> Hi > > I'm currently running a RedHat 9 (which means Samba 2.2.7) on a DELL > server. The hardware should be fine to handle the load for the whole > school, which comprises about 200 - 250 users. (This server is currently > controlling the Samba "domain" for one of the former schools). > So, anyway, from my reading of the doco so far, it would seem that > we could integrate the Unix box one of two ways: > > . Upgrade it to Samba 3, and have it join the Win 2003 domain. > Since the only access we're supporting into the box is SMB, > we don't need to worry about setting or syncing the Unix password. > > I still need some way to create the underlying unix account though, > preferably with consistent, rather than randomly assigned uids/gids. > > I could use normal Unix commands to manually create the Unix accounts, > but since I have previously set up an OpenLDAP box and made accounts > on it for everyone, I could probably homebrew some sort of > web-based makeuser script, and point NSS at it. > > . leave it on Samba 2.2.7, leave it off the whole domain thingo, > set security=server and point the password server at one of > the AD boxes, and touch wood. > > Even if we don't have 2 passwords and password syncing, we still > have a small issue of having 2 sets of accounts, and needing to > create/delete accounts in 2 places. If you were living in northern Germany, I would invite you to come to my site, so we could discuss that with a working setup at hands. I am running at this school a setup with a PDC (1GHz HP, 1GB RAM) and a BDC (similar, but P4) with a user base of about 7000. Only about 1500 are active users, as user-accounts are created by a perl script, 40 accounts per class. Every user has of course his/her own homedirectory and as far as I know, all users are more satisfied with this network as they were before (Netware, W2k Advanced Server). We had a license of w2k advanced server and I am glad that I never gave it a try, though I never had set up a samba-PDC before (I just told them it was no problem :-)) I am just about to switch completely to samba3.0.1pre1 (I know it's not for productive, but we don't produce here anything ;-) ) and it seems to be worth it for the smaller load concerning ldap. The CPU-load wasn't a problem, but I always had to have an eye on it, sometimes it was at 100%, as many users log in at the same moment in school-environments. In my Opinion masses of accounts are better handled by some scripts than by GUI and I find it easier to write those scripts on unix. Further more, OpenLDAP is better documented and more standard-conformant, its easier to extend it with my own schemas (For problem-reporting and management, login-script storage) plus standard schemas for mail-routing. Difficulties with samba will occour, but they do as well with Windows whatsoever, be it 2000, XP or 2003. Actually, few people here know that the servers are running Linux/Samba...
Sincerely, Malte Müller -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba