[Samba] Best solution for remote sites
abartlet at samba.org
Sat May 14 10:03:57 UTC 2016
On Wed, 2016-05-11 at 14:06 +0200, Sébastien Le Ray wrote:
> I was wondering if there was a possibility for remote sites to avoid
> having a "local" domain controller (Samba 4 AD DC) and still provide
> share access while WAN link is down. Something like the Windows
> credential cache on workstation.
If the link is only down for moments, than a valid kerberos ticket
should be able to get to a share. But the share needs to be running on
a very current version of Samba, and Kerberos must be in use. (Even
then, this may not work, but I've seen efforts made to try and fix it).
Otherwise, I can only suggest an RODC, if you don't want a full AD DC.
This mode in Samba is less well used and tested than the rest, but it
is there, and may be what you need here.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba