Recommendations for production environment?

Patrick J. LoPresti patl at cag.lcs.mit.edu
Fri Jan 14 18:50:13 GMT 2000 

I am looking for some free advice.

I have used Samba for years to provide logon service to Win9x clients.
Whenever I set up a NT machine, I have made it standalone (workgroup
member, not domain), because I was not sure that Samba's Domain
Controller support was ready for production use.

I am now required to streamline the process of setting up NT
workstations and to unify the account database, which means I need a
domain.  I want very much to avoid running any infrastructure on NT
Server...

I have read the FAQs and followed this list for some time, so I know I
have four options:

  1) "Just do it" -- Create machine accounts on our 2.0.6 Samba server
     and hope the Domain Controller support works well enough.

  2) Use CVS HEAD branch, similar configuration.

  3) Use CVS SAMBA_TNG branch, same but need to create machine account
     for Samba server itself and make sure to run the various and
     sundry daemons.

  4) Same as (3), but use smbd and nmbd from HEAD branch for stable
     file and WINS service.


I only have two needs, really.

First, basic authentication/logon support.  This includes running a
logon script (is this correct for NT?) to mount some drives from
various places.  Users need to be able to change their passwords from
their NT boxes (we have this working on Win98 now with encrypted
passwords + passwd sync).  I can run this authentication/logon service
on a machine which does not provide print or file services, as long as
I can still have profiles and a logon script.

Second, dialup networking authentication.  NT's User Manager has this
little checkbox for each user labelled "allow dialup access" or
somesuch.  I want our NT dialup server to think that little box is
checked for a set of users of my choosing.  Whether I configure this
with NT's User Manager or with some manual hack on the Unix side is
unimportant.  (This is less important than my first need.)

Could anyone here compare my four options (pros/cons) or suggest
others?

Thanks!

 - Pat

More information about the samba-ntdom mailing list