[Samba] Q: Samba4 AD DC & small office file sharing

Viktor Trojanovic viktor at troja.ch
Wed May 30 10:24:06 UTC 2018 

On 30 May 2018 at 11:44, Rowland Penny via samba <samba at lists.samba.org>
wrote:

> On Wed, 30 May 2018 11:14:04 +0200
> Viktor Trojanovic <viktor at troja.ch> wrote:
>
> > On 30 May 2018 at 10:21, Rowland Penny via samba
> > <samba at lists.samba.org> wrote:
> >
> > > On Wed, 30 May 2018 09:57:12 +0200
> > > Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> > >
> > > > Mandi! Andrew Bartlett via samba
> > > >   In chel di` si favelave...
> > > >
> > > > > > So I take it from the above, that whilst it isn't a good idea
> > > > > > to use a DC as a fileserver if you have the resources, it
> > > > > > will work for a small office set up.
> > > > > Exactly.
> > > >
> > > > I add a magic word. 'Virtualization'. ;-)
> > > >
> > > > Even on smaller setup, instead of installing samba directly on
> > > > bare metal could be useful and not too much complicated
> > > > installing a virtualization system (Proxmox?) and fire up two VM,
> > > > one as DC and one as DM.
> > > >
> > >
> > > Lets be honest here, if you are in a small office and the computer
> > > you are planning to install Samba as a DC on, is capable of also
> > > running some form of VM with a fileserver in it, then it is also
> > > probably capable of just running the DC as a fileserver. Less to
> > > setup and maintain.
> > >
> > > Rowland
> > >
> > >
> > >
> > I'm still going to add containerization to the picture. Yes, more to
> > setup and (a bit) more to maintain but very soft on resources. And if
> > your directory/company gets bigger, it's as easy as 1-2-3 to just
> > move the DC or fileserver container to a bigger server, physical or
> > virtual.
> >
> > Viktor
>
> We are talking about a DC here, if you feel you need the 'fileserver'
> portion moved to a separate machine, this is very easy, just create a
> new Unix domain member and rsync the data to this. If you feel you need
> another DC, just add one.
>
> When you add any complexity, someone has to maintain it and, in a small
> office, this is usually whoever gets nominated.
>
> Rowland
>
>
>
It sounds so easy when you say it :) In reality, I believe the Samba list
is full of examples where "just creating a new Unix domain member" simply
wasn't that simple, especially in cases where this domain member was the
first one as would be here the case. And you know how it is, when something
needs to be changed or improved, it usually has to be done yesterday. This
is why I like the container solution: Yes, it takes a bit more time to
setup and maintain but when the time comes, you're going to be ready with
surprises kept to a minimum.

This is especially true for Sysadmins who don't deal with Samba on a
regular basis. At the time they set up the DC, they'll be "in the zone" and
it will take just a little more time and effort to set up a domain member.
But if several months or years have passed in between, it will require a
lot more.

Viktor

More information about the samba mailing list