I am in the process of buying a business with a small peer to peer network with 10 computers. To improve the safety of the network I plan to impliment a client/server network with Linux servers and Windows clients. Since I will be moving the business in the next year or so and will be hosting web, email, file, and application servers, my plan is to keep my server rack in my home basement and connect to the office via VPN. Will there be problems loading roaming profiles or anything else for that matter across the VPN tunnel? I would assume that big corporations have a more distributed network but do I need it in my case?
WAN questions
- Thread starter Black6
- Start date
At present I would be looking at 10 users, all with email and a point of sale/project management software. There will also be some scanned documents and project photos stored in the pos/pm software database. Users will be authenticated against an open directory. For connection I'm looking at 8mb down 768k up. I'm looking for reasonable scalability as the intent is to eventually open 3-4 branch offices in nearby cities with a total number of users in the 50 range.
tlarkin
VIP Member
You should look at mobile home directories. Which is what we deployed on our network. Since we have about 6,000 laptops at my work, and they are mobile, we knew they would go outside our network often. So, we have what is called mobile home directories. The user, when inside our network synchronizes their home directory completely to the local machine. Then outside the network if they can't authenticate against the directory server, their home directory is completely sync'd so they will just authenticate locally instead, and voila you have the mobility and the control of network home directories with mobile users.
I am going to assume your client machines are windows? My suggestion would also require them to synchronize at least once with in the network. It will store all the user and authentication information on the machine locally.
VPN will be very slow.
Then, if you wanted to open up branches across town you can set up replicants of your Directory servers in each building, and then have those sync with the master. This would require a lot more bandwidth than you have right now just to let you know. We have 200 meg pipes out to each building and sometimes it may take a few seconds to sync to each buildings ODR from the ODM.
I am going to assume your client machines are windows? My suggestion would also require them to synchronize at least once with in the network. It will store all the user and authentication information on the machine locally.
VPN will be very slow.
Then, if you wanted to open up branches across town you can set up replicants of your Directory servers in each building, and then have those sync with the master. This would require a lot more bandwidth than you have right now just to let you know. We have 200 meg pipes out to each building and sometimes it may take a few seconds to sync to each buildings ODR from the ODM.
Last edited:
Mobile directories are definitely something to take a look at as there are some laptops now and a large portion of the growth in the network will be laptops.
You are correct in your assumption that the clients are Windows. When we upgrade the next time I may go Linux as I like the reliability, lack of viruses, and price. There is also the benefit of lack of knowledge of most users so they won't be trying to "fix" things.
It sounds like with the bandwidth requirement that at least for now I may be better off locating my servers onsite.
You are correct in your assumption that the clients are Windows. When we upgrade the next time I may go Linux as I like the reliability, lack of viruses, and price. There is also the benefit of lack of knowledge of most users so they won't be trying to "fix" things.
It sounds like with the bandwidth requirement that at least for now I may be better off locating my servers onsite.
tlarkin
VIP Member
Well, we have 1 ODM in our central office and 5 ODRs at each main building. All ODRs are bound to the ODM and fully synchronized. So, if I create a user at Building C, it will sync up to the ODM in the central office and then back down to all the other Replicants, however keeping the home directory in the building that they are from. Synchronizing across town can take some time and we filtered it so it only syncs documents, and does not sync music files or movie files.
We run Apple OS X and Unix, and I really like the switch from Windows personally.
We run Apple OS X and Unix, and I really like the switch from Windows personally.
That sounds like an excellent idea to keep the home directory in the user's home building and not syncing music and movie files. I've noticed that home directories seem to fill up with a lot of junk that doesn't apply to the business. I was also reading on the Samba site that it's a good idea to map "my documents" to a shared drive to reduce the size of the profile.
How did the switch from Windows go? Were users able to adapt quickly? I'm a pretty big fan of Linux and open source software such as open office.
How did the switch from Windows go? Were users able to adapt quickly? I'm a pretty big fan of Linux and open source software such as open office.
tlarkin
VIP Member
Well we used to run all windows clients with windows and novell servers, which still do exist. I work for a public school system, and we decided to deploy a 1:1 student:laptop deployment at the highschool level.
We went with apple, so I manage 6000 macs, with most of them being macbooks, along with 20 xserves, and some desktops here and there.
Now, we just slapped the macs in here and made them work on their own, then added AFP to the Netware and Win2k3 servers, and of course enabled smb on the clients that needed it for windows file sharing.
Everything authenticates against Apple's OD. We exported user information from an enrollment system to XML and then imported into LDAP on the Apple side. All in all, I think it went rather smooth with all things considered. We had a consultant helping us though, who really knew his stuff.
We also use the JAMF casper suite to manage them remotely, which is another really awesome product.
We went with apple, so I manage 6000 macs, with most of them being macbooks, along with 20 xserves, and some desktops here and there.
Now, we just slapped the macs in here and made them work on their own, then added AFP to the Netware and Win2k3 servers, and of course enabled smb on the clients that needed it for windows file sharing.
Everything authenticates against Apple's OD. We exported user information from an enrollment system to XML and then imported into LDAP on the Apple side. All in all, I think it went rather smooth with all things considered. We had a consultant helping us though, who really knew his stuff.
We also use the JAMF casper suite to manage them remotely, which is another really awesome product.