[Samba] Looking for large-ish deployment advice
Andrew Bartlett
abartlet at samba.org
Thu Oct 14 10:13:15 GMT 2004
On Thu, 2004-10-14 at 03:00, Quentin Hartman wrote:
> > Trying to understand this a bit better before I comment...
>
> Thanks for taking the time.
>
> > First, won't roving users be disappointed if you have separate home
> > directories in each building? Won't they expect that a document on which
> > they worked in one building be available when they go to the next building?
>
> That's part of the core mechanic that I am trying to work out. When a
> user logs on, the logon script "figures out" what their home building is
> and connects their home directory appropriately. In the case of logging
> in at their home building, it connects to their local server, in the
> case of logging in at another building, it connects to the appropriate
> server in another building. Using separate domains, this is easy, and
> somewhat the natural behavior. I would like to use a single domain to
> keep management overhead lower if possible. It's the "figuring out" part
> that I have to work out yet.
When you create the user in LDAP, set their sambaHomePath to the server
you want to put their profile on. That's all!
> > Second, are you contemplating using roaming profiles, and if so, are these
> > profiles likely to be large? E.g., users store big files on their Desktop,
> > and/or have 200MB Outlook pst files, etc....
>
> I am contemplating roaming profiles, though they are unlikely to be
> large in most cases. To answer your examples specifically, as far as I
> know most users are not in the habit of saving files on their desktops,
> and we do not use Outlook.
If you are looking to save admin costs on the profiles, you could do as
I have at Hawker, and have just one single mandatory profile. I use
that profile everywhere, and set the logon path to \\%L\manprof\manprof
(which maps to the local server)
> > Lastly, if I read your post correctly you have T-1 speeds between buildings.
> > That's a pretty fat pipe to fill, so why do you say the building-to-building
> > networks links are slow?
>
> I suppose I left out an important point in my first post in that this
> network has about 3000 users and just over 1000 computers on it. Many of
> which who are working medium to large sized files stored in their home
> directories. Between that and the large volume of Internet traffic, my
> WAN links are pegged all day under the current setup, wherein there is a
> cluster of NT4 servers all centrally located and all user data has to
> traverse those links. During peak usage times, it can be painfully slow.
That's a nice big network :-)
> Another list member suggested using individual logon scripts, and as far
> as I can tell at this point, that is the only solution that will work.
> If that's the case, I then need to decide what's harder to manage, 10
> seperate domains, or 3000+ individual logon scripts, where I have a very
> high rate of user churn. Since this is for a public school district, I'm
> nearly constantly creating and destroying accounts as students enroll
> and depart.
Well, either way you script it, but I see no need for multiple logon
scripts.
Andrew Bartlett
--
Andrew Bartlett abartlet at samba.org
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20041014/055ec4fa/attachment.bin
More information about the samba
mailing list