As access to the services running on a Replica Directory Node are performed against the local LDAP server, Replica Directory Nodes are ideal for site servers and the distribution of load-intensive services.
A Replica Directory Node cannot be promoted to a Primary Directory Node.
3.2.4. Managed Node#
Managed Node are server systems without a local LDAP server. Access to domain data here is performed via other servers in the domain.
Ubuntu clients can be managed with this system role, see Integration of Ubuntu clients.
This system role is used for the integration of other Linux systems than UCS and Ubuntu, e.g., for Debian or CentOS systems. The integration is documented in Extended domain services documentation .
macOS systems can be joined into a UCS domain using Samba/AD. Additional information can be found in macOS domain joins.
3.2.8. Domain Trust Account#
A domain trust account is set up for trust relationships between Windows and UCS domains.
3.2.9. IP client#
An IP client allows the integration of non-UCS systems into the IP management (DNS/DHCP), e.g., for network printers or routers.
3.2.10. Windows Domaincontroller#
Windows domain controllers in a Samba/AD environment are operated with this system role.
3.2.11. Windows Workstation/Server#
Windows clients and Windows Managed Nodes are managed with this system role.