Götz Reinicke
2012-Jul-06 11:55 UTC
[Samba] Suggestions? Multiple servers/storages one domain
Hi, currently we do have one samba3x-3.5.10-0.109.el5_8 RH EL 5.8 PDC authenticating by our central LDAP server. This PDS also hosts the central fileserver storage for all our +- 600 users, some group shares and roaming profiles. The clients are OS X, Win XP and Win 7. We hope to have all XP 'killed' by end of the year. Furthermore we do have a second stand alone samba server for some projects needing more space and with local smb users. As we think about splitting up the central PDC storage and setting up an other filestorage too, I was researching for the 'best' setup. I wanted to separate the two main user groups to use one server each, so the stuff members do get some more performance. But on the other hand I like to use our current setup as much as possible. So I hoped that there is some tutorial (there are so many ... :) luckily! ) which describes a setup like we are looking for. - We will still have one central LDAP and one domain to login. - If users belong to stuff, they have access to the profile and user files shared by the server 1 - If users belong to students, they have access to the profile and user files shared by the server 2 - Furthermore we do have a third/++ BIG FILES server whose shares can be accessed by users in an user group but authenticate as well by the PDC. May be someone can point me to some tutorials or can give other advises and suggestions? I cant buy new e.g. 10G server/storage hardware, but can use some 'old' some-core-lots-of-RAM-1G systems Thanks a lot and best regards . G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie Baden-W?rttemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: J?rgen Walter MdL Staatssekret?r im Ministerium f?r Wissenschaft, Forschung und Kunst Baden-W?rttemberg Gesch?ftsf?hrer: Prof. Thomas Schadt
Gaiseric Vandal
2012-Jul-06 13:48 UTC
[Samba] Suggestions? Multiple servers/storages one domain
File storage and user authentication are (sort of) separate issues. I would generally avoid true standalone servers, and still use the domain authentication model as much as possible. The additional servers can be member servers or backup domain controllers. I had trouble keeping user id mappings consistent on member servers (in my environment it is necessary that the id mapping is consistent between all domain controllers and key member servers.) I found it was easier just to make sure that my key storage servers were also domain controllers. This is only two machines . Each domain controller is also an LDAP server. The LDAP servers are configured for replication. Each domain controller therefore uses its own LDAP server for the samba back end. (Nt. I started with samba 3.0.x - newer releases may have simplified idmapping for member servers.) When you configure a samba user, you can specify the absolute path to their profile directory and home directory. #pdbedit -Lv thisuser ... Home Directory: \\server1\users\thisuser HomeDir Drive: X: Logon Script: logon.bat Profile Path: #pdbedit -Lv thatuser ... Home Directory: \\server2\users\thatuser HomeDir Drive: X: Logon Script: logon.bat Profile Path: I then use the login script to map the users home directory drive letter to the appropriate home share. E.g net use x: /delete /y net use x: %homeshare% I believe windows batch files should also have the option to do something similar to "if member of group then ...." if you want to have different drive mappings for different groups. I don't use profiles in my network. You need to make sure that each DC has the same logon script files. I also have a drive letter mapped to a top level Projects directory on one server. But then I use dfs links to redirect users to sub directories located on the 2nd servers. server1# cd /export/Projects server1# ls -ld * drwxrwx---+ 37 root group1 42 May 18 09:00 Project1 lrwxrwxrwx 1 root root 19 Feb 11 2011 Project2 -> msdfs:server2\Projects\Project2 On 07/06/12 07:55, G?tz Reinicke wrote:> Hi, > > currently we do have one samba3x-3.5.10-0.109.el5_8 RH EL 5.8 PDC > authenticating by our central LDAP server. > > This PDS also hosts the central fileserver storage for all our +- 600 > users, some group shares and roaming profiles. > > The clients are OS X, Win XP and Win 7. We hope to have all XP 'killed' > by end of the year. > > Furthermore we do have a second stand alone samba server for some > projects needing more space and with local smb users. > > As we think about splitting up the central PDC storage and setting up an > other filestorage too, I was researching for the 'best' setup. > > I wanted to separate the two main user groups to use one server each, so > the stuff members do get some more performance. > > But on the other hand I like to use our current setup as much as possible. > > So I hoped that there is some tutorial (there are so many ... :) > luckily! ) which describes a setup like we are looking for. > > - We will still have one central LDAP and one domain to login. > > - If users belong to stuff, they have access to the profile and user > files shared by the server 1 > > - If users belong to students, they have access to the profile and user > files shared by the server 2 > > - Furthermore we do have a third/++ BIG FILES server whose shares can be > accessed by users in an user group but authenticate as well by the PDC. > > > May be someone can point me to some tutorials or can give other advises > and suggestions? > > I cant buy new e.g. 10G server/storage hardware, but can use some 'old' > some-core-lots-of-RAM-1G systems > > Thanks a lot and best regards . G?tz > >
Daniel Müller
2012-Jul-09 07:30 UTC
[Samba] Suggestions? Multiple servers/storages one domain
Hi, it seems that your problem is more the "netlogon script" than the ldap/samba. The easiest way is to do it with the script. All user will logon to the same DOMAIN? Are the profile on Server 1 and Server 2 the same? Do you drbd or gluster them so they are identical? Greetings Daniel ----------------------------------------------- EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de ----------------------------------------------- -----Urspr?ngliche Nachricht----- Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von G?tz Reinicke Gesendet: Freitag, 6. Juli 2012 13:56 An: samba at lists.samba.org Betreff: [Samba] Suggestions? Multiple servers/storages one domain Hi, currently we do have one samba3x-3.5.10-0.109.el5_8 RH EL 5.8 PDC authenticating by our central LDAP server. This PDS also hosts the central fileserver storage for all our +- 600 users, some group shares and roaming profiles. The clients are OS X, Win XP and Win 7. We hope to have all XP 'killed' by end of the year. Furthermore we do have a second stand alone samba server for some projects needing more space and with local smb users. As we think about splitting up the central PDC storage and setting up an other filestorage too, I was researching for the 'best' setup. I wanted to separate the two main user groups to use one server each, so the stuff members do get some more performance. But on the other hand I like to use our current setup as much as possible. So I hoped that there is some tutorial (there are so many ... :) luckily! ) which describes a setup like we are looking for. - We will still have one central LDAP and one domain to login. - If users belong to stuff, they have access to the profile and user files shared by the server 1 - If users belong to students, they have access to the profile and user files shared by the server 2 - Furthermore we do have a third/++ BIG FILES server whose shares can be accessed by users in an user group but authenticate as well by the PDC. May be someone can point me to some tutorials or can give other advises and suggestions? I cant buy new e.g. 10G server/storage hardware, but can use some 'old' some-core-lots-of-RAM-1G systems Thanks a lot and best regards . G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie Baden-W?rttemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: J?rgen Walter MdL Staatssekret?r im Ministerium f?r Wissenschaft, Forschung und Kunst Baden-W?rttemberg Gesch?ftsf?hrer: Prof. Thomas Schadt
Possibly Parallel Threads
- Mysql 5.6, Centos 7 and errno: 24 - Too many open files
- suggestions for a "fast" fileserver - 1G / 10G
- Mysql 5.6, Centos 7 and errno: 24 - Too many open files
- Mysql 5.6, Centos 7 and errno: 24 - Too many open files
- dovecot upgrade 1.0.7 -> 2.0.14 / CentOS EL 5.7