[Samba] several offices: home dirs, local resources, ...
Kris Lou
klou at themusiclink.net
Mon Nov 21 18:06:49 UTC 2022
Another (potentially simpler, but less secure?) way of dealing with this
might be some sort of split-horizon DNS:
* Point your clients at a different (internal, per site) DNS Server (DNS-A)
* Have this DNS Server (DNS-A) refer samdom.tld requests to your AD-DC, and
all others upstream.
* Configure specific CNAME overrides and redirections on DNS-A, i.e.
fs.samdom.tld to site1-fs.samdom.tld
This way, your DC only handles AD-related DNS queries, but requests to
fs.samdom.tld should never get that far.
I've done this with site-specific fileshares, and also routing traffic over
a VPN instead of over the public internet.
Kris Lou
klou at themusiclink.net
>
More information about the samba
mailing list