[Samba] remote site options

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Sep 10 13:57:45 UTC 2018

For 3 remote systems, it seems that adding a remote DC will be more work 
than it is worth. Sonicwall  UTM's make it pretty easy to set up 
site-to-site VPN connections even if only end has a static public 
IP.            I believe that the remote PC's would locate the domain 
controllers via DNS so you shouldn't have to worry about NBT or 
WINS.      The sonicwall's also include various IP Helpers (e.g. for 
relaying DHCP requests to a central DHCP server.)     I am sure that 
Cisco and other SOHO solutions offer similar functionality.         The 
hardware VPN approach is probably simpler than trying to build your own 
VPN server with OpenVPN.

Assuming the client PC's are caching logins - even if the VPN link does 
down  the remote users will still be able to login to their computers.

On 09/09/18 16:28, Reindl Harald via samba wrote:
> Am 09.09.18 um 21:52 schrieb Sonic:
>> On Sun, Sep 9, 2018 at 1:27 PM Reindl Harald via samba
>> <samba at lists.samba.org> wrote:
>>> Am 09.09.18 um 17:16 schrieb Sonic via samba:
>>>> Currently using Samba 4 as AD at the main site and would like the main site
>>>> AD to authenticate users at a remote site (about 3 systems). As I use my
>>>> domain management system from a remote location via VPN I know this works,
>>>> but the VPN may not be the lowest cost in terms of overhead.
>>> why?
>> Encryption overhead
> irrelevant, completly irrelevant
> i drive a forest of 365/24 openvpn instances termination on the same
> virtual machine where each endpoint connects a complete network which
> runs most of the day below 100 MHz
> sorry, but encryption don't matter these days except you have stoneold
> hardware wich no AES support and even then i doubt that you could mease
> something relevant

More information about the samba mailing list