[Samba] use AD-DC as fileserver

Klaus Hartnegg hartnegg at gmx.de
Sat Mar 22 12:28:20 MDT 2014

On 14.03.2014 22:23, Andrew Bartlett wrote;
> On Thu, 2014-03-13 at 15:01 +0100, Simon Schneider wrote:
>> Just to get this straight: Apart from the problem with browsing (which will
>> be solved with samba 4.2?) and things like redundancy, server load etc.,
>> from a technical standpoint it is perfectly OK to run Samba 4 AD +
>> Fileserver with the same samba instance?
> It will be fine.  Just as long as you understand why we recommend
> against it, it will do that task perfectly well.  That much has been
> written and repeated often, so I won't say it again.

I tried to find more about this, but were mostly unsuccessful. Is it 
true that it affects mostly browsing, which is only a problem for XP 
clients, and that version 4.2 will solve even this?

> (The funny thing
> is that, in some areas it will do 'better', because it runs by default
> in a mode that perfectly preserves windows ACLs, because that it
> required for AD DC operation on sysvol and netlogon).

I thought that even late versions of samba3 can store all windows ACLs 
in linux ACLs and xattr, the difference being only that samba4 as AD-DC 
automaticly loads the required module, while otherwise it must be added 
to smb.conf manually. Is AC-DC even better than that? This would be an 
argument to not use a separate fileserver.


