Success: Samba4 AD DC on a fresh domain with 250+ clients

Jelmer Vernooij jelmer at samba.org
Wed Mar 14 16:39:53 MDT 2012 

On Thu, Mar 15, 2012 at 10:37:15AM +1300, Andrew Walters wrote:
> The wiki for Samba4 asks for "brave" testers to report success/failure to the Samba Technical failing list, so here I am. 

> I'm happy to report I have successfully rolled out a fresh Active Directory domain to a primary school consisting of 250+ client PCs with Samba as the sole domain controller and file server. There are couple of Windows Server 2003 member services doing a few specific tasks (AV distribution, print queues, remote desktop...) but the core of the network is Samba/AD. 

> My configuration was inspired by the "Franky" guides, although I separated the Samba3 and Samba4 instances completely. On CentOS 6, I have the standard distro-supplied Samba-3 packages, along with a locally compiled Samba4 installed completely within its own folder structure to keep it and its components separate from Samba3. 

> Each is configured to listen on a separate service IP address and have different names, although both reside on the same server. 

> The Samba 3 instance is functioning as a domain member server, doing the job of file server, in the domain controlled by the Samba 4 instance, which is dedicated to AD domain control and nothing else besides the netlogon share. 

> Samba 4 is Alpha 17, because that was my starting point when I began testing it, and because it works :) 
> Samba 3 is CentOS 6.2 standard v3.5.4.68.el6_0.2. 
> Clients are all Windows XP. Group Policy is working well (although the MS Active Directory Users and Computers MMC snapin does crash from time to time). 
> I have the local DHCP server handle dynamic DNS updates as this plus the odd manual update turned out to be easier than getting a custom build of BIND to work. 

> My next challenge is to migrate over a Samba 3 + LDAP domain to AD at another school. I see there's discussion about doing this in the list archives and will give this a read. 

> Thanks heaps for providing such an awesome tool. I'm looking forward to the final release of Samba 4 but am thrilled to be able to have an AD domain working in the meantime! Now I can accommodate Windows 7 clients properly. 
Thank you very much for taking the time to write to us about this. This is really nice
to read.

Cheers,

Jelmer

More information about the samba-technical mailing list