[Samba] Samba with multiple domains with LDAP backend

Santiago DIEZ santiago.diez at quark-systems.com
Sat Feb 26 16:43:44 MST 2011 

Hi Lorenzo,

I just finished configuring multiple domains on one server (debian + samba).
I also had the IP issue and solved it with only one network card.
The idea is to create as many aliases as you need (eth0:0 is an alias for
eth0).

my */etc/network/interfaces* file:

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
        address 192.168.1.254
        netmask 255.255.255.0
        gateway 192.168.1.1
auto eth0:0
iface eth0:0 inet static
        address 192.168.1.253
        netmask 255.255.255.0
        # no gateway for aliases
auto eth0:1
iface eth0:1 inet static
        address 192.168.1.252
        netmask 255.255.255.0
        # no gateway for aliases
...

It is also important to change the */etc/hosts* file:
127.0.0.1      localhost.localdomain localhost
192.168.1.254  server1.domain1 server1
192.168.1.253  server2.domain2 server2
192.168.1.252  server3.domain3 server3
...

I'd be happy to share issues and successes.

B
---
*Santiago DIEZ
Directeur
*+33 6 37 90 81 98
+33 9 70 44 77 87




On Thu, Feb 24, 2011 at 11:08 PM, Lorenzo Milesi
<lorenzo.milesi at yetopen.it>wrote:

> > You should create a distinct smb.conf for each domain.  You will want
> > to
> > allocate a unique IP on your server for each domain.  You will want
> > to
> > allocate a unique ldap toplevel container for each domain.  You will
> > need to
> > run separate instances of smbd (and nmbd and winbindd ) for each
> > domain-
> > you can specify the config file that you want.
>
> I found a couple of documents, including the following [1], which describe
> the setup with multiple smb.conf file, but it won't mention the multiple IP
> need.
> it looked strange to me that multiple instances of smbd could bind to the
> same port... so I see why some other docs exposed the request you did.
>
> [1]
> http://www.linuxforums.org/articles/setting-up-samba-pdc-for-multiple-domains_329.html
>
> > It may be easier, depending on what you are doing, to create separate
> > virtual machines (e.g. with Vmware ESX)  for each domain and truly
> > isolate each samba domain.
>
> It was the first idea we got, but I'd rather not pursue it if I can,
> because that would mean administer [security updates, and so on] three
> different servers.
>
> Thanks
>
> --
> Lorenzo Milesi - lorenzo.milesi at yetopen.it
>
> YetOpen S.r.l. - http://www.yetopen.it/
> Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY -
> Tel 0341 220 205 - Fax 178 6070 222
>
> GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it
>
> -------- D.Lgs. 196/2003 --------
>
> Si avverte che tutte le informazioni contenute in questo messaggio sono
> riservate ed a uso esclusivo del destinatario. Nel caso in cui questo
> messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo
> senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena
> possibile.
> Grazie.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list