[Samba] DC replications of FreeBSD samba-4.10.15
James B. Byrne
byrnejb at harte-lyne.ca
Mon Jul 13 13:06:17 UTC 2020
On Sat, July 11, 2020 04:32, Andrea Venturoli wrote:
> On 2020-07-10 14:47, James B. Byrne wrote:
>> FreeBSD-12.1p6 IOCage thick jails on ZFS, samba-4.10.15:
>
> Can you post the smb.conf of both DCs?
>
> Just out of curiosity, are you also using vfs_zfsacl?
Yes.
smb.confs DC1 and DC2:
/zroot/iocage/jails/smb4-1a/root/usr/local/etc/smb4.conf
[root at vhost04 ~ (master)]# cat
/zroot/iocage/jails/smb4-1/root/usr/local/etc/smb4.conf
# Global parameters
[global]
bind interfaces only = Yes
interfaces = localhost smb4-1
netbios name = SMB4-1
realm = BROCKLEY.HARTE-LYNE.CA
workgroup = BROCKLEY
server role = active directory domain controller
server services = -nbt
# use 'samba-tool testparm -v | grep services' to list active services
idmap_ldb:use rfc2307 = yes
vfs objects = dfs_samba4 zfsacl
# DNS
dns forwarder = 216.185.71.33 216.185.71.34
# Note diff: sbin vs. bin and _ vs. - and dns vs. ns
dns update command = /usr/local/sbin/samba_dnsupdate
## samba_dnsupdate insists on finding rndc
rndc command = /usr/bin/true
## For secure dns dynamic updates use these (but secure does not work):
# 1 nsupdate command = /usr/local/bin/samba-nsupdate -g
# 1 allow dns updates = secure only
## For insecure dynamic updates use these settings:
nsupdate command = /usr/local/bin/samba-nsupdate
allow dns updates = nonsecure
# Logging
log level = 1
#log file = /var/log/samba4/smbd.log.%m
log file = /var/log/samba4/smbd.log
max log size = 10000
debug timestamp = yes
# Disable printing
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[sysvol]
path = /var/db/samba4/sysvol
read only = No
[netlogon]
path = /var/db/samba4/sysvol/brockley.harte-lyne.ca/scripts
read only = No
[PROFILES]
path = /var/samba4/BROCKLEY/PROFILES/
read only = No
[USERS]
path = /var/samba4/BROCKLEY/USERS/
read only = No
[root at vhost04 ~ (master)]# cat
/zroot/iocage/jails/smb4-2/root/usr/local/etc/smb4.conf
# Global parameters
[global]
bind interfaces only = Yes
interfaces = localhost smb4-2
netbios name = SMB4-2
realm = BROCKLEY.HARTE-LYNE.CA
server role = active directory domain controller
server services = -nbt
workgroup = BROCKLEY
# DNS
dns forwarder = 216.185.71.33 216.185.71.34
# Note diff: sbin vs. bin and _ vs. - and dns vs. ns
dns update command = /usr/local/sbin/samba_dnsupdate
# For secure DNS updates use the following:
#nsupdate command = /usr/local/bin/samba-nsupdate -g
#allow dns updates = secure only
# However, we are unable to get secure dns updates to work with the internal DNS
nsupdate command = /usr/local/bin/samba-nsupdate
allow dns updates = nonsecure
# rndc is not used with the internal DNS but unless set to true
# samba-dnsupdate logs an error anyway
rndc command = /usr/bin/true
log level = 2
#log file = /var/log/samba4/smbd.log.%m
log file = /var/log/samba4/smbd.log
max log size = 10000
debug timestamp = yes
# Disable printing
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[sysvol]
path = /var/db/samba4/sysvol
read only = No
[netlogon]
path = /var/db/samba4/sysvol/brockley.harte-lyne.ca/scripts
read only = No
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Unencrypted messages have no legal claim to privacy
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the samba
mailing list