[Samba] domain-free multi-user use cases

L. van Belle belle at samba.org
Tue Oct 26 12:21:13 UTC 2021


I removed some part. 

...
> I will investigate whether a solution of this kind, or any other given
> earlier, might be viable workaround for me at this time. Running Samba
> on an inexpensive NAS appliance, I wish to preserve the 
> benefits of the
> device being self contained, small scale, low cost, and minimal
> configuration. 

QSNAP and Synoligy provide Samba AD on NAS. 

> 
.... 
> 
> History and practice inevitably informing perception, the prevailing
> perception is now that a separation between support of 
> multiuser mounts
> from the use of a domain controller is not a useful direction to
> consider for future development, because of the design and
> implementation costs, because of lack of broad relevance, or 
> because of
> a belief that deployments would introduce difficult problems. 

I have that with cloud.. But i think people will get that in some time. 


> 
> Whereas anyone sensible would recognize that administrators creating
> multiuser mounts often will be doing so in deployments currently
> benefiting from a domain controller, I hoped to draw attention to a
> separate and distinct scenario. Suppose someone not using a domain
> controller is completely happy in every way with the layout of the
> system, and the function of the software, except for the impossibility
> of simply creating a multiuser mount. Resolving this impossibility
> would not limit anyone else currently using a domain controller, nor
> require a commitment of never adding a domain controller to the same
> deployment in the future. The plain observation is that at the current
> moment, the constraints in the software design impose the only
> limitation against someone adding to the simple deployment a multiuser
> mount.
> 
> Seen in such a light, as I originally attempted to cast on 
> the subject,
> and also as immediate to my present experience, some of the 
> ideas given
> earlier, about a fixation on avoiding a domain controller, a 
> stinginess
> over cash expenditures, or features being redundant with NFS, all
> appear to me as red herrings, as not bearing on the essential 
> merits of
> the ideas I have expressed.
> 
> It has been suggested that utilization of domain controller achieves
> the same result as the proposed support for multiuser mounts without a
> domain controller, but such suggestions overlook the central premise
> that inclusion of a domain controller in the deployment is part of the
> result. Introducing a domain controller broadly determines how the
> network operates, and not including one is a defensible choice. Domain
> controllers not only impose administrative and operational overhead,
> including for the lost time of normal workflow stopping when they fail
> or malfunction, but they also require changing the operational mode of
> the other nodes to be members of the domain, with operation then
> becoming dependent on the function of the domain controller.
> Utilization of a domain controller must be considered as a different
> paradigm, a more complicated and in some ways more fragile network
> configuration, which is surely suitable for many deployments, but may
> not be suitable for all. 
> 
> Ideally, a choice not to include a domain controller in a 
> network would
> not prevent benefiting from features that in principle have no
> necessary dependence on one.
> 
> Such observations may be, I hope, useful toward putting aside orthodox
> perception, and framing the matter through broader clarity, I hope to
> show that a wish to create a multiuser mount without a domain
> controller is in principle rather sensible, and not, in the most
> general case, diminished by many of the common objections.
> 
> To close on a more concrete remark, NFS currently has limitations, as
> stated previously, of its own, including the insistence on matching
> numeric user identifiers, and lack of support for password
> authentication. Features useful for Samba might be considered
> separately from those available in NFS. 
> 
> 


You made your text it such a way, i lost track what your exactly trying to
say/asking here.
(sorry) 

All i can say is, im a System admin for over (damn..) 28years now..

Everyone has different ideas on how to setup and what to run. 
Which is totaly fine, for me, only what matters is. 

Standarized setups. 
Easy to maintain. 
Making users happen and reducing there actions to save time. 

Thats all what i do and thats my only goal. 
How i do that, that totaly depends on "need" and who maintains it, can they
maintain it.

I worked with, Windows (all versions expect latest windows server as from
2016+ ),
novell (2x-6x), bayens, AS400, Linu,x OS/2.
And there is only one thing thats bad for all system, and thats us, the sys
admins. 
(yes, including myself).. 

What you do want exactly. 

1 server and multiple mounts to other server and no domain controller. 
Use LDAP, ... Ow wait, thats included in a domain controller. 
Mutiple user mount, NFS/CIFS. 

So, now try to explain in a simple way what you want. 
Non-native english people might not get it all what you exactly want. 

Greetz, 

Louis





More information about the samba mailing list