Re: Small/Medium scale SAMBA

To: <debian-user@lists.debian.org>
Subject: Re: Small/Medium scale SAMBA
From: "nate" <debian-user@aphroland.org>
Date: Fri, 7 Mar 2003 09:41:35 -0800 (PST)
Message-id: <[🔎] 50311.10.10.10.7.1047058895.squirrel@webmail.linuxpowered.net>
In-reply-to: <[🔎] 20030307155535.GE14752@oddprocess.org>
References: <[🔎] 20030307155535.GE14752@oddprocess.org>

Matthew Daubenspeck said:

> Can Samba handle this kind of client load? It would be mainly for basic
> file/sharing and print spooling...

samba can handle more SMB traffic then most anything availble. The
limitations would be the underlying OS. I think Linux is middle to
lower end of the pack when it comes to SMB performance. The best
samba record I remember reading about was on IRIX. 900 clients is a lot
but it depends on what those 900 clients are doing, really. This kind
of question is more suited for a samba mailing list. And you need to
provide a lot more detail.

and of course you can have multiple PDCs(unlimited number really) in
a NT domain. The 1 PDC/domain was a MS limitation, which isn't copied
by samba. Since all PDCs share the same LDAP backend there is never
any synch issues.

>
> The next question would be the user administration setup. I know in a
> perfect world, LDAP would probably be best. After some preliminary
> research, LDAP kind of makes my head spin... But Rome wasn't built in a
> day either...

I spent about 30-45 hours writing a near step-by-step LDAP howto,
if you follow it word-for-word you should be able to be up and
going in a few hours:
http://howto.aphroland.de/HOWTO/LDAP

It is complex, it took me many months to get that information through
brute force learning. But it really is the best solution.

Your biggest problem may be file permissions. Neither samba nor
samba-tng(as far as I know) support Domain group-based file permissions,
everything is based on unix groups/users. Unix users typically can
be a member of a maximum number of 32 groups. You can get "around" this
by using filesystem acls, but even then I think many acls are limited
to 1024 bytes per file or something. So if you have very fine grained
access for files then, samba may not be the best for you should you
want to maintain that level of access.

Now if you have existing Novell/NT servers with domain group file
permissions, using samba-tng you can keep those, it's been a year since
I used samba and it did not support domain groups at the time, samba-tng
does. It's just that file shares residing on UNIX systems running samba
don't support domain groups in the file permissions(in shares defined
in smb.conf)

> I started googling some possibilities, but haven't come up with a whole
> lot to point me in a direction. Is anyone using something similar, that
> can point me in a few specific directions?

my LDAP howto should get you goin I think..I have read reports of samba-tng
and samba being used in networks with as many as 15,000 accounts so
I'm certain it's possible.

nate

Reply to:

Follow-Ups:
- Re: Small/Medium scale SAMBA
  - From: Mark Roach <mrroach@okmaybe.com>

References:
- Small/Medium scale SAMBA
  - From: Matthew Daubenspeck <matt@oddprocess.org>

Prev by Date: Re: hosts.(allow|deny)
Next by Date: Re: recurring error in exim's log
Previous by thread: Re: Small/Medium scale SAMBA
Next by thread: Re: Small/Medium scale SAMBA
Index(es):
- Date
- Thread