[Samba] Samba AD DC and browsing of shares

TAKAHASHI Motonobu monyo at monyo.com
Sat Mar 21 05:29:53 MDT 2015


From: Jānis <je at ktf.rtu.lv>
Date: Sat, 21 Mar 2015 12:36:09 +0200

>> From: Jānis <je at ktf.rtu.lv>
>> Date: Thu, 19 Mar 2015 23:32:37 +0200
>>> > You do not have to use samba 4 to create an AD DC, you can use samba 4
>>> > just
>>> > like samba 3, as a standalone server, as a client in a windows domain, as
>>> > an NT-4 style PDC, with or without Openldap etc, etc.
>>> So, that means i can re-compile samba(4) --without-ad-dc; configure it as
>>> NT-4 style DC and have Win8.1 computers joining it?
>> No, --with or --without-ad-dc, you can configure Samba4 as NT-4 style DC.
> yes, it was clear. The only thing that wasn't - possibility to join Win8 to
> NT-styla domain. I learned, it is theoretically possible, but taking into
> account the woodoo part of it, not the solution for particular case.

Hmmm, as far as I examined , Windows 8 can join to NT-style domain, whose 
DC is Samba 4, compiled --with-ad-dc (default).

>> From: Jānis <je at ktf.rtu.lv>
>> Date: Fri, 20 Mar 2015 21:39:00 +0200
>>> How fast should it be expected for the domain info to spread over the
>>> network? It took a few minutes for the freshly joined samba server to get
>>> the auth info for the shares on it from the DC (I judge it by the ability
>>> to wbinfo -u on the file server to give domain users' info)
>> If "domain info" means browse list, it is usually updated every 12 - 15
>> minutes from each machines.
> so, the freshly joined PC will get the browse list in 10-15 min after
> joining domain?

It depends on your situation. 

A PC announces itself to the master browser on its subnet in shorter period 
immediately after startup. 

A master browser communicates to backup browser on the same subnet every
12-15 minutes.

A domain master browser communicates to the other local master browser on
the other subnet every 12-15 minutes.

How long it takes to get a PC in the browse list depends on which browser 
you connect to.

>  Does it relate to the connections over VPN? Is it possible
> to speed up the update (lets say - to cut time in half)?

No, but if your domain exists on multi-subnets, it takes additional 
12-15 minutes to sync browse list between subnets.

See documents about browsing functions in the detail.

TAKAHASHI Motonobu <monyo at monyo.com> / @damemonyo 

More information about the samba mailing list