To release Samba 4.0 'as is'

[Arvid Requate]

Hello,

Quoting post by Andrew Bartlett sent 01.12.2011
> On Thu, 2011-12-01 at 12:12 +0100, Kai Blin wrote:
> > On 2011-12-01 11:46, Andrew Bartlett wrote:
> > > The problem is that the only smbd that works with Samba4 AD is the
> > > smbd in master (to get the pdb_samba4 and auth_samba4 hooks, and
> > > the correct version of the named pipe auth protocol).
> > 
> > No, again not what I said. As far as I understood the Univention
> > folks, if they want a file server, they deploy a Samba 3.x server. If
> > they want an AD server, they deploy s4AD, and don't use it as file
> > server as far as possible. I don't see how you need master to support
> > smbd running on a different machine.
> 
> That is what I would recommend, however it is not how I read Metze's
> description of the Univention setup:
> https://lists.samba.org/archive/samba-technical/2011-November/080624.html

On Samba4 DCs we run the smbd from git-master/source3 as a separate process 
with passdb backend samba4, offering sysvol as well as traditional file and 
print services.

On Memberservers we run the 3.5.11 smbd (avoiding some bugs in 3.6.x).

For single server setups file and print can be served by the smbd running on 
the Samba4 DC but for higher stability demands we recommend providing 
additional file and print services on a memberserver.

IDmap maintenance on the Samba4 DCs is done automatically based on the posix 
IDs that are stored in an OpenLDAP directory. This automation gets triggered 
by  our S4 Connector process that synchronizes Samba4 objects with OpenLDAP 
objects. An NSS ldb module for the idmap would have been an option too.

Cheers,
Arvid Requate

-- 
Arvid Requate
Open Source Software Engineer

Univention GmbH
Linux for your business
Mary-Somerville-Str.1
28359 Bremen
Tel. : +49 421 22232-0
Fax : +49 421 22232-99

requate at univention.de
http://www.univention.de

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876