[K12OSN] Improving speed an availability

Brian Chivers brian at portsmouth-college.ac.uk
Fri Sep 16 11:00:11 UTC 2005 

I'm trying to improve the speed of our samba 3 servers also increasing the availabilty. At the 
moment we have a central Samba 3 server running as our PDC with an LDAP backend, this is running OK. 
We also have several other Samba 3 servers that hold thing like our shared area, Admin area & AVA 
resources.

This is what we have in the [global] section at the mo

[global]
    netbios name = sigma2
    server string = Admin Area
    netbios aliases = sigma admin
    password server = rho2
    password level = 0
    workgroup = tangier
    username map = /etc/samba/smbusers
    security = domain
    preferred master = no
    local master = no
    domain master = false
    log file = /var/log/samba/%m.log
    max log size = 1000
    socket options = TCP_NODELAY SO_RCVBUF=8192
    map to guest = never
    null passwords = no
    encrypt passwords = yes
    unix password sync = no
    dns proxy = no
    oplocks = yes
    default = global
    os level = 18
    printer admin = @ntadmin, root, administrator
    load printers = no
    add machine script =
    domain logons = no
    ldap suffix = dc=portsmouth-college,dc=ac,dc=uk


The problem we have is that when all the students try to login as the start of each lesson things 
slow down and the others servers timeout after 10000 milliseconds so the relevent drives don't map. 
During normal times things are OK. The severs are setup with security set to Domain and password 
server set to the PDC.

What I was thinking of doing is setting up LDAP on each of the servers and setting them up as slaves 
to replicate the master server. I've read the section on High Availability on the MESD/K12Linux 
website and I was going to base the setup on this. I'd then configuring Samba one each server to use 
it's local LDAP as the password backend, effectively making each server a Standalone but with a 
common base for users & passwords.

I think the [global] section of the smb.conf would look something like this

[global]

workgroup = TANGIER
netbios name = shared
server string = Samba Server %v
max log size = 100000
security = user
encrypt passwords = yes
obey pam restrictions = No
log level = 0
syslog = 0
mangling method = hash2
dos charset = 850
unix charset = ISO8859-1
passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = eth0,eth1,lo
local master = no
os level = 18
domain master = no
preferred master = no
passdb backend = ldapsam:ldap://127.0.0.1/
   ldap admin dn = cn=Manager,dc=portsmouth-college,dc=ac,dc=uk
   ldap suffix = dc=portsmouth-college,dc=ac,dc=uk
   ldap group suffix = ou=Groups
   ldap user suffix = ou=Users
   ldap machine suffix = ou=Computers
   ldap idmap suffix = ou=Users
   ldap delete dn = Yes

This would then give me 3 backup LDAP servers, a bit over kill I know but will hopefully make things 
zip along.

This is just an idea at the mo *grin*

Has anyone tried anything like this ?
Can anyone see any problems ?

Brian Chivers
Portsmouth College

---------------------------------------------------------------
    The views expressed here are my own and not necessarily 
                the views of Portsmouth College

More information about the K12OSN mailing list