[Samba] Samba 4 without winbind
Shannon Price
pricesw at auburn.edu
Mon Sep 19 13:36:49 UTC 2022
We are not using Samba AD DC. We have a common campus, Windows AD. In our department we are not Domain Admins. We can create our own security groups, but the users are common and we can't set attributes on the objects (e.g. profile path or home directory). I can check with central campus. They might already have the rfc2307 attributes added.
Most Samba servers serve file shares which are local to the server, but since we have an NFS infrastructure, Samba servers can also serve over NFS (a double performance hit of SMB + NFS). We avoid this as much as possible, but it is convenient and seems to work well for many years.
Shannon
-----Original Message-----
From: Rowland Penny <rpenny at samba.org>
Sent: Sunday, September 18, 2022 11:19 AM
To: samba at lists.samba.org
Subject: Re: [Samba] Samba 4 without winbind
On 18/09/2022 16:56, Kees van Vloten via samba wrote:
> Hi Shannon,
>
> It is highly recommended to keep Samba-AD-DC servers separate from
> Samba SMB fileservers. In other words you should not serve home-dirs
> from a domain-controller.
Not sure if he is using a Samba AD DC, it would be interesting to know what the DC is.
>
> I would setup new AD-controllers next to the current servers (even
> more so because they seem to be SMB-servers as well). Then either so
> setup new SMB-servers or you join the SMB-servers as members to the domain.
>
> Is it correct that you serve the SMB home-dirs from a mounted NFS-share?
> I would think that could cause problems with ACLs, but probably
> Rowland has more knowledge about that.
I wouldn't use NFS for Samba homedirs, but it doesn't sound like the OP is doing this.
Rowland
More information about the samba
mailing list