[Samba] remote site options

Sonic sonicsmith at gmail.com
Sun Sep 9 19:52:38 UTC 2018

On Sun, Sep 9, 2018 at 1:27 PM Reindl Harald via samba
<samba at lists.samba.org> wrote:
> Am 09.09.18 um 17:16 schrieb Sonic via samba:
> > Currently using Samba 4 as AD at the main site and would like the main site
> > AD to authenticate users at a remote site (about 3 systems). As I use my
> > domain management system from a remote location via VPN I know this works,
> > but the VPN may not be the lowest cost in terms of overhead.
> why?

Encryption overhead.

> > What other options are available?
> >
> > I'm thinking that port forwarding between the sites may incur the least
> > overhead (which ports?). What are the common (and maybe not so common)
> > practices in place for this scenario?
> frankly you even need bridged VPN instead routed - so how should this
> work with port forwarding adn what problem do you try to solve befoe
> come up with solutions?

>From my office here I just use a site-to-site vpn when I need to
manage the AD via RSAT.
Normally my site-to-site VPN is down, but in the case of the small
remote site contact with the AD would need to be full time. If it can
be done easily with port forwarding it may be the least expensive way
in terms of processing and also provide the best performance.


More information about the samba mailing list