[Samba] Using separate packages for a DC

Andrew Bartlett abartlet at samba.org
Tue Jan 31 19:32:26 UTC 2023

On Mon, 2023-01-30 at 16:44 +0300, Michael Tokarev via samba wrote:
> After realizing that people don't realize (heh) samba DC isnot a
> regular fileserver, an idea come to me.
> How about building two different samba packages (on a
> distributionsuch as debian), one being a regular file server and
> another isjust for an AD DC, and make them *co-installable*, so each
> hasits own set of config/library/cache/runtime files?

I think that would be a pile of pain, and cause to many conflicts.
> When installed together, it will be two separate instances, builtin a
> way so that they don't share anything. One only have to
> specifydifferent IP addresses for the two (and different names),and
> that's about it.

I would really not do that.
> I'm not yet sure about all the details, - for example, there canonly
> be one libnss_winbind, but in this case it looks like theregular
> instance don't need winbinidd, single winbind can be used.There's a
> question about DNS too.  That all needs to be thoughtabout for
> *sure*.
> If that works, the two might be built with different
> kerberosimplementations as well: the regular fileserver (and
> client)is built with MIT kerberos which is more featureful, and
> theAD-DC one is built with heimdal (using their own set of
> librariesand helper executables).

Alternative packages would be a reasonable outcome, but not co-
Andrew Bartlett

Andrew Bartlett (he/him)       https://samba.org/~abartlet/Samba Team Member (since 2001) https://samba.orgSamba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst.Net Limited
Catalyst.Net Ltd - a Catalyst IT group company - Expert Open SourceSolutions

More information about the samba mailing list