[Samba] /etc/hosts and DHCP
Ross Boylan
rossboylan at stanfordalumni.org
Fri Sep 25 16:05:13 UTC 2015
On Fri, Sep 25, 2015 at 12:49 AM, Rowland Penny <
rowlandpenny241155 at gmail.com> wrote:
> On 24/09/15 22:08, Ross Boylan wrote:
>
>> I am trying to follow the advice on
>> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server. Among
>> other things, it says "Make sure that your /etc/hosts has a valid entry
>> for
>> resolving your hostname to its public IP (not 127.0.0.1!), when you join
>> the domain:"
>>
>> But my machine is using DHCP and so I can't hard code this. What to do?
>>
>
> Ignore the wiki and don't put anything in /etc/hosts, if (like on ubuntu)
> you have 127.0.1.1 pointing to your hostname, remove or comment out this
> line, but you really should give a member server a fixed ip
>
>
>> I am using Debian's resolvconf and bind. I suspect I'll need to use bind
>> to manage things properly, but perhaps I could let samba do the name
>> resolution.
>>
>
> you need to use the internal DNS or bind DNS, you cannot use both.
>
Understood. My meaning was using samba in place of bind.
Things are even messier, because the VM is relying on DNS from the virtual
network (libvirt's internal dnsmasq) at the moment.
>
>
>> A possibly related issue is that the machine has 2 network interfaces, one
>> for a private network and one for the public one that participates in the
>> AD. So there is not one right answer for the name -> IP resolution,
>> though
>> possibly the fully qualified domain name that goes with active directory
>> could be reserved for the external IP.
>>
>
> This could be interesting, how are you going to authenticate the private
> network users to a machine that is joined to a domain?
>
I don't follow. The machine has Unix users and a mapping between AD users
and Unix users. Are you saying I can't have both, and that my users must
come either from AD or from local sources, but not both?
>
>
>> I'm going on the assumption that "AD Member Server" is what I want,
>> because
>> I want to join the domain, use it for authentication, and server files.
>> Originally I thought "Member Server" meant I was publicly serving up
>> members of the domain; that is not my intention.
>>
>
> The term 'member server' is a bit of a misnomer, it really should be 'a
> Linux client that serves files', any Linux client is basically set up in
> the same way, what you do with it after, is what defines its role.
>
Thanks. So it's a server that's a domain member, not a server that serves
member identities (which would make it a controller).
Ross
More information about the samba
mailing list