[Samba] freeradius on dc?
Andrew Bartlett
abartlet at samba.org
Wed Nov 30 19:14:16 UTC 2022
On Wed, 2022-11-30 at 09:18 -0400, Robert Marcano via samba wrote:
> On 11/30/22 3:56 AM, Alexander Harm || ApfelQ via samba wrote:
> > Not from my side. I tried it a couple of times but for us
> > containers were always a mess when it came to Samba. Starting from
> > permission issues and problems forwarding all the ports necessary
> > (which conflicted with the host). That is why we only use virtual
> > machines now.
>
> We have no problem running Samba AD as OCI containers, the trick is
> to use host networking and setup an extra IP address for the DC and
> bind only to it, This way there is no conflicts with the host.
> It was required because Samba insist in adding the container internal
> IP to DNS when host networking isn't used, and that IP isn't
> reachable by clients.
The samba_dnsupdate script can be controlled for that, but I think host
networking just makes much more sense for this, given how many ports we
open etc.
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/Samba Team Member (since 2001) https://samba.orgSamba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open SourceSolutions
More information about the samba
mailing list