[Samba] Samba Domain and OpenVPN

Henry Jensen hjensen at gmx.de
Tue Feb 26 09:50:04 GMT 2008


we have a new branch office about 200 kilometers away from our main office.
I established a connection between the two with OpenVPN. Right now a single 
Windows-PC is connected to our OpenVPN-Server, which acts as a bridge to
our internal network.

Now the other (Windows) clients - 7 units - and the employees at the 
branch office shall be integrated in our existing Samba Domain.

What is the best solution to accomplish this?

Some additional inormation:
- I think loading profiles from our server would not be a good idea, because the 
  VPN tunnel would be to slow for this.

- I use password protected keys for the clients, so OpenVPN can't be started 
  automatically as Windows service, because it requires that the user enters a 
  password. Because of this, I think, it is not possible that the clients at 
  the branch office can become members of our domain.

At the moment the users at the branch office have local accounts at the single
Windows PC and in our Samba domain. Of course, user names of passwords are kept in sync
manually. But I think this is not the optimal solution.

I thought about establish a second domain at the branch office and establish a 
domain trust relationship. But I read that this feature in Samba is not very stable
and insecure. Additionally I'm not sure if this procedure is worth the trouble for 
only 7 clients.

Any ideas?


More information about the samba mailing list