[Samba] Samba 3 + Win2k = Headache

Thu May 20 20:31:29 GMT 2004

>  From what I can gather, you've got
> 2003 AD doing user management
> RHEL for a (home) fileserver
> Clients of all flavors
> 
> Have you thoroughly investigated just using nfs and autofs to do home
> directory mounting and decided you can't use it for one reason or
> another?  What are those reasons?  You'd probably have less headache
> using nfs in a unix client - unix server environment, after all,
that's
> what NFS is good for.

Win2000 server, not 2k3... but essentially correct. NFS won't work
because since we're doing authentication through winbind, all of the
uid's are different on each linux client. We've tried loading the
Services for Unix on the server, and assigning UID's, then using the
idmap_ad as the idmap backend, but I'm actually not sure how it works,
so I can't thoroughly explore it (the documentation apparently doesn't
exist?). The only thing I can check is "getent passwd" which returns the
UID winbind came up with on its own (through its own methods... not from
AD).

Also, we are sharing files in a cross-platform environment... We needed
to have the same file space, using the same quota for all of the users
in the department. That's why Samba seemed like such a perfect fit.
Windows maps the user's home directory from the Samba server via SMB,
and the Linux users do the same. That's when the symbolic and hard link
problems come into play...

____________________________

Shannon Johnson
Network Support Specialist / Systems Administrator
Dept. of Mechanical and Nuclear Engineering
224 Reber Building
University Park, PA 16802
Phone: (814) 865-8267
____________________________

> -----Original Message-----
> From: Paul Gienger [mailto:pgienger at ae-solutions.com]
> Sent: Thursday, May 20, 2004 4:22 PM
> To: tms3
> Cc: Shannon Johnson; samba at lists.samba.org
> Subject: Re: [Samba] Samba 3 + Win2k = Headache
> 
> 
> >> I'm very open to suggestions... I've just about exhausted all the
> >> options I can think of... so if anybody has any advice, please let
me
> >> know.
> >
>  From what I can gather, you've got
> 2003 AD doing user management
> RHEL for a (home) fileserver
> Clients of all flavors
> 
> Have you thoroughly investigated just using nfs and autofs to do home
> directory mounting and decided you can't use it for one reason or
> another?  What are those reasons?  You'd probably have less headache
> using nfs in a unix client - unix server environment, after all,
that's
> what NFS is good for.  There may be some ldap solutions you can use
for
> that.  Maybe you'd have to script something to generate an autofs map
> periodically from AD's LDAP, but it seems like less headache than what
> you've got going on now.  I've done that for Solaris boxes that don't
> play nice with linux LDAP autofs trees, you can probably glean the
data
> from AD if you put it in right.  If I were you, I'd find a way to make
> NFS work, it's mature, and designed for exactly this.  Use samba for
> user translation between OSs, but don't use smb until you need to
> traverse OS families for filesharing.
> 
> I would suggest you keep to RH's kernel.  That's why you paid money
for
> RHEL, to get support.  If you do something like jump to another
> unsupported kernel you may as well go to Fedora (or another free
> distro).  RH backports some current kernel fixes and out-of-branch
> patches to their kernel to tune it for their purposes.  You may even
> have a pile of 2.6 code in your RHEL 2.4 kernel.
> 
> >> Shannon
> >>
> >> ____________________________
> >>
> >> Shannon Johnson
> >> Network Support Specialist / Systems Administrator
> >> Dept. of Mechanical and Nuclear Engineering
> >> 224 Reber Building
> >> University Park, PA 16802
> >> Phone: (814) 865-8267
> >> ____________________________
> >>
> >>
> >>
> >>
> >
> >
> >
> 
> --
> Paul Gienger                     Office:		701-281-1884
> Applied Engineering Inc.         Cell:
701-306-6254
> Information Systems Consultant   Fax:			701-281-1322
> URL: www.ae-solutions.com        mailto:pgienger at ae-solutions.com
> 
> 
> 
> -----------------------------------------
> The information contained in this message is privileged and intended
only
> for the recipient names. If the reader is not a representative of the
> intended recipient, any review, dissemination or copying of this
message
> or the information it contains is prohibited. If you have received
this
> message in error, please immediately notify the sender, and delete the
> original message and attachments.