[plug] Network Opinions

Mark B mark at tophits.com.au
Mon Jul 18 12:12:38 WST 2005 

>What I want it to do:
>What I want to happen is that one user will logs into a machine (any
>machine, I don't want them confined to a single point, I want them to
>be able to have the same access and settings and desktop and all that
>jazz whichever machine they log onto) they automatically get all that
>info I just mentioned, as well as somehow map the save point (i.e. My
>Docs) to the server, but without having a problem with network
>connectivity dropping out and causing it to freeze the folder mapped
>to the server is still open.

    I may get alot of flame for this one, but out of experience I would
recommend placing either a Windows 2000 or Windows 2003 server in place to
handle file/active directory/VPN.  Reason I say this is because Samba is a
reverse engineered application, handling Roaming Profiles/Mapped
Drives/Permissions under Samba is a mission and a half and you will
encounter problems.  However stating that I have set it up and it works like
a charm, how ever it ended up costing the client much more than a Windows
server setup.

>I want the Fileserver to act as a DHCP server, serving out the range:
>10.232.55.100-10.232.55.199
>I want each user to have different permissions.  i.e.  Group: users
>can access only their own files and the common area.
>Group:Administrators can access all files.

    I have found using Active Directory as a central authentication server
much easier to administrate, face it, if the clients are Windows, so should
be the Server.  You will be able to manage group policies to handle
permissions and mapping drives.  Another reason I would choose Windows 2k+
as server would be the feature of Remote Installation Services, once you get
a PC with all the applications you want installed, you can basically
replicate a machine, saves installing same programs over and over - huge
time saver.

> plan to administer via Webmin.
>need a VPN setup for the Laptop to be able to use it from home over a
>DSL connection.

    With the VPN solution, you could use openvpn and such applications, or
just NAT GRE protocol to the Windows machine, and let Active Directory
manage it.  Also install Terminal Services, Every business owner and
director want access to their documents and emails from home, and if you're
able to provide them with a Remote Desktop Service icon on their laptop
it'll put a huge smile on their face.  If you are going to choose to use
OpenVPN do remember when they access the documents it has to download it
over the Internet, there desktop won't be the same, and so forth.

    I suppose this is how you would want your network to look like:


Internet --- (eth0) Linux Router (eth1) --- DMZ (webserver and mail)
                                    (eth2)
                                       |
                                       |
                                 [Switch] --- Win Server
                                       |
                           [Internal Network]


(i hope that turns out in mailing list)

Anyway, flame away,

Kind Regards,

Mark Blah.
http://www.dnstheplanet.com/

More information about the plug mailing list