[Samba] Questions about Samba

Andrew Bartlett abartlet at samba.org
Wed Feb 1 10:55:17 GMT 2006 

On Tue, 2006-01-31 at 10:36 -0600, Steve wrote:
> Dear Samba Team:
> 
> I work as a systems engineer in the US for a growing publishing company.
> 
> I have been charged with doing some research that will allow us to put 
> together an infrastructure for our company.
> Currently we have a isolated Windows 2003 on AD domain.  My manager, for 
> personal and financial reasons would like to avoid having our other 
> locations, across the United States, be Microsoft.  The nature of our 
> business has lead most of our users' systems to be Macintosh and we have 
> many server systems that are Linux (Red Hat).  We will have over 100 
> locations all within the states within a year or two.

This does seem to be the ideal environment in which to deploy a
non-microsoft server solution.  

> With this background you can probably guess my interest in Samba.  
> However, while I'm familiar with Microsoft servers and OS, my knowledge 
> of SMB and CIFS is limited.
> To converse bandwidth and improve user request/response times we would 
> like to have all authentication done locally, even though we may only 
> have one domain and many OUs or subdomains.

One option is to deploy Samba3 backed with OpenLDAP.  You could put a
replica LDAP server at each site.   

> Having looked and researched your website and reading about your latest 
> release (two days old), it does seem like Samba is working hard to 
> incorporate the AD technology.  Since we are not in an immediate hurry 
> at this time we have no experimented with 4.0.0, since you clearly state 
> it's a ways away from being ready for production.

We also don't have a replicated solution yet, and if your main clients
are Mac and Linux, perhaps the AD areas are not as much a key
requirement.  

> Once the bugs are fixed and patched will you believe that Samba would be 
> able to meet our vision of how we would like our network to work.  One 
> Microsoft DC running 2003 Active Directory, and many subdomains, or OUs 
> with a Linux box taking care of all local traffic authentication, and 
> file sharing.  The Linux box will need to replicate and communicate with 
> the DC running AD.

I think this will eventually be possible, and certainly Samba4 is in a
better position to do this than Samba3.  

> I realize this may be premature, and not very detailed.  This plan is 
> somewhat in a gray area at this time, and we are simply trying to get 
> some preliminary research done.  If this is not the correct address or 
> form in which to ask questions of this nature, I do apologize, and if 
> you can respond with the proper address or link to the proper form I 
> would appreciate it very much.  In addition any further research 
> material or links regarding your software would be very helpful.  Thank 
> you for your time.

I certainly hope to create in Samba4 a great centralised logon server
for Windows, Mac and Linux clients.  However this will take time and,
you may wish to look at solutions around Samba3 and a more traditional
LDAP+Kerberos setup.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20060201/6e22fe59/attachment.bin

More information about the samba mailing list