[Samba] SSO across multiple physical subnets

[Thomas Smith]

Hi,

I¹ve been reading up on SSO-based logins for the last couple of weeks. I¹ve
found a lot of information about it, but nothing that matches my situation.
Here¹s the gist of my situation...

- I have a Samba 3 PDC in our corporate office as well as three remote
offices.

- Each remote office is in a different physical building and connected to
the Corporate office either via Point-to-Point T-1 or a Cisco PIX on-demand
VPN tunnel. Each office resides in a separate IP subnet.

- Each office is a separate domain. Each server has it's own domain user and
group accounts.

- I have laptop users who travel between the various offices on a regular
basis. I also have some desktop users who travel to remote offices to
provide training and such.

What I'd like to do is make this a fault tolerant, SSO environment. Fault
tolerance is very important for us in case one of the VPN tunnels or T-1s
goes down--each office would still need to be able to log in to their
server(s) and work.

Another challenge has been laptop users--if they're configured for the
Corporate office domain, they cannot access the domains of remote offices
while on-site at those locations. This has always been a manual workaround
for them to get access to printers and network shares.

Can anyone suggest a direction to go in here? I know this is a lot, I'm not
looking for someone to do the work. I just need some help locating the
appropriate technology or how-tos for configuring something of this scale.

Thanks, in advance, for your help!

~ Tom