[Samba] How to join a Linux machine to a Samba4 domain
Sven Schwedas
sven.schwedas at tao.at
Fri Jan 31 03:48:41 MST 2014
On 2014-01-31 11:24, Lea Massiot wrote:
>> No. If you want to create a share and serve files from it then it's not a
>> minimum install.
>> You will have to run smbd.
>> In this case, I'd install from source exactly as you did for the DC.
>> But _do not_ provision it as a DC.
>
> Ok. So indeed, a minimum install is not what I need after all.
I think the confusion comes from you referring to the file _server_
intended to provide shares as _client_. :-)
The file server, which is a domain *member*, needs a full samba4 package
like the DC, it's just going to be configured differently.
Workstations that access the file shares, i.e. *clients*, only need a
compatible smbclient package (I'd recommend using the same version to
avoid problems, but your distribution's smbclient package should suffice).
>> You are also going to need some sort of id mapping so that you know which
>> users own which files.
>> This may or may not affect the [global] section of your smb.conf.
>
> This I do not understand.
>
>> We now move into an area in which I am no longer allowed to help :(
>
> This I do not understand either.
There's a tiny shitstorm about which is the preferred way to
authenticate users on samba4 member servers against AD domains (winbindd
vs. sssd vs. pam_ldap). You might want to take a look into the mailing
list archives about the pros and cons of the alternatives, there've been
some threads about it and summarizing would take too long (50% of the
mailing list volume this month, I think).
> What's the use of a domain if there are no shares on the machines both Linux
> an Windows?
> I mean, it is a Samba(4) domain, not a pure "Windows" domain.
A Samba 4 domain is intended to be indistinguishable from a Windows
domain (with msSFU).
> Maybe I'm missing a point but this is what actually a domain controller is
> useful for in my company: having shares on the machines accessing them
> securely and freely.
The domain controller should only provide a domain (via the samba
dæmon), shares should be provided by member servers, via smbd.
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140131/600c00dd/attachment.pgp>
More information about the samba
mailing list