[Samba] Two SMB Domain member gateways to CEPHFS

Rowland penny rpenny at samba.org
Tue Mar 30 12:12:13 UTC 2021

On 30/03/2021 11:58, Oskari Koivisto wrote:
> Hi, no no, Samba is NOT an AD DC.

I never said it was, but you are running Samba as a Unix domain member, 
'security = ADS' says this and as such, AD domain rules apply. This 
means that you shouldn't use the '.local' TLD, but you haven't actually 
confirmed what the workgroup name is (though, from what you posted, it 
looks like it is 'MICT'), what is the REALM, is it the dns domain in 
uppercase ? Something like 'mict.local' ? If it is, the ensure Avahi 
isn't running.

> it’s only a member in Domain and should only be used to authenticate user to the shares.
> the ceph clusters are in 2 separate locations but both cluster are mainly accessed via different users and groups.
> There is only few services that actually connects to both cluster.

It sounds like you have one cluster at site A and another at site B, 
with at least one Unix domain member at each site, but where are the DC's ?


More information about the samba mailing list