[Samba] AD order of installation
Robert Moskowitz
rgm at htt-consult.com
Fri Sep 4 16:00:48 UTC 2015
On 09/04/2015 11:47 AM, Mark Foley wrote:
> Unless you are specifying by IP, NTP isn't going to resolve with e.g.
> 0.pool.ntp.org if you don't have DNS running. Personal Experience.
Good point. As I run on an armv7 with no battery rtc, I have to get
time sync going before doing practically anything. It much depends on
how your system resolves before local DNS is running. Typically
resolving works, or how would you get all the rpms or such installed
before configuring them?
> If you're using Samba's builtin DNS (I don't), then seems to me NTP should be
> last on your list.
Wiki says to have ntp for kerberos. So I think it needs to come before
that.
> Of course, ntp can temporarily resolve using /etc/resolv.conf until you get your
> DNS running. My issue was mostly an order of startup versus order of installation.
Way I expect things to work. Anyone documenting this on the wiki may
want to expand on this :)
thanks for your feedback.
>
> --Mark
>
> -----Original Message-----
>> To: sambalist <samba at lists.samba.org>
>> From: Robert Moskowitz <rgm at htt-consult.com>
>> Date: Fri, 4 Sep 2015 08:19:30 -0400
>> Subject: [Samba] AD order of installation
>>
>> I don't see the following at
>> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>>
>> There is an 'order' of installation for an AD. Some things must come
>> before others, some things can come when you may. Here is my take based
>> on what I have learned over the past weeks:
>>
>> OS installation (listed for completeness, even though this is a 'dah' item).
>> NTP time services
>> CUPS (seems to go anywhere, though)
>> Samba provisioning (this includes ldap and kerberos setup)
>> DNS with DLZ
>> Kerberos
>> DHCP/DHCP6
>> Adjust Samba configuration
>> Start Samba
>>
>> Do I have the order right? Have I left anything out?
>>
>> For a file server (which I have not tackled yet) it seems it would be:
>>
>> OS installation (listed for completeness, even though this is a 'dah' item).
>> Static IP config (could be fixed MAC dhcp provisioning?)
>> NTP time sync
>> CUPS (seems to go anywhere, though)
>> DNS entries on AD (automatic if MAC-based dhcp provisioning?)
>> Adjust Samba configuration
>> Start Samba
>> Join Domain
>>
>> This sort of information at the beginning of the documentation would
>> help a newbie to know what they are getting themselves into!
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>> From samba-bounces at lists.samba.org Fri Sep 4 08:25:56 2015
>> Return-Path: <samba-bounces at lists.samba.org>
>> X-Virus-Status: Clean
>> X-Virus-Scanned: clamav-milter 0.98.6 at mail
>> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.samba.org; s=78453942;
>> h=List-Id:Subject:Date:From:To; bh=Ct9pkpSJQJsva7R/VZzlT9U/2ttSltm5B1OQVSTucjY=;
>> b=r2JrQTR4mO1/qUbyd8Y0ABe/vbptQIwKLw9PK1kGWZjoXipEctjfAEMQoqNGqNDIGuS36H4jIEFXWo1OjD5SG6RG9vGPz/AaggiveroIb4DFwPpfvdK4kEAgKYV966EOMpRFaQAp1dzwoo7uF434+vdfJKy16YGdD3mhcFOMOX4=;
>> To: sambalist <samba at lists.samba.org>
>> From: Robert Moskowitz <rgm at htt-consult.com>
>> Date: Fri, 4 Sep 2015 08:19:30 -0400
>> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
>> Thunderbird/38.1.0
>> Subject: [Samba] AD order of installation
>> X-BeenThere: samba at lists.samba.org
>> X-Mailman-Version: 2.1.18
>> Precedence: list
>> List-Id: General questions regarding Samba <samba.lists.samba.org>
>> List-Unsubscribe: <https://lists.samba.org/mailman/options/samba>,
>> <mailto:samba-request at lists.samba.org?subject=unsubscribe>
>> List-Archive: <http://lists.samba.org/pipermail/samba/>
>> List-Post: <mailto:samba at lists.samba.org>
>> List-Help: <mailto:samba-request at lists.samba.org?subject=help>
>> List-Subscribe: <https://lists.samba.org/mailman/listinfo/samba>,
>> <mailto:samba-request at lists.samba.org?subject=subscribe>
>> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>> Errors-To: samba-bounces at lists.samba.org
>> Sender: "samba" <samba-bounces at lists.samba.org>
>> X-Spam-Status: No, score=0.0 required=3.0 tests=T_DKIM_INVALID,
>> T_RP_MATCHES_RCVD autolearn=ham version=3.3.2-_revision__1.14__
>> X-Spam-Report:
>> * -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
>> * domain
>> * 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
>> X-Spam-Checker-Version: SpamAssassin 3.3.2-_revision__1.14__ (2011-06-06) on
>> mail.hprs.local
>> Status: R
>>
>> I don't see the following at
>> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>>
>> There is an 'order' of installation for an AD. Some things must come
>> before others, some things can come when you may. Here is my take based
>> on what I have learned over the past weeks:
>>
>> OS installation (listed for completeness, even though this is a 'dah' item).
>> NTP time services
>> CUPS (seems to go anywhere, though)
>> Samba provisioning (this includes ldap and kerberos setup)
>> DNS with DLZ
>> Kerberos
>> DHCP/DHCP6
>> Adjust Samba configuration
>> Start Samba
>>
>> Do I have the order right? Have I left anything out?
>>
>> For a file server (which I have not tackled yet) it seems it would be:
>>
>> OS installation (listed for completeness, even though this is a 'dah' item).
>> Static IP config (could be fixed MAC dhcp provisioning?)
>> NTP time sync
>> CUPS (seems to go anywhere, though)
>> DNS entries on AD (automatic if MAC-based dhcp provisioning?)
>> Adjust Samba configuration
>> Start Samba
>> Join Domain
>>
>> This sort of information at the beginning of the documentation would
>> help a newbie to know what they are getting themselves into!
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
More information about the samba
mailing list