Quoting Jeremie Courreges-Anglas <j...@wxcvbn.org>:
net/samba maintainer here,
alexmcwhir...@triadic.us writes:
I have a few machines stuck on 5.9 with samba 4.1 running as a domain
controller. It seems i can't really upgrade these machines to 6.0 and
most likely 6.1 as samba 4.4 forces the use of s3fs which requires posix
ACL's. I was wondering if anyone else has the same issue or has heard of
anything lately that might resolve this in the future?
AFAIK samba 4.4+ doesn't actually require the use of filesystem-level
ACLs. With s3fs, ACLs and Extended Attributes can be emulated with
the appropriate modules. These days I'm staying away from samba 'cause
I can't properly test it, but iirc this:
xattr_tdb:file = /var/samba/xattr.tdb
in smb.conf/[global] was enough last time I checked. The appropriate
modules should be autodetected (you can see them with testparm).
I am looking for more feedback from people that actually use samba on
OpenBSD, especially as domain controller. If you perform tests and
report back, that would be great. Preferably on -current which provides
samba-4.5.
Maybe as a stop
gap it would make sense to have two versions of samba in the tree? one
new one, and one being the last supported version that can still use
ntvfs?
No, ntvfs/s3fs shouldn't be an actual problem. There are additional
reasons, like sanity. :)
--jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524
E7EE
Hi Jeremie,
I tested this over the past few days.
If I change skip_sysvolacl=False to skip_sysvolacl=True in
/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py, I am able to
create the domain, add additional DC's as well as additional member
servers. All DC's are qemu VMs. Tested this further with Windows 10, 8.1,
and 7 domain members and it seems to work for "normal" Windows usage.
If this is not a dumb approach, please let me know if any additional tests
would be useful. If it is really a bad idea, please let me know as well.
Thank you very much for all the massive effort into this port. Much
appreciated.
Vijay
--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca
