[Samba] Best solution for remote sites
Sébastien Le Ray
sebastien-samba at orniz.org
Sun May 15 07:14:29 UTC 2016
Le 14/05/2016 à 12:03, Andrew Bartlett a écrit :
> On Wed, 2016-05-11 at 14:06 +0200, Sébastien Le Ray wrote:
>> Hi,
>>
>> I was wondering if there was a possibility for remote sites to avoid
>> having a "local" domain controller (Samba 4 AD DC) and still provide
>> share access while WAN link is down. Something like the Windows
>> credential cache on workstation.
> If the link is only down for moments, than a valid kerberos ticket
> should be able to get to a share. But the share needs to be running on
> a very current version of Samba, and Kerberos must be in use. (Even
> then, this may not work, but I've seen efforts made to try and fix it).
« Very current » and « debian package » are quite incompatible :)
(even 4.2 is slow as Hell with our XP and some 7 boxes, got no time to
sort this out)
>
> Otherwise, I can only suggest an RODC, if you don't want a full AD DC.
> This mode in Samba is less well used and tested than the rest, but it
> is there, and may be what you need here.
Yes that's what I was thinking but wiki documentation on RODC is not
very verbose…
Regards
More information about the samba
mailing list