[Samba] General Samba Questions

Greg Folkert greg at gregfolkert.net
Thu Jan 6 17:02:29 GMT 2005


On Wed, 2005-01-05 at 23:21 -0500, john.debella at teradyne.com wrote:
> Hi,
> 
> We've been having lots of issues with our Linux based Samba servers since 
> the Windows domains have migrated to AD. We were hoping and expecting 
> that, at least in the short term, we could run in "mixed" mode and not 
> have to make any changes to our Samba servers. However, things just aren't 
> working well. Also, I've posted several issues to this list over the last 
> several weeks and many of the issues I've encountered have gone 
> unresolved.
> 
> So, the question(s) I have is what is the recommended/suggested Samba 
> version and configuration we should consider deploying in an 
> infrastructure running with Windows 2003 servers and AD? We are running 
> primarily RedHat 9 and RedHat ES 30 and a majority of our Samba servers 
> are currently running 3.0.7 with some running 2.2.7a, (both of which are 
> RedHat's distributions). We've had all kinds of problems varying from 
> intermittent "password server not available" issues, to smbd locking up 
> and most recently having problems changing a server from server to domain 
> security style. Interestingly, (or maybe not), none of these problems 
> existed prior to the AD upgrades........
> 
> I'm considering making an effort to go full ads mode on the samba servers, 
> however, I've also seen that others have had issues doing this. 
> 
> I'm open to suggestions.

You must make sure you use MIT Kerberos v1.3.4+ (1.3.[0|1|2|3] seemed
intermittent to me). Winbind... this is the pivotal piece that needs to
work properly.

If everything else fails except winbind, thats a wonderful start.
If everything works except for winbind, that will be an uphill battle,
at least it has been for me doing remote samba installs where I have to
rely on others to "fix" W2K3 domains and perms and such. Most of the
time they fudge it up... or don't really trust Samba due to it being
"Shareware" (yes I know it isn't)

Work on getting a simple test environ (if possible) and try Samba in
full ADS mode. (no mixed mode) Hammer it and make it work. Then apply
your knowledge to a limited production server. The deploy once all the
"issues" are resolved. 

I also want to heavily suggest samba 3.0.8 or after... really 3.0.10 as
of now. 
-- 
greg, greg at gregfolkert.net

The technology that is
Stronger, better, faster: Linux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050106/5217de57/attachment.bin


More information about the samba mailing list