[Samba] Windows 8 Pro no domain logon possible

[Roland Schwingel]

Hi Michael...

 > Disclaimer: I am just a Samba user.
Me too ... ;-)

 > On 20 September 2012 13:11, Roland Schwingel
 > > It is good to hear that there is at least a chance to join windows 8 to
 > > samba. The bad news is that samba 4 is still beta and not ready for
 > > production use. I am sitting here in a bigger installation with a big
 > > central LDAP for each and everything (not only samba). Migrating 
from samba3
 > > to samba4 is a several months task.
 >
 > Well, the first release candidate has been released, and people are
 > using it in production, but of course whether it's ready for you I
 > cannot say.
A while ago I have studied the samba repos for changes in samba 4 and 
there was still heavy movement in code. So well... I personally here 
prefere having an official "stable" version of a software. When looking 
at my schedule I can't afford loosing time with experiments. And moving 
from samba 3 to samba 4 is (as far as I understand it right now) a big 
move which has to planned and cannot be done in an afternoon and has a 
(for me) too much experimental character in a core area of the 
infrastructure. So I will/have to wait until there is an official 
version of samba4 and some (best practice) experiences in moving from 3 
to 4.

 > > So I hope there will be a samba 3 based solution for using windows 8
 > > in a domain, too.
 > >
 > > What is the official plan here?
 > > Can the required portions for windows 8 be backported to samba 3?
 >
 > I doubt it.  As far as I know recent versions of Windows will not work
 > with an NT-style domain at all, unless the DC is a Samba server.  i.e.
 > you will not be able to join a Windows 8 (or 7 or maybe earlier)
 > machine to a Windows NT-style domain controller.  So I don't think
 > there's some little bit of Samba 4 that could be backported to Samba 3
 > to allow you to join a Windows 8 machine to the domain.  More likely
 > there's something that needs to be fixed in Samba 3 or in Windows 8 to
 > get this working again.
Just 30 minutes ago I maybe found a solution to allow my win8 pro 
machine to log in with a samba3 domain account. At present I am logged 
in. But this has some tradeoff. I will outline it in a seperate email 
after some more testing. Hopefully tomorrow.

There might be a lot of people outside using samba 3 right now happily. 
Microsoft is releasing a new OS version which cannot be joined to their 
existing domains out of the box. So they are yet stranded (like me) and 
can't use the "shiny" new OS. The clean solution (samba 4) is IMHO still 
some month away. In my eyes samba 3 must support windows 8 in some way 
to avoid some chaos because of too fast rushing to samba4 forcing users 
to use a samba which still might have too much bugs giving samba4 a bad 
reputation/start. Windows 8 comes some month to early for the new samba. 
If samba4 would be out now for eg. 6 months and behave well and windows 
8 will reach the market now it would be a different situation.

 > > BTW: Is it possible to use samba4 with another LDAP 
server/infrastructure
 > > not the samba4 supplied one?
 >
 > No, it is not possible to use another LDAP server instead of Samba 4's
 > built-in LDAP implementation.  At one point there was support for
 > this, but as far as I understand it, it is not technically possible to
 > make it work properly and the support was removed/deprecated.
This is bad. Is it really expected to migrate over all data which is 
most likely present in companies current LDAP solutions to the samba 
ldap? Can samba ldap fullfill all needs here (eg. rock solid life 
replication and general purpose usage?). I would very much appreciate 
the possibility of being able to not use the embedded ldap. This would 
very much reduce the effort of moving from samba3 to 4 in existing ldap 
environments.

Roland