[Samba] Upgrading Samba 3 to Samba 4 with Active Directory at many sites
Data Control Systems - Mike Elkevizth
mike at datacontrolsystems.com
Tue Jul 5 23:05:18 UTC 2016
The Samba wiki suggest that you don't use a domain controller for file
serving. My experience says that it can be done, but there are a number of
hacks that need to be used in order to get the desired results. So, if you
have the resources, I would strongly suggest one DC and a separate file
server per site.
Mike E.
On Tue, Jul 5, 2016, 6:28 PM Luke Barone <lukebarone at gmail.com> wrote:
> Final question regarding this... Do I just join each "site" Samba server as
> a Samba Client to provide file sharing? Or will I need two Samba DCs at
> each site (one for authenticating, one for file sharing)? I just want to
> try to get it right for when I do my testing.
>
> On Mon, May 30, 2016 at 9:43 AM, mathias dufresne <infractory at gmail.com>
> wrote:
>
> > Regarding speeding auth using local DC that's the whole point of AD
> Sites,
> > have a look on them, declare one or CIDR network addresses for them, you
> > get your speed up auth stuffs.
> >
> > Cheers
> > Le 30 mai 2016 18:10, "Luke Barone" <lukebarone at gmail.com> a écrit :
> >
> >>
> >> On Mon, May 30, 2016 at 9:01 AM, mathias dufresne <infractory at gmail.com
> >
> >> wrote:
> >>
> >>> So how would I do?
> >>> This means you change domain SID, I believe you can't re-use one
> because
> >>> you have several domains trusting each others, so several domain SIDs.
> >>> A - create an AD domain with Samba 4
> >>> B - Import everything from old domain to the new AD domain.
> >>> C - check all went well
> >>> D - prepare AD sites (one per geographical site)
> >>> E - add computers into the new AD domain
> >>
> >>
> >>
> >> So, with the current versions of Samba, I should not need to create
> Trust
> >> Relationships, as it's not possible in Samba right now anyways, correct?
> >>
> >> Thinking about this a little more, I'm wondering if it's even required,
> >> if we are all going to be on a big LAN in the end anyways... I was
> hoping
> >> though for fast authentication when users are at a different site, and
> >> speed after logging in can be slower if needed.
> >>
> >> I'll be getting some Raspberry Pis to duplicate our current setup, then
> >> put them in the setup we are working towards, and test it out. As for
> >> connecting the AD servers together, is it enough to just "add" the
> server
> >> to the domain, or will each server be its own entity still,
> pulling/pushing
> >> updates to a master server at the head office?
> >>
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list