[Samba] Architecture VPN and Samba with ADS 2003 help needed

Henrik Zagerholm henke at mac.se
Wed Oct 11 05:27:55 GMT 2006

11 okt 2006 kl. 07:03 skrev Guillaume Riviere:

> Dear all Samba list,
> I'm currently facing some little problem with samba, I search for  
> advices on
> our offices architecture. This is what we have:
> - We got 2 offices with "unstable" ADSL connection (sometime more  
> that 5 connections shutdown a day)
> - We use a  VPN and our 2 offices are on the following internal  
> subnets:
>    Office 1:
>    Office 2:
> There is no firewall restrictions between the 2 offices with the VPN.
> - The Office 1 got a ADS Server 2003 (ads_office1) and a Debian/ 
> Sarge with Samba 3.0.23C file server (fs_office1), all is ok,  
> working very well
> - The Office 2 got only a Debian/Sarge Samba 3.0.23c file server  
> (call it fs_office2) connected to the remote VPN ADS 2003. This server
> is in a DOMAIN security mode (because I read that the ADS security  
> mode is currently not so stable)

Where did you read that? :)
> All my users (Windows XP SP2 only)  must be in the same ADS network  
> (Exchange service, sharing of file, internet access control)
> We face multiple problems is with the second office, each time we  
> got a disconnection, we have to re-join the domain, restart
> samba and winbind, also this Office 2 cannot access to the file  
> server  in a disconnected mode (some time no internet in this
> office for a whole day)
> So, I would like your advice on the following questions:
> - Do we have to change the server fs_office2  to a Microsoft 2003  
> server, is this the best solution ?
> - Do Samba can configure itself to use a cache system or a domain  
> duplication or a domain master in ADS 2003?
> is there solution to make samba deliver locally the credential  in  
> case of networks
> disconnection ?  is it stable to go on this solution ?
Pure ADS member with AD replication is not available inte the SAMBA 3  
branch yet. SAMBA 4 is supposed to handle this but is currently only  
in TP4 pre alpha stage and should only be used in testing purposes.

> If yes (I hope), how to do this, what is the est architecture, the  
> best samba configuration ?
Unfortunately I think that the best solution is to have a W2003 at  
the second office also until SAMBA 4 is stable but hopefully some  
more experienced samba users have another idea. :)
> Thanks in advance,
> Regards,
> Guillaume

> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list