[Samba] simple recommendations

Thomas Maerz tmaerz at brewerscience.com
Thu Feb 18 21:55:15 UTC 2016 

Well, in my opinion, setting up a S4 DC is relatively easy. I’ve actually had more troubles setting up member servers. It’s already integrated with the file server, and you can manage it with the MS tools and manage file permissions from the same place. If he already has an LDAP server (I’ll bet he doesn’t), what you are describing would also make sense. Otherwise he has to set up an OpenLDAP server which requires more expertise than setting up a S4 AD DC in my opinion. Either solution is much more simple, scalable and maintainable than attempting to add a bunch of users manually to each of his workstations.

Provisioning a Samba4 domain controller:

Install S4 DC packages
execute this command
samba-tool domain provision --use-rfc2307 --interactive
Follow the prompts
Test the DC
Install Active Directory Users and Computers plugin on any workstation
Create users
Create file share

Documentation is here: https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller#Provisioning_the_Samba_Active_Directory <https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller#Provisioning_the_Samba_Active_Directory>

Samba4’s DC functionality is great!

Thomas Maerz
Network/Systems Engineer

> On Feb 18, 2016, at 12:47 PM, Rowland penny <rpenny at samba.org> wrote:
> 
> On 18/02/16 17:55, Thomas Maerz wrote:
>> I would set up your server as a Samba AD and use the directory. Give each user a username and password on the server that they will authenticate to the server with and when they connect the permissions will act as you are expecting. Joining the machines to the domain is not necessary; it simply integrates the workstation with the server so that the user doesn’t have to enter the credentials manually to connect to resources. We use hundreds of non-domain joined Macs to connect to a Samba4 DC-based file server.
>> 
>> I hope this helps.
>> 
>> Thomas Maerz
>> Network/Systems Engineer
>> 
>> 
> 
> That simply doesn't make sense, why go to all the trouble of setting up a Samba4 AD DC and then just use it as a fileserver ?
> 
> You might as well just set up Samba as a standalone server with ldap.
> 
> Rowland
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list