Hello everyone,
We have COS 6.6 Pro running on our main site. We have a satellite site connected via a Layer 3 VPN tunnel on the same subnet. Apparently the Layer 3 VPN and a single subnet is required to get a NT domain to work (it won't span subnets unless you have replica servers or something).
Each site has its own DHCP server (without overlapping addresses) but all shares, the domain controller, home folders, etc. reside on the COS server at the main site.
I was thinking about adding another COS server at the satellite site and configuring it as a LDAP slave.
Would I be able to have separate subnets (192.168.0.x, 192.168.1.x?) at each site?
Would computers at the satellite site be on the Windows domain?
Would I be able to add computers to the domain from the satellite site?
Could I have separate shares at each site?
Would computers from either site be able to access the other sites shares?
Could I convert an existing COS 6.6 server LDAP from Standalone to Master?
What COS subscription would I require for the satellite site (Community, Lite, etc)?
What is the best practice for this scenario?
Thank you in advance for your help.
Kevin
We have COS 6.6 Pro running on our main site. We have a satellite site connected via a Layer 3 VPN tunnel on the same subnet. Apparently the Layer 3 VPN and a single subnet is required to get a NT domain to work (it won't span subnets unless you have replica servers or something).
Each site has its own DHCP server (without overlapping addresses) but all shares, the domain controller, home folders, etc. reside on the COS server at the main site.
I was thinking about adding another COS server at the satellite site and configuring it as a LDAP slave.
Would I be able to have separate subnets (192.168.0.x, 192.168.1.x?) at each site?
Would computers at the satellite site be on the Windows domain?
Would I be able to add computers to the domain from the satellite site?
Could I have separate shares at each site?
Would computers from either site be able to access the other sites shares?
Could I convert an existing COS 6.6 server LDAP from Standalone to Master?
What COS subscription would I require for the satellite site (Community, Lite, etc)?
What is the best practice for this scenario?
Thank you in advance for your help.
Kevin
Share this post:
Responses (2)
-
Accepted Answer
Would I be able to have separate subnets (192.168.0.x, 192.168.1.x?) at each site?
- Yes, this is best practice to not have overlapping sites. If you are conducting a bridge over VPN then you will end up killing your bandwidth with broadcasts.
Would computers at the satellite site be on the Windows domain?
- All computers can be part of a Windows domain if they have access to at least one domain controller (even if that domain controller is on a separate subnet.) If you don't have a domain controller on each subnet with a valid WINS server (NT4 style domains) then you will need to have directives to point the WINS domain 1E record to the proper server. You can often accomplish this with a modification of the lmhosts.sam file on the client workstation (by reusing the 'rhino' example record.)
Would I be able to add computers to the domain from the satellite site?
- Yes, you can do that now. It's easier with a domain controller on the satellite and best practice too since the workstation will not be able to log in a user (except under a cached account) if the VPN is down.
Could I have separate shares at each site?
- Yes.
Would computers from either site be able to access the other sites shares?
- All, depending on the stability of the VPN and the group permissions on the share.
Could I convert an existing COS 6.6 server LDAP from Standalone to Master?
- Yes.
What COS subscription would I require for the satellite site (Community, Lite, etc)?
- Account synchronization comes included with ClearOS Professional Lite and better. I think you can purchase it ala carte on Community. This will make it so you can set up a slave LDAP. If you have a slave LDAP server, it will configure as a BDC.
I would suggest getting a subscription that comes with support. It sounds like you may need some additional assistance when it comes time for your implementation. ClearOS Standard comes with mail/chat support and Premium comes with phone support. You'll likely end up talking to me if you call about Samba questions. -
Accepted Answer
Thanks for the quick response Dave,
I'll buy another license. I wonder if I get get it prorated to expire with our other one.
One question ... in the link you provided (for COS 5.5) the file "/etc/cleardirectory/config" does not exist on our COS 6.6 system. Do I create this folder and file or is the file someplace else?
Thanks again.
Kevin
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »