[Samba] Two SMB Domain member gateways to CEPHFS
Rowland penny
rpenny at samba.org
Tue Mar 30 10:52:20 UTC 2021
On 30/03/2021 10:58, Oskari Koivisto wrote:
> Hi,
>
> the realm in the smb.conf defines the actual domain. And that is set with .local
>
> As per samba documentation that’s the way it should be done.
No, actually it isn't, the Samba wiki here:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
Explicitly says to not use '.local':
Make sure that you provision the AD using a DNS domain that will not
need to be changed. Samba does not support renaming the AD DNS zone and
Kerberos realm. Do not use |.local| for the TLD, this is used by Avahi.
So is your dns domain 'mict.local' and your workgroup 'MICT' ?
Note that the Samba wiki advises using a subdomain instead of a
registered domain e.g. ad.mict.local
Except that you shouldn't use '.local', even Microsoft says this is a
bad idea.
>
> So the ceph is used as a backend storage for windows-hosts. Samba is the only way providing cephfs to windows-clients.
>
> The shares from the samba are mapped to users as netdrives and windows permissions should be set to the shares accordingly.
That should work (mapping shares, that is), it sounds like your problem
is with cephs and it sounds like your cephs cluster is spread out
globally, I don't think this is a good idea.
Rowland
More information about the samba
mailing list