[Samba] Best solution for remote sites

Andrew Bartlett abartlet at samba.org
Sat May 14 10:03:57 UTC 2016


On Wed, 2016-05-11 at 14:06 +0200, S├ębastien Le Ray wrote:
> Hi,
> 
> I was wondering if there was a possibility for remote sites to avoid 
> having a "local" domain controller (Samba 4 AD DC) and still provide 
> share access while WAN link is down. Something like the Windows 
> credential cache on workstation.

If the link is only down for moments, than a valid kerberos ticket
should be able to get to a share.  But the share needs to be running on
a very current version of Samba, and Kerberos must be in use.  (Even
then, this may not work, but I've seen efforts made to try and fix it).

Otherwise, I can only suggest an RODC, if you don't want a full AD DC. 
 This mode in Samba is less well used and tested than the rest, but it
is there, and may be what you need here.

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba






More information about the samba mailing list