[Samba] What management of samba is available for large scale
deployment
Felipe Augusto van de Wiel
felipe at paranacidade.org.br
Thu Sep 20 15:45:21 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
D G Teed wrote, On 19-09-2007 11:58:
> I'm working for a higher education institution, and we have Novell Netware
> for our file sharing services. We are looking at what migration paths
> are available.
>
> I know samba works, we use it on a number of Solaris and Linux boxes and
> have it authenticate against our Windows ADS. Manually editing samba
> confiiguration files for up to a hundred users is OK. The challenge is how
> do you manage a few thousand users with backends that auto-populate
> the samba config and front ends which administrators can tweak as needed?
I'm not sure I really understand what your are talking
about. When you say "backends that auto-populate the samba config"
this turns on the red light as it sounds like something a little
bit //dangerous//.
I worked with scenarios with thousands of accounts and
usually the best way is to work with LDAP and ACLs on the
filesystem to make it easier to automatic inherit access by
groups, which should be simpler to keep up.
By front-ends I know some people that users SWAT and a
lof of people that uses PHP tools like phpLDAPadmin or LDAP
Account Manager. I'm not aware of any tools that looks like
similar to Novell Graphical Admin tools, but in a similar case,
there are people use Windows Management Console to deal with
users in Samba backends.
> Does someone make a product which helps with the management of Samba and
> provide features like autocreation of groups to support shared permissions
> on folders, etc? If not a product, has there been a guide on how to
> deploy samba with a large number (5000) of users and a large number
> (perhaps 300-500) groups?
Yes, it is called Samba By Example and it is available
as a book or on-line in the Samba Docs section.
> Having a product which permits users to self-administer their share
> and allow read or write access to certain users or groups would be ideal.
"Self administer" their share? You mean the share available
in the server? Sounds odd. But it probably can be done with some LDAP
ACLs.
Kind regards,
- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG8pWRCj65ZxU4gPQRCJWcAKDGECnV/4ov9f90B3s5EfWHqsGqTQCeJwJj
VUluxzW4SRPvV3kp+NLdapM=
=NIxY
-----END PGP SIGNATURE-----
More information about the samba
mailing list