[Samba] Samba + Winbind : Kerberos Tickets

Robert Buck robert.buck at som.com
Wed Jul 15 18:18:04 UTC 2020 

Additional information, to repair the situation we have to run netpan apply
every 18 hours or so. So we're evaluating dropping use of netplan and giong
to other options to see if they actually work. Any recommendations?

Thank you.

- Bob

On Wed, Jul 15, 2020 at 9:12 AM Robert Buck <robert.buck at som.com> wrote:

> Hi Folks,
>
> We're in the process of setting up a Samba cluster (Samba+CTDB+etcd), and
> we (presently) using Winbind. We use AD. We're finding that the domain join
> (or kerberos ticket renewal) is unreliable. Every day we find Samba/Winbind
> is no longer joined to the domain. Now, we're in a bit of a learning curve
> here, and automating everything with Terraform + Ansible. We have yet to
> produce a stable environment with respect to domain join, though the file
> systems themselves seem fine.
>
> One challenge is the vast array of (frequently inconsistent or inaccurate)
> documentation on the topic of Samba, different ways to do the same things,
> etc. So part of our challenge is sifting through useful, or not so useful,
> information.
>
> We really need an accurate recipe for installing Samba, all its
> dependencies, including Winbind (or alternative), having this domain
> joined, and supporting Windows File History.
>
> Can anyone of the core Samba team members point our way through the
> "wilderness"? ;-) To either a very up to date, very accurate, bash script
> that has every step detailed, or a document that has been tested recently
> that works flawlessly?
>
> This would be very helpful.
>
> We're excited to see the prospect of a distributed Samba cluster working
> across several AWS regions, and initial testing has produced great results
> in terms of performance and recoverability. But it's this last mile of
> getting AD join stable and kerberos tickets automatically renewed, and not
> dropping domain join, working, that is causing us issue.
>
> And any detailed information (script ideally) on how to configure Windows
> File History, would also be helpful.
>
> Thank you so much in advance, we really appreciate this.
>
> Kindly,
>
> --
>
> BOB BUCK
> SENIOR PLATFORM SOFTWARE ENGINEER
>
> SKIDMORE, OWINGS & MERRILL
> 7 WORLD TRADE CENTER
> 250 GREENWICH STREET
> NEW YORK, NY 10007
> T  (212) 298-9624
> ROBERT.BUCK at SOM.COM
>


-- 

BOB BUCK
SENIOR PLATFORM SOFTWARE ENGINEER

SKIDMORE, OWINGS & MERRILL
7 WORLD TRADE CENTER
250 GREENWICH STREET
NEW YORK, NY 10007
T  (212) 298-9624
ROBERT.BUCK at SOM.COM

More information about the samba mailing list