[Samba] what architecture is required for having a samba working ?
Daniel Müller
mueller at tropenklinik.de
Thu Apr 7 07:23:47 MDT 2011
Hi again,
Try samba4 it can gpos even with windows 7, tested in production.
Read about: "HOWTO samba4 centos5.5 named dnsupdate drbd simple failover"
this list
Perhaps it can point you the way.
Good Luck
Daniel
-----------------------------------------------
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Valéry Roché
Gesendet: Donnerstag, 7. April 2011 15:11
An: samba at lists.samba.org
Betreff: [Samba] what architecture is required for having a samba working ?
Hi list,
Some years ago, here at University of Poitiers, we used something called
Netware. But it was
expensive, so it was decided to abandonned it : some services migrated to
samba and OpenLDAP, and
others migrated to Windows Server.
So now, Win7 is coming, and unfortunately we can't use Samba2 anymore. So
the solution should be to
use Samba3, wich supports Win7.
But (yes there is always a but) : we won't have the possibility to use AD
features like GPOs, wich
are THE thing that our local administrators are asking for (and this
explains why some of them
migrated to WinServer).
By abandonning Netware, we lost the confort of managing a tree of our
computers and users, this is a
bad thing.
Our environment is very heterogeneous, an it seems hard to change some of
our sensible services like
DNS (local DNS is operated by a Windows Server 2003 machine) or LDAP (yes we
use LDAP for all
informations about our users).
So here is my question : is it possible to integrate a Samba4 server in this
environement that could
be used as AD server. I thought we could join some Samba3 to this AD in
order to use our LDAP
authentication service.
I'm making some tests with virtual machines, Samba4 works fine, it's
possible to join computers to
the domain, but GPOs are not working on Win7 (but working on WinXP) : why ?
Is it because I don't
run Bind9 on the samba4 and try to refer to our Win2003 DNS based service ?
When playing with the console (running under Win7), I sometimes have a
message indicating some
inconsistancies with the AD server.
It seems kerberos doesnt work too : "Cannot contact any KDC for requested
realm: unable to reach any
KDC in realm". Can't find any suitable configuration example.
I don't know where to search for informations, as I can't find any more
useable informations about
my problems. I'm afraid that if we can't make Samba4 working as a global AD
we will soon switch to a
global M$ infrastructure...
Below the configuration files I'm using :
*--- /usr/local/samba/etc/smb.conf ---*
# Global parameters
[global]
server role = domain controller
workgroup = MONONOKE
realm = sci.univ-poitiers.fr
netbios name = GHIBLI
setup directory = setup/
[netlogon]
path =
/usr/local/samba/var/locks/sysvol/ghibli.sci.univ-poitiers.fr/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
*--- /etc/krb5.conf --- *
[libdefaults]
default_realm = sci.univ-poitiers.fr
dns_lookup_realm = false
dns_lookup_kdc = false
default_etypes = des-cbc-crc des-cbc-md5
default_etypes_des = des-cbc-crc des-cbc-mb5
[appdefaults]
proxiable = true
ticket_lifetime = 24h
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
[realm]
SCI.UNIV-POITIERS.FR = {
kdc = ghibli.sci.univ-poitiers.fr
admin_server = ghibli.sci.univ-poitiers.fr
default_domain = ghibli.sci.univ-poitiers.fr
}
[domain_realm]
ghibli.sci.univ-poitiers.fr = SCI.UNIV-POITIERS.FR
sci.univ-poitiers.fr = SCI.UNIV-POITIERS.FR
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list