[Samba] Samba4: rfc2307 compatibility with Samba3

Gémes Géza geza at kzsdabas.hu
Sun Aug 12 09:45:03 MDT 2012


2012-08-12 16:26 keltezéssel, steve írta:
> On 12/08/12 15:28, Gémes Géza wrote:
>> 2012-08-12 09:31 keltezéssel, steve írta:
>>> On 08/11/2012 01:10 PM, Andrew Bartlett wrote:
>>>> On Sat, 2012-08-11 at 11:21 +0200, Helmut Hullen wrote:
>>>>> Hallo, Andrew,
>>>>>
>>>>> Du meintest am 11.08.12:
>>>>>
>>>>>>> In Samba3, I have full rfc2307 compliance via winbind where all
>>>>>>> attributes can be obtained from AD.
>>>>>>>
>>>>>>> In Samba4 I only have partial rfc2307 compatibility with:
>>>>>>> idmap_ldb:use rfc2307 = yes
>>>>>>> uidNumber and gidNumber can be obtained from AD but
>>>>>>> uinxHomeDirectory and loginShell are missing.
>>>>> [...]
>>>>>
>>>>>> At this stage, we still don't recommend combining file server and DC
>>>>>> functions.  By separating these functions onto different (virtual)
>>>>>> servers, you can avoid this issue.
>>>>> Sorry - that sounds ugly.
>>>>> I prefer using samba as a combined system for SOHO (especially for
>>>>> schools). And working with several servers (especially virtual 
>>>>> servers)
>>>>> is not attractive for someone who looks for the server as a second or
>>>>> third job, beneath his/her main job.
>>>> I would rather advertise a narrower, known to work set of 
>>>> functionality
>>>> than to promise broader features than we know works well in production
>>>> experience.
>>>>
>>>> In particular, we know about the limitations that Steve mentions, 
>>>> and we
>>>> know the workaround:  don't mix the file server and AD DC.
>>>>
>>>> Andrew Bartlett
>>>>
>>>>
>>> Hi
>>> Does this mean having one Samba4 machine as the DC and another Samba4
>>> (e.g. Vbox) machine joined to it as a member to act as fileserver?
>>> Cheers,
>>> Steve
>>>
>> If you don't want to use the second box interactively yes, if you intend
>> to login there, or have home directories served from there better
>> install Samba3.6 on it.
>>
>> Regards
>>
>> Geza
>
> Hi Geza, hi everyone
> OK, conclusion.
>
> I have a single box with s4 DC. The same same box with a Vbox guest 
> running S3.6, and NFS. The S4 DC becomes a NFS client when I mount the 
> shares from the Vbox guest on it. I create users and their home 
> directories on the DC. Files are served from the S3 Vbox guest. The DC 
> has no shares apart from [global], [netlogon] and [sysvol]. The s3 
> guest carries all the shares I would normally add after the 3 default 
> DC shares. Instead of using the hostname of the DC when I mount shares 
> on remote clients, I use the hostname of the S3 Guest.
>
> How am I doing so far?
>
> Cheers,
> Steve
>
Hi,

IMHO what you've written could be a short HOWTO for using Samba4 in a 
network (maybe just without virtualbox part ;-) ). If this is more than 
a test setup I would recommend using Xen or KVM for virtualisation (My 
production boxes run on top of Xen for about 6 years, and at home I use 
KVM (for running test setups) (was easier to set up on a Desktop 
machine), (used Virtualbox before (didn't have hardware support for KVM))).

Regards

Geza

P.S.
Sorry for the off-topic about virtualisation.


More information about the samba mailing list