[Samba] Books of Samba 4

Tony Hain tony at tndh.net
Tue Mar 4 16:06:21 MST 2014


Rowland Penny wrote:
> > ... snip
> Hi, your problem is that you tried to provision a member server, it doesn't
> work, as you have found out. This is why I was querying just why that option
> is there in 'samba-tool domain provision', it needs to be removed.
> 
> What you require is to use the smbd, nmbd and winbind daemons from
> samba4 just like you would with the daemons from samba 3, see here:
> 

To a first order, there is no logic behind this statement. What the #$%^ does the 'process' of creating the .conf file have to do with which daemon is running? From comments on thread there is clearly some kind of unstated assumption that samba-tool is only for the samba daemon, but there is no obvious reason why it should be. From what little I have been able to gather from sorting through this, samba-tool is nothing more than a super-set of tools used to configure and operate samba 3 over the last 5 years or so. How does that end up being samba daemon specific?

Again, the generic term 'provision' has nothing to do with a specific micro-instance of creating a DC, it is about providing the environment for something else to happen. Please stop equating 'provision' with DC, and equate it with creating a .conf file.

> https://wiki.samba.org/index.php/Samba/Domain_Member
> 
> Probably sometime in the future, running provision to get a member server
> will work, but it will require an extremely large amount of work and the
> acceptance of various standards and/or even more input from the person
> running samba-tool.

I am sorry, but I don't buy that. If pasting in:
[global]
   workgroup = SHORTDOMAINNAME
   security = ADS
   realm = YOUR.SAMBA.DOMAIN.NAME
   idmap config *:backend = tdb
   idmap config *:range = 70001-80000
   idmap config SHORTDOMAINNAME:backend = ad
   idmap config SHORTDOMAINNAME:schema_mode = rfc2307
   idmap config SHORTDOMAINNAME:range = 500-40000
   winbind nss info = rfc2307

creates an acceptable .conf file, then asking the user for realm & workgroup is all that is required, and both are already in samba-tool. If there is a large amount of work and additional questions, then the wiki is clearly lacking in detail about the real requirements. Either your claims about excessive work, or Marc's claims about the wiki HowTo being adequate, are wrong because they are in direct conflict.

> 
> Until that far off day comes, you will have to write your own smb.conf
> 

I believe it is a far off day, but only because those in position to do something about it believe that. I don't mind writing the smb.conf, but consistent guidance that indicates it is still appropriate for current releases would help.

Tony


> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba



More information about the samba mailing list