Hi people: I've been using Samba for a long time with some "basic" features like Samba working as a PDC, integrated with OpenLDAP, being a print server, among others, for a small number of "almost controlled" users (no more than 30 or 50 users).
But now I'm interested to implement a Windows domain using Samba for a University with 6000-8000 users distributed through several VLANs, subnets, offices in a medium/big campus. I'd like to avoid using a propietary solution like Windows 2008 with ADS so I'd like to know some suggestions like these: Policies: ======= - How well can Samba manage policies for workstations? - Is it easy or safe to apply and/or remove policies from workstations? - What kind of things can I allow or deny from succeding in workstations using policies? For example: could I avoid users from changing the IP address of the workstation? Could I set a fixed wallpaper or internet explorer proxy settings to workstations? Scalability ======== In a big scenario like the previous i mentioned: - How many BDCs would be needed? Is it enough to have 1 PDC and severals BDCs? - Is it possible to have multiple PDCs of the same domain each one being in a different VLAN? or, what's the right approach in terms of structure-architecture to implement PDCs and BDCs? Backend ======= Definitely I plan to use OpenLDAP as backend but, similar to the previous question about BDCs: how many Master/Slave OpenLDAP servers do you think it would be necessary? It could be 1 BDC+OpenLDAP (slave or master) for each office or VLAN? Compatibility: =========== - I know that are some procedures to join Windows 7 to Samba domain, I did this before successfully. Do you know -maybe- of another possible compatibility problem that you suggest I can be prepared for? - If after some time (weeks, months or years) I plan to replace this Samba based domain to Windows 2k ADS domain: is it possible to do this migration without problem? it isn't necessary to reinstall all the domain and rejoin all the workstation? Technically I can investigate how to implement each of these features (policies, BDCs, openldap, etc...) but before taking a decision like this i would like to have some suggestions of people that have done similar implementations before. This help it would be excellent for me, I hope some one can help. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
