[Samba] domain-based DFS ?
Davor Vusir
davortvusir at gmail.com
Mon Jun 30 07:40:36 MDT 2014
2014-06-30 14:57 GMT+02:00 steve <steve at steve-ss.com>:
> On Mon, 2014-06-30 at 14:51 +0200, steve wrote:
>> On Mon, 2014-06-30 at 13:24 +0200, L.P.H. van Belle wrote:
>> > >> > To the [global] section on the AD DC I added
>> > >> > host msdfs = yes <- the trick?
>> > No, not in my oppinion.
>> >
>> >
>> > These are the defaults on a DC:
>> > samba-tool testparm -vv | grep dfs
>> > host msdfs = Yes
>> >
>> >
>> > and member server:
>> > testparm -vv | grep dfs
>> > host msdfs = No
>> > msdfs root = No
>> > msdfs proxy =
>> >
>>
>> Hi it's this:
>> host msdfs = Yes
>> vfs objects = dfs_samba4 # plus whatever else you need
>> msdfs root = Yes
>>
>> HTH
>> Steve
>>
>>
> Oh, and the root has to be on the DC:(
>
Sorry that I wasn't clearer about that.
@L.P.H van Belle:
I'm aware of that 'host msdfs = Yes' is amongst the hidden settings in
global section. But to host DFS it simply didn't work until I made it
explicit.
I have two more share definitions on my AD DC, both running on RAID5,
LVM and ext4 on top. In spite of that 'vfs object = dfs_samba4
acl_xattr' is defined in the global section as a hidden setting, I
could not manipulate ACLs on these share. Not until I added 'vfs
object = acl_xattr' to the share definitions. I have not tested using
a share on the same disk/volume that Samba is installed on.
My experience is that the settings in smb.conf work great until you
add another share with vfs objects. They are not nullified, but rather
seem to not extend beyond the shares defined during provision. To
activate it you have to explicity define them in the global section.
And that is a call for following Sambas recommendation to separate the
DC functionalty from file server functionality.
Regards
Davor
More information about the samba
mailing list