[Samba] Re: PDC, BDCs - how do you synchronize roaming profiles?

John H Terpstra jht at Samba.Org
Sun Dec 12 16:30:22 GMT 2004

On Sunday 12 December 2004 06:15, Tomasz Chmielewski wrote:
> John H Terpstra wrote:
> > NT4 does not
> > replicate or synchronize desktop profiles - nor does Samba. Where on
> > earth did you obtain the idea that this ought to happen?
> Well, I know Samba doesn't replicate profiles.
> I just asked what is the best way to do it.

Sorry. My mis-reading of your posting.

> > The notion that all roaming profiles are stored on a central server and
> > that profiles are transferred over a wide-area link at login time is not
> > one I have created. Where did you get such a notion? I would not call
> > that silly, I'd call that insane and completely unworkable.
> I got such a notion in one of replies to my post; which I criticized as
> not very useful/possibly harmful.
> > The answer is: Practice good account management. Locate the users'
> > profile on a server close to where the user is - preferably on the same
> > network segment. I a user roams across multiple network segments and the
> > wide-area bandwith can not handle the roaming profile then do exempt that
> > user from having a roaming profile and instead store the profile locally
> > on the workstation (or notebook) that is used by this user.
> Yes, this is why I asked my question. I want to introduce good account
> management.
> But if there are two buildings, 2 minutes walk, connected by a 1 Mbit
> VPN/WAN link, and users (students) need to use their profile in each
> building (and they use different computers in different rooms, so can't
> store profiles locally), I need some profile replication mechanism.

Windows has no good replication solution for this. The only workable is a 
local profile.

> I thought of this approach:
> - keep profile size to the minimum (20-30 megs),

How will you control the size of the profile? I can not see a practical 
solution to do this. Folder redirection is the best way to limit the size of 
the profile, but that means any profile contents will be accessed over the 
WAN link. Bandwidth could be a problem for that.

The other solution is to share the profile data via NFS. I know I would not 
like to entertain that over a slow WAN link.

> - rsync changes of the profile to the other domain controllers when user
> logs out.

The trouble is that you have to do it from each WAN location and there is just 
no way to maintain data integrity with multiple source locations and multiple 

> Do you think it's a good approach, or should I think of something else?

I'd suggest local profiles for such mobile users. Remember you can use Windows 
XP Pro off-line folders to replicate data to a home server.

