Web lists-archives.com

Re: [Samba] remote site options




For 3 remote systems, it seems that adding a remote DC will be more work than it is worth. Sonicwall  UTM's make it pretty easy to set up site-to-site VPN connections even if only end has a static public IP.            I believe that the remote PC's would locate the domain controllers via DNS so you shouldn't have to worry about NBT or WINS.      The sonicwall's also include various IP Helpers (e.g. for relaying DHCP requests to a central DHCP server.)     I am sure that Cisco and other SOHO solutions offer similar functionality.         The hardware VPN approach is probably simpler than trying to build your own VPN server with OpenVPN.


Assuming the client PC's are caching logins - even if the VPN link does down  the remote users will still be able to login to their computers.



On 09/09/18 16:28, Reindl Harald via samba wrote:
Am 09.09.18 um 21:52 schrieb Sonic:
On Sun, Sep 9, 2018 at 1:27 PM Reindl Harald via samba
<samba@xxxxxxxxxxxxxxx> wrote:
Am 09.09.18 um 17:16 schrieb Sonic via samba:
Currently using Samba 4 as AD at the main site and would like the main site
AD to authenticate users at a remote site (about 3 systems). As I use my
domain management system from a remote location via VPN I know this works,
but the VPN may not be the lowest cost in terms of overhead.
why?
Encryption overhead
irrelevant, completly irrelevant

i drive a forest of 365/24 openvpn instances termination on the same
virtual machine where each endpoint connects a complete network which
runs most of the day below 100 MHz

sorry, but encryption don't matter these days except you have stoneold
hardware wich no AES support and even then i doubt that you could mease
something relevant



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba