[K12OSN] Improving speed an availability
Brian Chivers
brian at portsmouth-college.ac.uk
Fri Sep 16 11:00:11 UTC 2005
I'm trying to improve the speed of our samba 3 servers also increasing the availabilty. At the
moment we have a central Samba 3 server running as our PDC with an LDAP backend, this is running OK.
We also have several other Samba 3 servers that hold thing like our shared area, Admin area & AVA
resources.
This is what we have in the [global] section at the mo
[global]
netbios name = sigma2
server string = Admin Area
netbios aliases = sigma admin
password server = rho2
password level = 0
workgroup = tangier
username map = /etc/samba/smbusers
security = domain
preferred master = no
local master = no
domain master = false
log file = /var/log/samba/%m.log
max log size = 1000
socket options = TCP_NODELAY SO_RCVBUF=8192
map to guest = never
null passwords = no
encrypt passwords = yes
unix password sync = no
dns proxy = no
oplocks = yes
default = global
os level = 18
printer admin = @ntadmin, root, administrator
load printers = no
add machine script =
domain logons = no
ldap suffix = dc=portsmouth-college,dc=ac,dc=uk
The problem we have is that when all the students try to login as the start of each lesson things
slow down and the others servers timeout after 10000 milliseconds so the relevent drives don't map.
During normal times things are OK. The severs are setup with security set to Domain and password
server set to the PDC.
What I was thinking of doing is setting up LDAP on each of the servers and setting them up as slaves
to replicate the master server. I've read the section on High Availability on the MESD/K12Linux
website and I was going to base the setup on this. I'd then configuring Samba one each server to use
it's local LDAP as the password backend, effectively making each server a Standalone but with a
common base for users & passwords.
I think the [global] section of the smb.conf would look something like this
[global]
workgroup = TANGIER
netbios name = shared
server string = Samba Server %v
max log size = 100000
security = user
encrypt passwords = yes
obey pam restrictions = No
log level = 0
syslog = 0
mangling method = hash2
dos charset = 850
unix charset = ISO8859-1
passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = eth0,eth1,lo
local master = no
os level = 18
domain master = no
preferred master = no
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=portsmouth-college,dc=ac,dc=uk
ldap suffix = dc=portsmouth-college,dc=ac,dc=uk
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap delete dn = Yes
This would then give me 3 backup LDAP servers, a bit over kill I know but will hopefully make things
zip along.
This is just an idea at the mo *grin*
Has anyone tried anything like this ?
Can anyone see any problems ?
Brian Chivers
Portsmouth College
---------------------------------------------------------------
The views expressed here are my own and not necessarily
the views of Portsmouth College
More information about the K12OSN
mailing list