[Samba] Samba4 Kerberos Authentication Error

Marco Shmerykowsky PE marco at sce-engineers.com
Fri Dec 7 14:43:50 UTC 2018 

On 12/6/2018 9:33 AM, Rowland Penny via samba wrote:
> On Thu, 6 Dec 2018 09:12:03 -0500
> Marco Shmerykowsky PE via samba <samba at lists.samba.org> wrote:
> 
>>>>
>>>> I'm basically trying to set up one Linux appliance to handle
>>>> overall authentication and let two other machines simply
>>>> serve files.
>>>>
>>>
>>> I would do it slightly differently, two DC's and then whatever
>>> fileservers are required. The Centos Samba packages are usable for a
>>> domain member, they just cannot be used for a DC.
>>>
>>> Rowland
>>
>> Why 2 DC's?  My understanding is that a file server should
>> not simultaneously serve as a DC in an Active Directory setup.
> 
> I never said use a DC as a fileserver, I was just picking up on what
> you said 'one Linux appliance to handle overall authentication '. I
> took it you meant use one Samba AD DC and two Samba AD DC's are always
> better.
> 
>>
>> I have a small office.  While I have no issue making one of
>> the file servers also function as a backup DC, I really don't
>> want to add yet another server to the mix to handle a single
>> role.
> 
> I know Windows sysadmins refer to DC's via various different names, but
> AD RWDC's are all the same apart from the FSMO roles and they can be on
> any DC.
> 
> If resources are limited, you can use a DC as a fileserver, you just
> have to be aware of the limitations.
> 
> Rowland
> 

I'm newbie lost with the terminology :)

Currently I have two servers:
1) Centos Server handling file server duties and functioning as
    a PDC in a NT4 style domain.
2) Centos Server functioning as a member server holding
    supplemental files.

New setup:
1) Ebox Appliance running Debian 9 w/ samba as an AD DC
    (got this up and running w/o an issue - Fedora was the problem)
2) Main File server as a member server (stay on Centos?) on
    the AD domain
3) Secondary server as a member server (stay on Centos?)on
    the AD domain

Both the centos servers need upgrading, but since I don't have
extra servers to move the files around to, that will take a
little bit of work.

When moving the file servers to samba4, do I set them up as
"member servers" or something else?  For that matter, do I
migrate samba or do I follow an uninstall/fresh install path?

---
This email has been checked for viruses by AVG.
https://www.avg.com

More information about the samba mailing list