Guillaume Riviere
2006-Oct-11 05:11 UTC
[Samba] Architecture VPN and Samba with ADS 2003 help needed
Dear all Samba list, I'm currently facing some little problem with samba, I search for advices on our offices architecture. This is what we have: - We got 2 offices with "unstable" ADSL connection (sometime more that 5 connections shutdown a day) - We use a VPN and our 2 offices are on the following internal subnets: Office 1: 10.0.0.0/24 Office 2: 10.0.1.0/24 There is no firewall restrictions between the 2 offices with the VPN. - The Office 1 got a ADS Server 2003 (ads_office1) and a Debian/Sarge with Samba 3.0.23C file server (fs_office1), all is ok, working very well - The Office 2 got only a Debian/Sarge Samba 3.0.23c file server (call it fs_office2) connected to the remote VPN ADS 2003. This server is in a DOMAIN security mode (because I read that the ADS security mode is currently not so stable) All my users (Windows XP SP2 only) must be in the same ADS network (Exchange service, sharing of file, internet access control) We face multiple problems is with the second office, each time we got a disconnection, we have to re-join the domain, restart samba and winbind, also this Office 2 cannot access to the file server in a disconnected mode (some time no internet in this office for a whole day) So, I would like your advice on the following questions: - Do we have to change the server fs_office2 to a Microsoft 2003 server, is this the best solution ? - Do Samba can configure itself to use a cache system or a domain duplication or a domain master in ADS 2003? is there solution to make samba deliver locally the credential in case of networks disconnection ? is it stable to go on this solution ? If yes (I hope), how to do this, what is the est architecture, the best samba configuration ? Thanks in advance, Regards, Guillaume
Henrik Zagerholm
2006-Oct-11 05:28 UTC
[Samba] Architecture VPN and Samba with ADS 2003 help needed
11 okt 2006 kl. 07:03 skrev Guillaume Riviere:> Dear all Samba list, > > I'm currently facing some little problem with samba, I search for > advices on > our offices architecture. This is what we have: > > - We got 2 offices with "unstable" ADSL connection (sometime more > that 5 connections shutdown a day) > - We use a VPN and our 2 offices are on the following internal > subnets: > Office 1: 10.0.0.0/24 > Office 2: 10.0.1.0/24 > There is no firewall restrictions between the 2 offices with the VPN. > > - The Office 1 got a ADS Server 2003 (ads_office1) and a Debian/ > Sarge with Samba 3.0.23C file server (fs_office1), all is ok, > working very well > - The Office 2 got only a Debian/Sarge Samba 3.0.23c file server > (call it fs_office2) connected to the remote VPN ADS 2003. This server > is in a DOMAIN security mode (because I read that the ADS security > mode is currently not so stable)Where did you read that? :)> > All my users (Windows XP SP2 only) must be in the same ADS network > (Exchange service, sharing of file, internet access control) > We face multiple problems is with the second office, each time we > got a disconnection, we have to re-join the domain, restart > samba and winbind, also this Office 2 cannot access to the file > server in a disconnected mode (some time no internet in this > office for a whole day) > > So, I would like your advice on the following questions: > > - Do we have to change the server fs_office2 to a Microsoft 2003 > server, is this the best solution ? > - Do Samba can configure itself to use a cache system or a domain > duplication or a domain master in ADS 2003? > is there solution to make samba deliver locally the credential in > case of networks > disconnection ? is it stable to go on this solution ?Pure ADS member with AD replication is not available inte the SAMBA 3 branch yet. SAMBA 4 is supposed to handle this but is currently only in TP4 pre alpha stage and should only be used in testing purposes.> > If yes (I hope), how to do this, what is the est architecture, the > best samba configuration ?Unfortunately I think that the best solution is to have a W2003 at the second office also until SAMBA 4 is stable but hopefully some more experienced samba users have another idea. :)> > Thanks in advance, > Regards, > GuillaumeCheers, henrik> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba