I do technical support and admin for a local school, currently they have a Win 2003 server and about 40 or 50 XP machines, plus about 10 laptops.

We're mulling over the possibility of going Linux in the not-too-distant future, next upgrade cycle.

The setup at the moment is a simple windows domain, centralised storage of files etc. Laptops sync files when they connect to the network to allow work when offline.

I'm very familiar with Linux, but have not set up a system line this before.

So, what we'd need to achieve is:
Addition and management of users on the server, affecting whole network - not management of users on client machines.
/home/user mounted from server.
Automatic syncing of laptop $HOME to/from server. Data stored locally, but synced to server on logout (and synced from on login).

Minimal/easy setup of client machines.

The clients are likely to run Ubuntu, server may run Ubuntu server or Debian, but that's not a worry, server could run anything really.

Any help/advice, pointing to resources/projects will be greatly appreciated, but please don't suggest thin clients, if we do this we'll want to make use of the hardware we've got and not lay out for more (we have reasonably new/powerful desktops, and a reasonably underpowered server).

Cheers

You'll probably need to start with automated installation (preseed, or Kickstart for RH-based systems) and a management service. If you can automate installation of clients with the necessary software, so that they register themselves with the management system as soon as they are installed, then you are most of the way there. Using Red Hat Network or Landscape for Ubuntu is obviously easier than setting up your own management system with Puppet; I haven't had the experience to be able to judge how effective the hosted services from the distribution vendors are.

Unfortunately, Windows currently has better handling of both portable networked systems and user identity/authentication than Linux. You may find it easier to treat the laptops as a special case.

Probably the first place to look is the Red Hat world, specifically their Fedora Directory Server and FreeIPA projects. RH developers are doing a lot of work on authentication that isn't being ported or packaged for Debian and Ubuntu (I guess because few volunteer developers are interested in this area). Look/ask specifically about "cached credentials" - there was a PAM module for letting systems use a cached copy of network user credentials whilst offline, but I don't know what the current state of that is. You can put together network single-signon with the standard LDAP and Kerberos services provided with all Linux distributions if you are able to spend some time on it, but you need credential caching for the laptops to work with the single sign-on.

If the laptops are issued to specific users you may be able avoid the credential caching issue by compromising and creating a local account for the user that matches their network account.

Once you have an LDAP service and have enabled NFS file sharing of the server home directories you can run an "automounter" on the clients so users on the workstations automatically get their server home directory.

The laptop file sync issue is an ugly problem on all platforms. When I worked on a Windows admin team we actually ended up disabing Offline Files because it there were too many gotchas for us to comfortably support it. Novell's iFolder may be the best solution.

Thanks very much for that detailed and informative reply, you've given me plenty to research.

As for laptop syncing, I'm inclined to agree, we've had problems with the windows version, and I'm thinking of disabling off-line files too. It seems much more sensible to simply require users to deliberately take a copy of a file they wish to use on either their laptop, or a USB drive.

Cheers.