[Samba] Separate DC fom file server ( was : Re: ZFS support for SAMAB4? )

Jason MacChesney jason.macchesney at ecacs16.ab.ca
Mon Feb 24 08:25:13 MST 2014 

+2

I'm looking into containers to help with the transition. It's a pretty
low-cost way (compared to VM) to deploy a second server. Figuring out how
to make the transition is something I'm struggling to find time for.

My best guess is to switch the original AD to classic mode and restart it.
Make the container/VM server the AD. Have the fileserver join the AD,
forwarding DNS to it. My only worry is preserving the old AD (workstations
and users.) I've made the transition from a make install to a sernet, and
following the HOWTO on restore was fine. But I'm not really replacing the
AD this time, I'm duplicating it in-place right? So I have to do this in a
test environment (more time.)

So any light on the "issues" is super-appreciated.

On Mon, Feb 24, 2014 at 5:15 AM, Sascha Willuweit
<sascha.willuweit at me.com>wrote:

> Am 15. Februar 2014 um 05:40 schrieb me at electronico.nc:
>
>
> Le 14/02/2014 08:43, Andrew Bartlett a écrit :
> On Fri, 2014-02-14 at 07:55 +1100, me at electronico.nc wrote:
> Le 13/02/2014 14:59, Andrew Bartlett a écrit :
> ...
> On a AD DC you should not run file shares btw, use a member server
> for that ...
> Curious question: Why do you think so?
> While the AD DC is running our full file server, and can act quite well
> as a file server, we suggest that organisations run a distinct file
> server to allow upgrades of each without disrupting the other. We also
> suggest that many medium-sized sites will want more than one AD DC, and
> so it makes sense to have the DCs distinct to any file servers that may
> use the DCs.
> Finally, it avoids many of the issues around the winbindd internal to
> the AD DC.
> Andrew Bartlett
> I'd suggest that Samba Team writes these lines on the Wiki as it is ( in
> my opinion ) a very important step that needs to be configured at Samba
> setup (and it would avoid wasting time to look for them through
> thousands of messages on Mailman list).
> Nicolas
> You are very welcome to apply for a wiki account. :-)
> Andrew Bartlett
> I don't care to spend some time helping Samba users, but I don't feel
> confortable enough with Samba technical to write how-to on Wiki.
> I even don't understand why winbind internal issues are caused by having
> DC and file server on the same machine.
> Nicolas
>
> +1
>
> I don't understand the issue with winbindd internal vs. AC DC on a
> different machine, as well. Could someone please give any directions in
> further reading regarding this issue? And why would I want to have more
> than one AC DC at a "medium sized site"? I really appreciate any answers.
> Seriously.
>
> -sascha
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



-- 
Jason MacChesney, B.Sc.
Technician
East Central Alberta Catholic Schools

More information about the samba mailing list