phil.burrow at blueyonder.co.uk
Mon Apr 29 19:28:02 GMT 2002
I'm after some clarification on a concept I'm toying with, the big question
being is it feasible to do this, and are there any things I ought to
consider. What I'm after is domain authentication across a multi-subnet VPN.
I figured there are three ways of doing this, based on my limited knowledge
of Samba (version 2.2.3a):
1. Have a single Samba PDC to control the entire VPN (up to 10 remote sites)
using a single LDAP server to authenticate users.
2. Have a Samba server at each site as some sort of pseudo-BDC, all
authenticating with a single LDAP server.
3. Have a Samba PDC at each site controlling a domain of its own, but all
using the same LDAP server.
One requirement I have is that I don't want WAN bandwidth saturating with
home directories and user profiles needing to be transmitted across the WAN
so I want them stored local to each site, and I think this is possible with
Samba and LDAP (is it?). Is this 'shared password server' concept possible
with Samba and LDAP?
Any URLs or other resources would be great, and I appreciate any help or
comments. Please dont tell me to create a trust relationship with Mr Gates.
More information about the samba