[Samba] samba/ldap network and domain setup advice

[Abdul-Wahid Paterson]

Hi,

I am sure this has been discussed before but all the documentation I
could find seems to be old.

I have two main sites that make the core part of our network. They are
connected by a link that is usually congested.

On the first site, of about 500 users, we have implemented Samba/LDAP.

I now need to work out what to do with the second site of about 1000 users.

So the requirements are.

1. Some other applications are uisng LDAP authentication and all users
from both sites need to authenticated.
2. Some users often travel between sites so it would be useful if they
can log into samba at both places.
3. The link between the two sites is probably too slow for doing
anything useful except perhaps LDAP replication.

So what is the best way of going about this? Do I setup two domains?
If I have two domains what is the best way of segregating users so
that other LDAP applications can see all users. What have other people
done in these types of situaitons and what things should I avoid or be
aware of?

Thanks,

Abdul-Wahid