[Samba] CTDB + Likewise-open : What servername when joining AD?
Nicolas Ecarnot
nicolas at ecarnot.net
Thu Dec 1 07:03:58 MST 2011
Le 01/12/2011 09:35, Michael Adam a écrit :
> Hi Nicolas,
Hi Michael,
> Generally, when running samba in a CTDB cluster, the principle
> idea is that all nodes appear as one CIFS server to the outside.
> (in Samba/winbindd you have the same config on all nodes an
> in particular set the "netbios name" parameter to the same value
> on all nodes).
> In particular, the AD-connector needs to join
> the cluster just _once_ with the netbios name given to all the
> nodes.
This is this particular point that I have to precisely understand.
Joining to a domain with likewise is done with domainjoin-cli.
Joining to a domain with samba is done with net ads join.
I succesfully used both.
But, in both cases, I never specified the server name. I guess this
value is retreived from the system and/or the samba setting.
The net man page says :
"[UPN] (ADS only) set the principalname attribute during the join. The
default format is host/netbiosname at REALM."
so this may help me to register this computer into the domain, but under
the common virtual name.
How do you usually add a virtual netbios name to a domain? Do you use
the net ads join createupn method mentionned above ?
I'm pretty sure this is the very last big issue I have to deal with.
> Winbindd uses the secrets.tdb to store the join
> information so that in the clustered case, this automatically
> transferred to all nodes when a node joins.
>
> I could assist you with winbindd instead of likewise-open
> running on top of ctdb as the authenticaion / AD-connection
> piece, but I am sorry to say, that I don't know whether this
> is at all possible with likewise.
I have discovered some "intricacy/links/constraints" between the machine
password stored into samba tdb and the one stored into likewise registry
(and I've managed to cope with it).
As this cluster is made of only TWO nodes, I hope I'll be able to
correct any similar issues that may rise.
>
> (Note: likewise-open was iirc originally a rebranded winbindd
> with some additional gui tools, but this has long been replaced
> completely.)
>
> Cheers - Michael
--
Nicolas Ecarnot
More information about the samba
mailing list