[Samba] samba4 + ubuntu 10.0.4

[Daniel Müller]

On Mon, 16 Aug 2010 15:47:56 +0200, felix at deetman.da.ru wrote:
> I have samba4 (installed from package 4.0.0~alpha8+git20090912-1)
running
> on my Ubunut 10.0.4 Lucid server. For anyone to replicate this, install
> samba4, import the DisplaySpecifiers from source and edit
> /usr/lib/python2.6/dist-packages/samba/provision.py to contain the right
> setup path;
> 
> $ vi /usr/lib/python2.6/dist-packages/samba/provision.py
> # In source tree
> # ret = os.path.join(dirname, "../../../setup") <----- change this ret =
> os.path.join(dirname, "/usr/share/samba/setup") <--- to this or equiv
> 
> this will generate the initial setup as described in the howto.
According
> to the reported bugs in the package there are some complains about
> operational.so missing but this does not seem to be trival in the
> functioning. Also the setup option "server role = 'domain controller'"
> seems to report errors (also when running testparm) but it needs this
> option for the krb server to run. According to the howto you'll now have
> to setup bind9, when including files in the bind config files make sure
to
> update the apparmor profile of named with the right files. Also make
sure
> the created files contain your Lan address and not localhost. For some
> reason the bind9 refuses to start with the tkey-gssapi-credential and
> apparomor running so for now the profile needs to be disabled unless
> anyone can tell me what external files named needs to access when it
runs
> with this option. When this is done you should be able to log on to the
> domain and administer it trough the AD snap in.
> 
Hello, 
perhaps my tread can help you: Re: [Samba] WG: HOWTO samba4 centos5.5
named dnsupdate drbd simplefailover
It is not ubuntu but should work similar.

Good luck
Daniel



> Adding user trough the snap in won't work as it is complaining about the
> password policy, also adding users trough the 'net ads user add' command
> won't work. The correct way of adding a user is done like this;
> $ cd /usr/share/samba/setup
> $ sudo ./newuser USERNAME
> You will be prompted to enter a password for the user, by issuing the
> command;
> $ sudo net ads user list -UAdministrator
> You'll be able to list the domain users, managing these users can be
done
> trough the AD snap in including the group policy configuration.
> 
> When using folders for user content such as roaming profiles it seems
the
> group of the linux folder should be set to 'users' and given write
> permissions or else it won't be possible to create the folders when
> logging in for the first time. The problem with this is that users are
> able to see each others profile folders and access them. Perhaps anyone
> can help me with this?
> 
> Keep up the good work!
> Felix