[PATCH] provide a common 'server role' handling across all of Samba
Andrew Bartlett
abartlet at samba.org
Tue Nov 15 14:42:31 MST 2011
Simo,
On IRC you asked for a chance to look over these changes early this
week.
As per our other discussion, there is no change to the resulting Samba3
behaviour with existing smb.conf files, and no functionality is lost.
This patch series is just to allow for either 'server role' or 'domain
logons/security/domain master' to be specified, removing a key issue for
folks running the samba-tool domain samba3upgrade tool, and to remove
warnings for folks running smbclient3 on a server configured for Samba4
DC operation.
Please let me know if you have any specific concerns, so I can help
address them.
Thanks,
On Thu, 2011-11-10 at 21:45 +1100, Andrew Bartlett wrote:
> I've been working with Amitay to sort out issues that our users have
> experienced when upgrading a Samba3 DC to Samba4. The biggest reported
> issues surround the fact that the Samba4 "server role" is not
> interpreted, leading to weird failures and error messages.
>
> This patch series creates a common handler for "server role", and
> automatically sets it based on security= when not specified.
>
> The reverse is also true, and security= is set from server role when
> required, with the default for both being unset matching the current
> default (a standalone server).
>
> There is a reasonable volume to the patches, so I just wanted to mention
> it here so folks are not surprised by the change, or confused into
> thinking that the default behaviour has changed (it hasn't).
>
> Documentation for "server role" is also included.
>
> For the curious, the patches are at:
> http://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/server-role
>
> Once these patches are in, I will look to alias "domain master" into a
> boolean "pdc emulator" parameter for Samba3 DCs, and reduce
> ROLE_DOMAIN_BDC/ROLE_DOMAIN_PDC to just ROLE_DOMAIN_CONTROLLER. I've
> only found 2 places in the code (nmbd domain master browser, and part of
> the SAMR server) that need to know about if we are actually a PDC, and I
> wish to contain that distinction to those two spots.
>
> Thanks,
>
> Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list