[Samba] How to join a Linux machine to a Samba4 domain

Rowland Penny rowlandpenny at googlemail.com
Fri Jan 31 03:43:18 MST 2014 

On 31/01/14 10:24, Lea Massiot wrote:
> Hello,
>
> Steve:
>
>> No. If you want to create a share and serve files from it then it's not a
>> minimum install.
>> You will have to run smbd.
>> In this case, I'd install from source exactly as you did for the DC.
>> But _do not_ provision it as a DC.
> Ok. So indeed, a minimum install is not what I need after all.
>
>> You are also going to need some sort of id mapping so that you know which
>> users own which files.
>> This may or may not affect the [global] section of your smb.conf.
> This I do not understand.
>
>> We now move into an area in which I am no longer allowed to help :(
> This I do not understand either.
> What's the use of a domain if there are no shares on the machines both Linux
> an Windows?
> I mean, it is a Samba(4) domain, not a pure "Windows" domain.
> Maybe I'm missing a point but this is what actually a domain controller is
> useful for in my company: having shares on the machines accessing them
> securely and freely.
The problem is that samba4 is a work in progress, it mostly works, but 
there are anomalies that need to be worked out. One of these is winbind, 
the winbind on the server is not the same as the winbind that you would 
run on a linux client. What this means is that 'userA' would have a 
different uid number on the client from on the server. This is further 
complicated by the fact that winbind on the client can be run in at 
least two modes, RID & AD, RID takes the users SID and creates a number 
from that, this can be different on different clients etc. AD is 
supposed to pull all the users RFC2307 info direct from AD, so the info 
should be the same every where except on the server which has its own 
winbind, which does not work the same way.

So, what samba is proposing, at the moment, is to just use the DC for 
authentication and run a separate fileserver for everything else.

I hope this has not confused you any further.

Rowland
>
> Rowland:
>
>> Now comes the problem, samba would like you to use the winbind package
>> to extract the ad info from your AD server, but I struggle to make
>> this work and use a package that It would seem that we are not allowed to
>> mention.
> Confusing indeed.
>
> Best regards.
>
>
>
> --
> View this message in context: http://samba.2283325.n4.nabble.com/How-to-join-a-Linux-machine-to-a-Samba4-domain-tp4660009p4660136.html
> Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list