[Samba] SAMBA 4.10 SYSVOL Replication adn RODC

joe.greer at gmail.com joe.greer at gmail.com
Sat Sep 14 14:23:20 UTC 2019


Hi All,

1) I read that the devs are working on supporting AD 2012 in 4.11, very
cool.
2) I read SAMBA 4.11 can support 100,000 users and 120,000 computers, very
cool.

It appears that SAMBA is moving to be a viable file server, authentication
and authorization server that can replace Microsoft Active Directory -
Directory Services.  Is this possible before 2030 for business with
multiple sites and over 10,000 employees?

I read there are issues with SYSVOL and that concerns me.  I need to have
SYSVOL functional on more than just one sever.  I also need RODC's to work
and be able to remove them and add more.  If the devs can't make this work
maybe they need to make a proxy caching server for SAMBA that can sit at
sites across a WAN and cache all the authentication and DNS that is sent to
a central SAMBA.

Thanks,
Joe

==============================================

What is not cool, SYSVOL replication :
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Sysvol_Replication

GPO's have to be manually synced, AD without GPO's lis like a car running
on all spare tires...

Internal DNS is said to not be good for complex or large deployments, so
use Bind_DLZ.

Some of these issues have been around for over a decade(
https://bugzilla.samba.org/show_bug.cgi?id=6714).  Does anyone really care
about Samba being used outside of home users, NASes and Small single server
businesses?

-----------------------------------------------
It seems that the developers or a developer should get the SYSVOL part
done.  By done I mean, done so that many to many replication works between
SAMBA AD DS where you have no Microsoft AD DS.  If you need it connected to
a production Windows active directory sell that connector as a commercial
module.

Make the Trusts work as well between SAMBA ONLY Domains.

Windows 10 is going to force many companies to either rip and replace lots
of Windows servers with new ones or migrate to a Samba AD network and say
goodby to Microsoft.  Has microsoft contributed any code to SAMBA?  Are the
API's still public and the documentation matching the Microsoft product
line?


More information about the samba mailing list