[Samba] Running Samba 3 as PDC

[Christian Merrill]

Irene Sakellarakis wrote:

> I am investigating options for using Samba 3.0.7.2.FC1 (Red Hat Fedora 
> Core 1 basic installation, currently updating via yum) as a primary 
> and only domain controller. We have a Windows user environment, and 
> I'm trying to connect the user machines (XP fully patched as of this 
> writing) to the samba domain but keep getting one of 2 errors: 1) 
> "authentication failed", when I use the (smb) administrator account 
> and password; 2) "user not known" when using the root account.
>
> I've created the users (both unix and samba), mapped my groups, edited 
> admin groups with the right entries). Frankly, I'm at a loss as to 
> whether this is even feasible, realistically.
>
> I've searched the various groups online but any reference I find to 
> this type of setup is with pre-W2k clients and Samba 2.* versions. All 
> the discussions I've found pertaining to 3.0 and W2k/XP are only 
> documenting existing problems similar to mine with no responses to 
> those threads.
>
> Is it possible (at this point "advisable" has been thrown out the 
> window by higher-ups) to get this functioning as a complete 
> replacement to a Windows200* server environment? The official HowTo 
> seems to hint at it, but I find little or no actual instruction on the 
> matter.
>
> Thanks much, in advance,
> Irene

It is doable -- could you post your /etc/samba/smb.conf?  As to whether 
or not it is advisable as a replacement for a Win2k environment there 
are a few things to take into consideration:

1. Samba3 cannot act as an Active Directory DC
2. If you want any failover you will need to have an LDAP backend
3. Fedora Core is not supported -- you might wish to consider moving to 
a supported OS (RHEL, SusE, Solaris etc.)
4. Staff needs to have the appropriate *nix/Samba skills to administer 
the environment

Christian