On Tue, 2006-01-31 at 10:36 -0600, Steve wrote:> Dear Samba Team:
>
> I work as a systems engineer in the US for a growing publishing company.
>
> I have been charged with doing some research that will allow us to put
> together an infrastructure for our company.
> Currently we have a isolated Windows 2003 on AD domain. My manager, for
> personal and financial reasons would like to avoid having our other
> locations, across the United States, be Microsoft. The nature of our
> business has lead most of our users' systems to be Macintosh and we
have
> many server systems that are Linux (Red Hat). We will have over 100
> locations all within the states within a year or two.
This does seem to be the ideal environment in which to deploy a
non-microsoft server solution.
> With this background you can probably guess my interest in Samba.
> However, while I'm familiar with Microsoft servers and OS, my knowledge
> of SMB and CIFS is limited.
> To converse bandwidth and improve user request/response times we would
> like to have all authentication done locally, even though we may only
> have one domain and many OUs or subdomains.
One option is to deploy Samba3 backed with OpenLDAP. You could put a
replica LDAP server at each site.
> Having looked and researched your website and reading about your latest
> release (two days old), it does seem like Samba is working hard to
> incorporate the AD technology. Since we are not in an immediate hurry
> at this time we have no experimented with 4.0.0, since you clearly state
> it's a ways away from being ready for production.
We also don't have a replicated solution yet, and if your main clients
are Mac and Linux, perhaps the AD areas are not as much a key
requirement.
> Once the bugs are fixed and patched will you believe that Samba would be
> able to meet our vision of how we would like our network to work. One
> Microsoft DC running 2003 Active Directory, and many subdomains, or OUs
> with a Linux box taking care of all local traffic authentication, and
> file sharing. The Linux box will need to replicate and communicate with
> the DC running AD.
I think this will eventually be possible, and certainly Samba4 is in a
better position to do this than Samba3.
> I realize this may be premature, and not very detailed. This plan is
> somewhat in a gray area at this time, and we are simply trying to get
> some preliminary research done. If this is not the correct address or
> form in which to ask questions of this nature, I do apologize, and if
> you can respond with the proper address or link to the proper form I
> would appreciate it very much. In addition any further research
> material or links regarding your software would be very helpful. Thank
> you for your time.
I certainly hope to create in Samba4 a great centralised logon server
for Windows, Mac and Linux clients. However this will take time and,
you may wish to look at solutions around Samba3 and a more traditional
LDAP+Kerberos setup.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20060201/6e22fe59/attachment.bin