feasible w/ samba?
JohnsoBS at vicksburg.navy.mil
JohnsoBS at vicksburg.navy.mil
Mon Oct 18 09:45:48 PDT 2004
> -----Original Message-----
> From: stheg olloydson [mailto:stheg_olloydson at yahoo.com]
> Sent: Monday, October 18, 2004 6:38 PM
> To: freebsd-questions at freebsd.org
> Cc: bsilver at chrononomicon.com
> Subject: Re: feasible w/ samba?
>
>
> it was said:
>
> >What this would essentially be attempting to achieve is to
> have a way
> >for a geographically spread out network allow people to
> easily access
> >their home directories and shares no matter where they logged using
> >local servers acting as time-delayed proxies...all the user login
> >information, user home directory data, user shared data
> >directories...it's a lot of duplicated information out there, but it
> >would fix the problem with authentication and home directory
> >information being temporarily inaccessible when a link is
> down between
>
> >building locations. No matter what building they were in,
> they would
> >have access to that building's copy of their home directory;
> the next
> >day, logging into a different building, they'd get their information
> >again.
>
> Hello,
>
> What you have here is a hardware, not software, problem. The
> root cause
> is the unreliable connectivity between buildings. To ensure
> all network
> resources are always available, use redundant fiber-optic connections
> and set your routing such that you can reach buildingX from buildingY
> via buildingZ, as well as directly.
> Then you can (although it may be heresy on this list) avoid
> using FBSD.
> Your simplest solution is to use Windows built-in Roaming
> Profiles. The
> feature exists to accomplish the exact task of making the user's
> resources (including desktop config) available on the login
> workstation.
> Doing things this way has to benefits your proposed solution does not.
> First, you guarantee all net segments are reachable at all
> times, which
> is the root of your problem. This solves that problem and prevents
> future ones being caused by this. Second, admin is greatly simplified.
> Your way requires too many bits that need looking after. The long-term
> cost of this solution will be greater than running the fiber.
> Finally, you should look into Kerberos for a single sign-on solution.
> Windows and AD both support it.
>
> HTH,
>
> Stheg
>
Samba has support for roaming profiles and works quite well. Also,
integration
with ldap and kerberos is pretty well documented and allows for a single
point
of authentication. Not quite a full blown Active Directory solution, but
would
more than accomplish all that is wanted.
More information about the freebsd-questions
mailing list