[Samba] what architecture is required for having a samba working ?
gaiseric.vandal at gmail.com
Thu Apr 7 07:36:11 MDT 2011
I don't think DNS dynamic updates is required for Windows clients.
Windows clients do not provide services (in most cases) so they don't
need to be located in DNS/AD. I found, when running BIND9 as my primary
DNS server that I did not like the why DDNS updated and resorted my
zone files. I didn't like having files with static entries being
changed by the server.
Actually, you don't absolutely need Dynamic DNS for servers. When a
machine joins the domain as a domain controller it does try to update
DNS- but if it can't it will write the required changes to a text file
(don't remember which off the top of my head but the event log will tell
you. I have a mixed environment of Samba 3 PDC domains and Windows
AD domains. I found it easiest to make one of my Windows machines the
DNS server and only enable DDNS while adding/removing a DC to the domain.
I have not used samba 4- since it is still listed an Alpha.
Samba 3 does support domain trusts with Windows domains- so if you have
little pockets already running Windows AD domains, you can still work
I think the one question you need to ask is: what is the cost of
implementing AD vs what is the cost of my time to make samba work? I
run a mix of windows and linux clients, so samba is a good solution for
me since the underlying servers also support NFS, LDAP and other stuff
that plays nice with linux clients. But I wish Samba 3 did have GPO
support. You can use "NT4" type policies so some degree with Samba
3. You can even create policy templates to implement specific registry
changes- but it is a pain. I am hoping to see if I can use a Windows
DC as an LDAP/Keberos master for my environment, while keeping
Samba/Unix servers as file servers, but leveraging some of the stuff
that Windows AD does do well.
On 04/07/2011 09:18 AM, Valéry Roché wrote:
> Hi again,
> Replying to myself concerning DNSupdates. I found this :
> "If you are joining Samba4 to an existing Windows DNS domain, or you
> are using a Windows DNS server instead of bind9, then you need bind
> version 9.7.2rc1 (or higher) for the nsupdate command to correctly
> work with recent versions of Windows. If you don't have bind 9.7.2rc1
> or better, recent Windows clients (such as Windows7 and Win2K8) won't
> be able to do dynamic DNS updates to your bind9 server, and bind9
> won't be able to do dynamic DNS updates against a Windows DNS server."
> That should do the work, will try it if I can find some explanations
> on how to setup Bind9 in this way.
> Kind regards,
> Valéry Roché
More information about the samba