[Samba] Our success story with samba4

Lukasz Zalewski lukas at eecs.qmul.ac.uk
Mon Oct 25 02:42:43 MDT 2010

On 10/25/2010 08:31 AM, Michael Wood wrote:
Hi Michael,
> On 25 October 2010 08:45, Daniel Müller<mueller at tropenklinik.de>  wrote:
>> Hi,
>> besides nsd it is possible to make dynamic update work with bind on centos
>> 5.5.
> Yes, sure.  It's just that bind configuration seems to be a
> significantly difficult part of getting Samba 4 working (many people
> seem to have trouble with it) so I was wondering if nsd was any
> better.
> I am using bind, but I don't really need dynamic DNS updates because I
> am only using Samba 4 for authentication of services on a couple of
> servers.  i.e. no workstations.  Static IPs.  No machines
> joining/leaving etc.
This was our reasoning for switching to nsd (as we run nsd for other 
services). We do have machines joining/leaving, but the ip's and names 
are static so the records can be generated beforehand.
> Since I have bind working, I am not looking to switch to nsd.  I was
> just wondering why Lukasz chose it, but I suppose they were using it
> already, before implementing Samba 4.
We started with bind and it was all working (RHEL 6 beta), but when we 
switched to CentOS 5 the bind was not new enough. We wanted to avoid 
needles manual builds of bind (in general any packages) and keep 
everything packaged. (In saying that i had to build ldap module for 
python 2.6 to get the import from ldap script working)


>> -----Ursprüngliche Nachricht-----
>> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
>> Auftrag von Lukasz Zalewski
>> Gesendet: Freitag, 22. Oktober 2010 21:55
>> An: Michael Wood
>> Cc: samba at lists.samba.org; samba-technical
>> Betreff: Re: [Samba] Our success story with samba4
>> On 22/10/2010 19:52, Michael Wood wrote:
>> Hi Michael,
>>> Hi Lukasz
>>> On 19 October 2010 11:12, Lukasz Zalewski<lukas at eecs.qmul.ac.uk>    wrote:
>>>> Hi all,
>>>> This message is a testament to the great work samba team has done, but
>> its
>>>> also an encouragement to those of you that still not sure if samba4 will
>>>> work in your environment.
>>>> This semester we have moved from samba 3.0.X DC to samba4 DC for
>> students,
>>>> and things are working great
>>>> The move was predominantly driven by switching from Windows XP to Windows
>> 7
>>>> desktop platform (but also by a need for proper group policy).
>>>> Our setup is quite simple and includes:
>>>> One samba4 DC (running on centos 5.5 x64) with nsd dns backend
>>> [...]
>>> Do you have dynamic DNS updates working with nsd?  Using Kerberos?
>>>   From clients too or just with the samba_dnsupdate script?
>> Nope, AFAIK nsd can't do ms style dynamic updates (its the one bundled
>> with Centos 5.5). We decided to go for static dns (we have only one s4
>> DC), which is composed of the bind config file generated by s4 provision
>> (nsd can use bind config files, but TXT records have to be quoted for
>> some reason) and all other records generated from database.
>>> How was it to set up compared to bind?
>> Besides not setting up dynamic updates, quite easy (I think easier than
>> bind). As mentioned earlier, it supports bind config syntax (but TXT
>> records have to be quoted).

More information about the samba-technical mailing list