[Samba] VPN+2.2.3a+LDAP

Philip Burrow phil.burrow at blueyonder.co.uk
Mon Apr 29 19:28:02 GMT 2002


I'm after some clarification on a concept I'm toying with, the big question
being is it feasible to do this, and are there any things I ought to
consider. What I'm after is domain authentication across a multi-subnet VPN.
I figured there are three ways of doing this, based on my limited knowledge
of Samba (version 2.2.3a):

1. Have a single Samba PDC to control the entire VPN (up to 10 remote sites)
using a single LDAP server to authenticate users.

2. Have a Samba server at each site as some sort of pseudo-BDC, all
authenticating with a single LDAP server.

3. Have a Samba PDC at each site controlling a domain of its own, but all
using the same LDAP server.

One requirement I have is that I don't want WAN bandwidth saturating with
home directories and user profiles needing to be transmitted across the WAN
so I want them stored local to each site, and I think this is possible with
Samba and LDAP (is it?). Is this 'shared password server' concept possible
with Samba and LDAP?

Any URLs or other resources would be great, and I appreciate any help or
comments. Please dont tell me to create a trust relationship with Mr Gates.



More information about the samba mailing list