Le 17/03/2015 11:25, Sven Schwedas a ?crit :> On 2015-03-17 11:13, S?bastien Le Ray wrote: > >> I'm sucessfully running a fileserver on it, just wanting to avoid issues >> in case of network link outage. > So your users, which cannot connect due to network link outage, won't be > prevented from logging in? Sounds like a splendid idea.My users will be able to open a session during network outage and access to files stored locally in the agency. Yes it seems a good idea to have people being able to work while connection with main site is down.> >> DC overhead shouldn't be that huge since it is only used uppon session >> opening (we can upgrade memory though) > Upgrade the memory and put DC and file server into separate VMs. It'll > save you a lot of headaches.The server isn't able to support virtualization. Now my question is about issues caused by running two samba instances on the same box using a chroot. If you don't know what these issues are, simply don't answer to the mail
Am 17.03.2015 um 11:40 schrieb S?bastien Le Ray:> Now my question is about issues caused by running two samba instances on > the same box using a chroot.They probably need two different IP addresses.
Yes, the interfaces/bind interfaces only part is obvious. I was wondering if there were other potential issues, mainly caused by NetBios & broadcasting Le 17/03/2015 11:50, Klaus Hartnegg a ?crit :> Am 17.03.2015 um 11:40 schrieb S?bastien Le Ray: >> Now my question is about issues caused by running two samba instances on >> the same box using a chroot. > > They probably need two different IP addresses. >
On 2015-03-17 11:40, S?bastien Le Ray wrote:> > > Le 17/03/2015 11:25, Sven Schwedas a ?crit : >> On 2015-03-17 11:13, S?bastien Le Ray wrote: >> >>> I'm sucessfully running a fileserver on it, just wanting to avoid issues >>> in case of network link outage. >> So your users, which cannot connect due to network link outage, won't be >> prevented from logging in? Sounds like a splendid idea. > > My users will be able to open a session during network outage and access > to files stored locally in the agency. Yes it seems a good idea to have > people being able to work while connection with main site is down. > >> >>> DC overhead shouldn't be that huge since it is only used uppon session >>> opening (we can upgrade memory though) >> Upgrade the memory and put DC and file server into separate VMs. It'll >> save you a lot of headaches. > The server isn't able to support virtualization. > Now my question is about issues caused by running two samba instances on > the same box using a chroot. > If you don't know what these issues are, simply don't answer to the mailOkay, let's recap: ? Old hardware with low RAM and no VT-x/AMD-V support (It's an x86 box with some Linux, right?) ? You have an existing domain ? And you want to add an DC on a second site to it Anything else you should have told us the first mail so nobody's time is wasted with suggestions that you already know beforehand to not work? E.g., already having evaluated winbind offline logon to attempt and solve this? -- Mit freundlichen Gr??en, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167 http://software.tao.at -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 648 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20150317/b71c14f9/attachment.pgp>
On 2015-03-17 11:50, Klaus Hartnegg wrote:> Am 17.03.2015 um 11:40 schrieb S?bastien Le Ray: >> Now my question is about issues caused by running two samba instances on >> the same box using a chroot. > > They probably need two different IP addresses.Most certainly, as host identification is DNS/IP based. And I'm not sure DCs can replicate through NAT directly, so both IPs/interfaces would need to be directly exposed. -- Mit freundlichen Gr??en, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167 http://software.tao.at -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 648 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20150317/c2fba1ea/attachment.pgp>
Le 17/03/2015 11:54, Sven Schwedas a ?crit :> Okay, let's recap: > > ? Old hardware with low RAM and no VT-x/AMD-V support > (It's an x86 box with some Linux, right?) > ? You have an existing domain > ? And you want to add an DC on a second site to it > > Anything else you should have told us the first mail so nobody's time is > wasted with suggestions that you already know beforehand to not work? > E.g., already having evaluated winbind offline logon to attempt and > solve this?Well, if you carefully read the first email, you'll see a precise question that asks for any special configuration to take in order to be able to run two instances of samba on the same box using a chroot. No question about "does this provide enhanced security", "is there any other option", "is my hardware high enough", "is it a good idea to let people work during a network outage", simply, "is it feasible/are there any caveat" According to documentation, winbind offline logon is only used with pam_winbind, that why it has been left apart (moreover it won't be able to let users not in cache to access files and there is no doc about cache lifetime, size, etc.)