[Samba] samba4 AD DC as file server?
Andrew Bartlett
abartlet at samba.org
Tue Mar 12 22:48:06 MDT 2013
On Tue, 2013-03-12 at 21:10 +0000, Jim Potter wrote:
> Hi all,
>
> I've been wondering about the separate Dc and fileserver setup (and the 2
> winbinds) too.
>
> In my current setup (samba3/openLDAP) all my fileservers are DCs because
> then I don't have to worry about idmaps and winbind at all.
>
> This DC/fileserver samba4 separation can't be the recommended setup purely
> because the DCs don't do network browsing, surely. In my environment (a
> school) a browseable network neighbourhood is trouble and disabled for
> everyone. Except me.
>
> Am I right in thinking that a Samba3 fileserver is recommended because its
> more tried and tested at fileserving, and separating out the DC'ing onto a
> samba4 box just separates everything nicely and avoids complications? Or
> does a samba4 DC also acting as a fileserver have limitations of some kind?
The default file server in Samba 4.0 is our smbd file server from Samba
3.x, simply updated with the latest work from that line of
development.
No matter if you are running an AD DC, or a file server as a member
server, we use the same code for file server operations. However, some
support infrastructure varies between the operating modes, and some
options are forced on in the AD DC, so as to emulate NT ACLs in the way
we must for the SYSVOL share. We also use a different winbind
implementation.
For smaller sites, where there is just one server, using the AD DC as
the file server is perfectly fine and supported. It will work well.
For other (generally larger) sites, the knowledge that the file server
and DC can be configured, upgraded and replicated independently will be
far more important, and so follow our advise to separate these roles.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list