[Samba] Samba multi-site advice request please

David Harrison david.harrison at stress-free.co.nz
Sun Jan 31 22:00:07 MST 2010 

I am doing pretty much the same thing for a client right now.

A few things I'm doing that have made my life easier:

- Use the Samba 3.3.10 packages from Sernet to avoid any unwelcome printer
issues:
  http://enterprisesamba.org/

- Use a central puppet server to store/distribute your system
configurations:
  http://reductivelabs.com/trac/puppet/wiki/AboutPuppet

- This Samba/LDAP guide from Ubuntu is pretty good:
  https://help.ubuntu.com/9.04/serverguide/C/samba-ldap.html
  https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html

- If you don't need full DNS checkout dnsmasq, it is ideal
for satellite offices:
  http://www.thekelleys.org.uk/dnsmasq/doc.html

- Disable roaming profiles because they are a world of hurt.


A few pain points:
- Windows 7: it seems to be a bit of a lottery whether it joins the domain
or not (even with registry tweaks).

- OpenLDAP 2.4 multi-master replication: the instructions from the Ubuntu
and OpenLDAP guys are pretty straightforward, but when it breaks, or doesn't
quite work right, your head starts to hurt.


Apart from that everything has gone very smoothly.
Server and network utilisation is low, and even better, it has meant two
Windows 2003 servers have been put out to pasture.


David


On Mon, Feb 1, 2010 at 1:00 PM, Julian Pilfold-Bagwell <
jpb at bordengrammar.kent.sch.uk> wrote:

> Hi all,
>
> I am looking at setting up a multi-site office and need to put a plan
> forward.  The site consists of one head office and several branch office
> and my plan so far is this:
>
> In head office, one Samba PDC.  Each branch office will have a local BDC
> that also stores files local to the branch, hopefully cutting down the
> day to day traffic across the VPN.  The VPN I plan to use is OpenVPN in
> bridge mode in order to allow broadcasts e.g. WINS etc., to traverse the
> connections.  All the servers will have their own LDAP server and all
> will be synced to keep the authentication consistent and reduce VPN
> traffic.  Each site will have it's own DNS,  the PDC being the master
> and the BDCs slaves. The low number of machines involved mean I can set
> the clients to use their local DNS.
>
> The whole plot will be required to run across 2mb SDSL as this is all
> the budget will stretch to.
>
> Every other proposal has involved server 2008 and terminal services but
> I really want to go down the Linux/Samba route.
>
> Is there anyone out there that has successfully pulled this off and can
> give me some advice?  I've spent a few hours searching Google but their
> doesn't seem to be any definite info/howtos.
>
> thanks,
>
> Julian PB
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list