[Samba] what architecture is required for having a samba working ?

Daniel Müller mueller at tropenklinik.de
Thu Apr 7 07:23:47 MDT 2011

Hi again,

Try samba4 it can gpos even with windows 7, tested in production.

Read about: "HOWTO samba4 centos5.5 named dnsupdate drbd simple failover"
this list

Perhaps it can point you the way.

Good Luck
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de

-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Valéry Roché
Gesendet: Donnerstag, 7. April 2011 15:11
An: samba at lists.samba.org
Betreff: [Samba] what architecture is required for having a samba working ?

Hi list,

Some years ago, here at University of Poitiers, we used something called
Netware. But it was 
expensive, so it was decided to abandonned it : some services migrated to
samba and OpenLDAP, and 
others migrated to Windows Server.

So now, Win7 is coming, and unfortunately we can't use Samba2 anymore. So
the solution should be to 
use Samba3, wich supports Win7.

But (yes there is always a but) : we won't have the possibility to use AD
features like GPOs, wich 
are THE thing that our local administrators are asking for (and this
explains why some of them 
migrated to WinServer).
By abandonning Netware, we lost the confort of managing a tree of our
computers and users, this is a 
bad thing.

Our environment is very heterogeneous, an it seems hard to change some of
our sensible services like 
DNS (local DNS is operated by a Windows Server 2003 machine) or LDAP (yes we
use LDAP for all 
informations about our users).

So here is my question : is it possible to integrate a Samba4 server in this
environement that could 
be used as AD server. I thought we could join some Samba3 to this AD in
order to use our LDAP 
authentication service.

I'm making some tests with virtual machines, Samba4 works fine, it's
possible to join computers to 
the domain, but GPOs are not working on Win7 (but working on WinXP) : why ?
Is it because I don't 
run Bind9 on the samba4 and try to refer to our Win2003 DNS based service ?
When playing with the console (running under Win7), I sometimes have a
message indicating some 
inconsistancies with the AD server.

It seems kerberos doesnt work too : "Cannot contact any KDC for requested
realm: unable to reach any 
KDC in realm". Can't find any suitable configuration example.

I don't know where to search for informations, as I can't find any more
useable informations about 
my problems. I'm afraid that if we can't make Samba4 working as a global AD
we will soon switch to a 
global M$ infrastructure...

Below the configuration files I'm using :

*--- /usr/local/samba/etc/smb.conf ---*

# Global parameters
         server role = domain controller
         workgroup = MONONOKE
         realm = sci.univ-poitiers.fr
         netbios name = GHIBLI
         setup directory = setup/

         path =
         read only = No

         path = /usr/local/samba/var/locks/sysvol
         read only = No

*--- /etc/krb5.conf --- *

         default_realm = sci.univ-poitiers.fr
         dns_lookup_realm = false
         dns_lookup_kdc = false
         default_etypes = des-cbc-crc des-cbc-md5
         default_etypes_des = des-cbc-crc des-cbc-mb5

         proxiable = true
         ticket_lifetime = 24h
         debug = false
         ticket_lifetime = 36000
         renew_lifetime = 36000
         forwardable = true
         krb4_convert = false

           kdc = ghibli.sci.univ-poitiers.fr
           admin_server = ghibli.sci.univ-poitiers.fr
           default_domain = ghibli.sci.univ-poitiers.fr

         ghibli.sci.univ-poitiers.fr = SCI.UNIV-POITIERS.FR

         sci.univ-poitiers.fr = SCI.UNIV-POITIERS.FR

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list