Henrik Zagerholm wrote:
As I remember the winbind offline is something different and won't be
a substitute for a member server.
I really haven't had the time yet to look into this new mode but would
be interested in any findings you make.
You are already using kerberos correct?
What is your security setting in smb.conf?
Dear Henrik,
I did not use Kerberos yet, my configuration is very simple.
Do you think I should use it ?
What is windbind offline mode ? If I understand well is more a client
feature
than a server feature, right ?
I join the domain with:
#> net rpc join -S myserver.mydomain -U Administrator%password
and my smb.conf is:
[global]
workgroup = MYDOMAIN
server string = File server for Office 2
encrypt passwords = true
password server = myserver.mydomain
netbios name = office2_fs
security = DOMAIN
show add printer wizard = No
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
winbind use default domain = Yes
winbind cache time = 3600
use sendfile = Yes
printing = cups
printcap name = cups
enhanced browsing = No
client schannel = no
local master = No
domain master = No
load printers = yes
Cheers
12 okt 2006 kl. 07:01 skrev Guillaume Riviere:
Henrik Zagerholm wrote:
11 okt 2006 kl. 07:03 skrev Guillaume Riviere:
Dear all Samba list,
I'm currently facing some little problem with samba, I search for
advices on
our offices architecture. This is what we have:
- We got 2 offices with "unstable" ADSL connection (sometime more
that 5 connections shutdown a day)
- We use a VPN and our 2 offices are on the following internal
subnets:
Office 1: 10.0.0.0/24
Office 2: 10.0.1.0/24
There is no firewall restrictions between the 2 offices with the VPN.
- The Office 1 got a ADS Server 2003 (ads_office1) and a Debian/
Sarge with Samba 3.0.23C file server (fs_office1), all is ok,
working very well
- The Office 2 got only a Debian/Sarge Samba 3.0.23c file server
(call it fs_office2) connected to the remote VPN ADS 2003. This server
is in a DOMAIN security mode (because I read that the ADS security
mode is currently not so stable)
Where did you read that? :)
All my users (Windows XP SP2 only) must be in the same ADS network
(Exchange service, sharing of file, internet access control)
We face multiple problems is with the second office, each time we
got a disconnection, we have to re-join the domain, restart
samba and winbind, also this Office 2 cannot access to the file
server in a disconnected mode (some time no internet in this
office for a whole day)
So, I would like your advice on the following questions:
- Do we have to change the server fs_office2 to a Microsoft 2003
server, is this the best solution ?
- Do Samba can configure itself to use a cache system or a domain
duplication or a domain master in ADS 2003?
is there solution to make samba deliver locally the credential in
case of networks
disconnection ? is it stable to go on this solution ?
Pure ADS member with AD replication is not available inte the SAMBA
3 branch yet. SAMBA 4 is supposed to handle this but is currently
only in TP4 pre alpha stage and should only be used in testing
purposes.
If yes (I hope), how to do this, what is the est architecture, the
best samba configuration ?
Unfortunately I think that the best solution is to have a W2003 at
the second office also until SAMBA 4 is stable but hopefully some
more experienced samba users have another idea. :)
Thanks in advance,
Regards,
Guillaume
Cheers,
henrik
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Dear Henrik, Dear All,
What about the new offline mode in winbind (in 3.0.23) ? can it solve
the problem ?
do I need to install pam and kerberos for this ?
Regards,
Guillaume
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
* Guillaume RIVIERE*
IT Projects Manager *www.vsl.com* <http://www.vsl.com>
Phone: +84 8 8 10 68 17
Mobile: +84 90 95 38 9 00
Fax: +84 8 8 10 68 18
Email: [EMAIL PROTECTED] <Mailto:[EMAIL PROTECTED]>
*VSL IT Center*
R-212, E-town building, 364 Cong Hoa Street, Ward 13, Tan Binh District
Hochiminh City - Vietnam
--------------------
Any data and information contained in this electronic mail are personal,
confidential and secret. Any total or partial publication, use or
distribution must be authorized.
If you are not the good addressee, we ask you not to read, copy, use or
disclose this communication. Please notify this error to the sender and
erase at once this communication from your system.
All views or opinions expressed in this electronic message are those of
the sender and do not necessarily reflect the views of VSL International
Ltd or its subsidiaries.
--------------------
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
