[Samba] Looking for large-ish deployment advice

Andrew Bartlett abartlet at samba.org
Thu Oct 14 10:13:15 GMT 2004 

On Thu, 2004-10-14 at 03:00, Quentin Hartman wrote:
> > Trying to understand this a bit better before I comment...
> 
> Thanks for taking the time.
> 
> > First, won't roving users be disappointed if you have separate home 
> > directories in each building?  Won't they expect that a document on which 
> > they worked in one building be available when they go to the next building?
> 
> That's part of the core mechanic that I am trying to work out. When a
> user logs on, the logon script "figures out" what their home building is
> and connects their home directory appropriately. In the case of logging
> in at their home building, it connects to their local server, in the
> case of logging in at another building, it connects to the appropriate
> server in another building. Using separate domains, this is easy, and
> somewhat the natural behavior. I would like to use a single domain to
> keep management overhead lower if possible. It's the "figuring out" part
> that I have to work out yet.

When you create the user in LDAP, set their sambaHomePath to the server
you want to put their profile on.  That's all!

> > Second, are you contemplating using roaming profiles, and if so, are these 
> > profiles likely to be large? E.g., users store big files on their Desktop, 
> > and/or have 200MB Outlook pst files, etc....
> 
> I am contemplating roaming profiles, though they are unlikely to be
> large in most cases. To answer your examples specifically, as far as I
> know most users are not in the habit of saving files on their desktops,
> and we do not use Outlook.

If you are looking to save admin costs on the profiles, you could do as
I have at Hawker, and have just one single mandatory profile.  I use
that profile everywhere, and set the logon path to \\%L\manprof\manprof

(which maps to the local server)

> > Lastly, if I read your post correctly you have T-1 speeds between buildings.  
> > That's a pretty fat pipe to fill, so why do you say the building-to-building 
> > networks links are slow?
> 
> I suppose I left out an important point in my first post in that this
> network has about 3000 users and just over 1000 computers on it. Many of
> which who are working medium to large sized files stored in their home
> directories. Between that and the large volume of Internet traffic, my
> WAN links are pegged all day under the current setup, wherein there is a
> cluster of NT4 servers all centrally located and all user data has to
> traverse those links. During peak usage times, it can be painfully slow.

That's a nice big network :-)

> Another list member suggested using individual logon scripts, and as far
> as I can tell at this point, that is the only solution that will work.
> If that's the case, I then need to decide what's harder to manage, 10
> seperate domains, or 3000+ individual logon scripts, where I have a very
> high rate of user churn. Since this is for a public school district, I'm
> nearly constantly creating and destroying accounts as students enroll
> and depart.

Well, either way you script it, but I see no need for multiple logon
scripts.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20041014/055ec4fa/attachment.bin

More information about the samba mailing list