[Samba] Samba4: rfc2307 compatibility with Samba3

steve steve at steve-ss.com
Sun Aug 12 08:26:30 MDT 2012 

On 12/08/12 15:28, Gémes Géza wrote:
> 2012-08-12 09:31 keltezéssel, steve írta:
>> On 08/11/2012 01:10 PM, Andrew Bartlett wrote:
>>> On Sat, 2012-08-11 at 11:21 +0200, Helmut Hullen wrote:
>>>> Hallo, Andrew,
>>>>
>>>> Du meintest am 11.08.12:
>>>>
>>>>>> In Samba3, I have full rfc2307 compliance via winbind where all
>>>>>> attributes can be obtained from AD.
>>>>>>
>>>>>> In Samba4 I only have partial rfc2307 compatibility with:
>>>>>> idmap_ldb:use rfc2307 = yes
>>>>>> uidNumber and gidNumber can be obtained from AD but
>>>>>> uinxHomeDirectory and loginShell are missing.
>>>> [...]
>>>>
>>>>> At this stage, we still don't recommend combining file server and DC
>>>>> functions.  By separating these functions onto different (virtual)
>>>>> servers, you can avoid this issue.
>>>> Sorry - that sounds ugly.
>>>> I prefer using samba as a combined system for SOHO (especially for
>>>> schools). And working with several servers (especially virtual servers)
>>>> is not attractive for someone who looks for the server as a second or
>>>> third job, beneath his/her main job.
>>> I would rather advertise a narrower, known to work set of functionality
>>> than to promise broader features than we know works well in production
>>> experience.
>>>
>>> In particular, we know about the limitations that Steve mentions, and we
>>> know the workaround:  don't mix the file server and AD DC.
>>>
>>> Andrew Bartlett
>>>
>>>
>> Hi
>> Does this mean having one Samba4 machine as the DC and another Samba4
>> (e.g. Vbox) machine joined to it as a member to act as fileserver?
>> Cheers,
>> Steve
>>
> If you don't want to use the second box interactively yes, if you intend
> to login there, or have home directories served from there better
> install Samba3.6 on it.
>
> Regards
>
> Geza

Hi Geza, hi everyone
OK, conclusion.

I have a single box with s4 DC. The same same box with a Vbox guest 
running S3.6, and NFS. The S4 DC becomes a NFS client when I mount the 
shares from the Vbox guest on it. I create users and their home 
directories on the DC. Files are served from the S3 Vbox guest. The DC 
has no shares apart from [global], [netlogon] and [sysvol]. The s3 guest 
carries all the shares I would normally add after the 3 default DC 
shares. Instead of using the hostname of the DC when I mount shares on 
remote clients, I use the hostname of the S3 Guest.

How am I doing so far?

Cheers,
Steve

More information about the samba mailing list