- What specs should we use for UCS Core if we only going to use it for authentication only? & authentication+roaming Profiles?
- And how would we use Roaming Profiles for Linux Ubuntu 16.04, 19.04 (we will be upgrading soon) are there scripts etc.
- How would we join servers to the domain to use for authentication for all admins? I remember when I tested Samba 4.0 Alpha there was a likewise application that you would use for Linux Servers.
Hi,
welcome here.
First item: You mean hardware specs? Obvious answer: that depends… 
Depends on the number of users you will have in your domain. For small business you could be fine with a minimum of 4GB. But I would expect not to be enough when using profiles on the same server. So I would suggest to have at least 8GB of memory, but more is fine! CPUs: at least two cores of some sort of more-or-less up-to-date ones. And depending on the requested speed use SSD in RAID1.
Second: Roaming Profiles is most common the term of Windows, as they indeed “roam” (because they are copied every logon to the local computer) while in Linux we would recommend to use server based shares. Simply create a NFS shre on /home and let your Linux client mount as local /home, too. Just one item to consider: have your Linux Client use the same user database (“join” it to the domain).
Third: What servers are you talking about? Linux (non-UCS) servers? Do you have Windows clients (which would imply to use Samba)? If not you do not need Samba at all. For Ubuntu workstations there is our Ubuntu Join which you might want to check and reconfigure to be used for serves, too?
Otherwise just give some more details about what you want to archieve.
/CV
Hi @Christian_Voelker
Thanks for the quick reply.
Firstly: We looking at using UCS as our SSO, so all users in our environment ±1500 and growing. We have UCS as a VM in our cluster so to upgrade the ram and CPU’s would not be a problem.
Secondly: On Roaming Profiles, I just though of if a users pc breaks and we have RP enabled it would be easy for the user to get another laptop and carry on working until the old one is fixed. I would want the same for Linux, but as you mentioned I can use NFS share and mount it every time a user logins to linux desktop (ubuntu desktop) (is there a script that I can test with or can you point me in the right direction?)
We have Windows Servers 2016, 2012 but they would join fine to the domain. My issue is the linux servers, I am familiar with the Univention Domain Join app we used it on the Ubuntu 16.04 laptops we joined to the domain.
Third: Normal Linux Servers (web, DB etc) in our Cluster, e.g CentOS 6.9, 7 and Ubuntu 16.04, 18.04 LTS Servers.
The ideal goal is to have UCS set-up and working form day one, yes we have to look at finishing the AD structure after but thats the goal.
Hi,
for your clients question how to mount NFS home automatically on startup, use search (hint: /etc/fstab).
Your Windows server can join only as memeber servers, not as DCs! They will not be able to act as authentication server…
In case you want a Linux server to be available for authentication I would strongly recommend to install additional UCS servers then…
For your additional servers this depends on what you want. If it is just authentication for services bind your services to LDAP without the need of joining the domain…
/CV