[Samba] remote site options
Gaiseric Vandal
gaiseric.vandal at gmail.com
Mon Sep 10 13:57:45 UTC 2018
For 3 remote systems, it seems that adding a remote DC will be more work
than it is worth. Sonicwall UTM's make it pretty easy to set up
site-to-site VPN connections even if only end has a static public
IP. I believe that the remote PC's would locate the domain
controllers via DNS so you shouldn't have to worry about NBT or
WINS. The sonicwall's also include various IP Helpers (e.g. for
relaying DHCP requests to a central DHCP server.) I am sure that
Cisco and other SOHO solutions offer similar functionality. The
hardware VPN approach is probably simpler than trying to build your own
VPN server with OpenVPN.
Assuming the client PC's are caching logins - even if the VPN link does
down the remote users will still be able to login to their computers.
On 09/09/18 16:28, Reindl Harald via samba wrote:
> Am 09.09.18 um 21:52 schrieb Sonic:
>> On Sun, Sep 9, 2018 at 1:27 PM Reindl Harald via samba
>> <samba at lists.samba.org> wrote:
>>> Am 09.09.18 um 17:16 schrieb Sonic via samba:
>>>> Currently using Samba 4 as AD at the main site and would like the main site
>>>> AD to authenticate users at a remote site (about 3 systems). As I use my
>>>> domain management system from a remote location via VPN I know this works,
>>>> but the VPN may not be the lowest cost in terms of overhead.
>>> why?
>> Encryption overhead
> irrelevant, completly irrelevant
>
> i drive a forest of 365/24 openvpn instances termination on the same
> virtual machine where each endpoint connects a complete network which
> runs most of the day below 100 MHz
>
> sorry, but encryption don't matter these days except you have stoneold
> hardware wich no AES support and even then i doubt that you could mease
> something relevant
>
More information about the samba
mailing list