[Samba] Samba4 - multiple forest hosting?

Andrew Bartlett abartlet at samba.org
Sun Oct 21 15:19:12 MDT 2012

On Fri, 2012-10-19 at 17:27 +0000, Harsh Shah wrote:
> On Thu, Oct 18, 2012 at 8:50 PM, Chris Weiss <cweiss at gmail.com> wrote:
> > On Thu, Oct 18, 2012 at 3:40 PM, Harsh Shah <harshwshah at gmail.com> wrote:
> > > Can I configure Samba4 in such a way that I have two separate **forests**
> > > on a single machine– let’s say one for CompanyA and other for companyB?
> > >
> > > So essentially does Samba4 support multiple server instances like Samba3
> > as
> > > described here http://wiki.samba.org/index.php/Multiple_Server_Instances
> > ?
> >
> > > I don't know the answer, but I'm curious why one would want this
> > > anymore versus using a virtual machine (vmware, xen, kvm) or container
> > > (openvz, xen paravirt)?
> >
> It is difficult for me to get a new virtual machine.  I have a fairly
> powerful machine that can easily host two separate forests.  If Samba4
> supports multiple server instances like Samba3, I can make full use of it.

The issues is nss_winbind and the winbind socket.  These are both
configured per-machine, and so hosting multiple Samba instances becomes
very difficult. 

The challenge is that skipping use of nss_winbind (and relocating the
socket) will still allow most things to work, but smbd is built on the
assumption that the connected user exists in nsswitch.  At the very
least [homes] will fail.

In short, here be dragons.  If you really need multiple forests, then I
think you can work out a way to get at least multiple virtual machines.
You would also be well advised to have multiple servers for redundancy

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list