[Samba] Architecture VPN and Samba with ADS 2003 help needed
henke at mac.se
Wed Oct 11 05:27:55 GMT 2006
11 okt 2006 kl. 07:03 skrev Guillaume Riviere:
> Dear all Samba list,
> I'm currently facing some little problem with samba, I search for
> advices on
> our offices architecture. This is what we have:
> - We got 2 offices with "unstable" ADSL connection (sometime more
> that 5 connections shutdown a day)
> - We use a VPN and our 2 offices are on the following internal
> Office 1: 10.0.0.0/24
> Office 2: 10.0.1.0/24
> There is no firewall restrictions between the 2 offices with the VPN.
> - The Office 1 got a ADS Server 2003 (ads_office1) and a Debian/
> Sarge with Samba 3.0.23C file server (fs_office1), all is ok,
> working very well
> - The Office 2 got only a Debian/Sarge Samba 3.0.23c file server
> (call it fs_office2) connected to the remote VPN ADS 2003. This server
> is in a DOMAIN security mode (because I read that the ADS security
> mode is currently not so stable)
Where did you read that? :)
> All my users (Windows XP SP2 only) must be in the same ADS network
> (Exchange service, sharing of file, internet access control)
> We face multiple problems is with the second office, each time we
> got a disconnection, we have to re-join the domain, restart
> samba and winbind, also this Office 2 cannot access to the file
> server in a disconnected mode (some time no internet in this
> office for a whole day)
> So, I would like your advice on the following questions:
> - Do we have to change the server fs_office2 to a Microsoft 2003
> server, is this the best solution ?
> - Do Samba can configure itself to use a cache system or a domain
> duplication or a domain master in ADS 2003?
> is there solution to make samba deliver locally the credential in
> case of networks
> disconnection ? is it stable to go on this solution ?
Pure ADS member with AD replication is not available inte the SAMBA 3
branch yet. SAMBA 4 is supposed to handle this but is currently only
in TP4 pre alpha stage and should only be used in testing purposes.
> If yes (I hope), how to do this, what is the est architecture, the
> best samba configuration ?
Unfortunately I think that the best solution is to have a W2003 at
the second office also until SAMBA 4 is stable but hopefully some
more experienced samba users have another idea. :)
> Thanks in advance,
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba