Re: Samba3 domain controller howto?
hi, > Where did you get samba4? How did you download? > How did you compile on FreeBSD? You can share your ./configure args? have a look into the mail I just posted on freebsd-questions, it includes links to the samba wiki where installation is explained in detail. > And your smb.conf and loop script? the loop script is a bash with the following command running: 'while (true); do samba -i -M single; done' this restarts samba4 whenever it crashes immediately. my smb.conf is very simplistic as there aren't that may options you can choose in samba4 (due to being in heavy development). maybe one thing that you should be aware of is, that UFS does not support extend file attributes as linux does. so you need to save this informations into a file. the correct procedure is described in the samba4 howto article within the samba wiki (http://wiki.samba.org/index.php/Samba4/HOWTO). sorry for not providing my smb.conf, but the server is out of my reach at the moment. If you have any questions about the setup drop me an email, maybee I can help you. Regards, --- Mr. Olli ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: Samba3 domain controller howto?
Hi, I used the following procedure to install samba4 on a freebsd box: http://wiki.samba.org/index.php/Samba4/HOWTO in my current setup (which is about 4 months old) the following this do not work: - active directory groups did somehow not work as expected, but I didn't had the time to look deeper into it - updating DNS records within named, as the version freebsd comes with does not support the GSSAPI. if someone finds a way to replace builtin named with a newer version please drop me an email. - stability (didn't had the time to examine the segfaults further.) I already had contact about this issue with andrew bartlett from the developer team and they are willing to fix this issues when they have enough informations. look here (http://wiki.samba.org/index.php/Franky) for informations about the 'franky' release and how to compile it. seems to be simple if you're a little bit familiar with samba. I didn't had the time to look and test, and surely won't have any until mid-august. so it would be great to hear your experiences :-) Regards, --- Mr. Olli On Mon, 2009-06-08 at 07:40 -0400, Dave wrote: > Hi, > Do you have a procedure for getting samba4 going? If it can do active > directory i'd like to try it. And get it all going, with samba3 as well. > Thanks. > Dave. > > > -Original Message- > From: owner-freebsd-questi...@freebsd.org > [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Mister Olli > Sent: Monday, June 08, 2009 7:18 AM > To: Tim Judd > Cc: Olivier Nicole; freebsd-questions@freebsd.org; redt...@sbcglobal.net > Subject: Re: Samba3 domain controller howto? > > hi, > > > yes, you are mis-understanding > > > > samba itself is a NT4-type domain. > not quite right. It depends on the samba version your using. > - samba3 only provides NT4-type domains > - samba4 provides active directory domain types including GPO (I have such a > setup running in 7. with around 10 users. It works quite good, > beside the fact that samba segfaults from time to time (which I covered by > running samba4 in foreground within an endless bash.-loop)). > > there is even a new build-option that creates the 'samba franky' release > which uses samba3 & samba4 at the same time to make nearly all samba3 > feature in combination with AD environments available, but it didn't have > the time to look into that. But it sounds quite promising, since > samba4 lacks some features samba3 already has. > > > Regards, > --- > Mr. Olli > > > > samba can use authentication backends that include passwd files, LDAP > > and kerberos. Active directory is a requirement to use LDAP, whereas > > samba is offering it as a auth backend only. > > > > fine line, I know. > > > > IOW, whereas Active Directory - as a technology: > > Uses kerberos for authorization > > Uses LDAP for a storage backend for Kerberos > > Uses u...@domain logins (thanks to Kerberos), > > Uses other techs not related to this thread > > > > NT4-style domains - as a technology: > > Not using Kerberos > > Not using LDAP storage > > > > Samba allows it's authorization backend to offer more possibilities > > than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc. > > > > > > It's technology vs technology, not product vs product. > > > > > > On 6/7/09, Olivier Nicole wrote: > > > Hi, > > > > > >> Samba is still only a NT4-type > > >> DC, no Active Directory type of function (Group Policies, > > >> u...@domain logins, kerberos, ldap, etc) > > > > > > I am not sure if I understand you well, but my samba is > > > authenticating users agaiinst LDAP. > > > > > > Best regards, > > > > > > Olivier > > > > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscr...@freebsd.org" > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Samba3 domain controller howto?
hi, > yes, you are mis-understanding > > samba itself is a NT4-type domain. not quite right. It depends on the samba version your using. - samba3 only provides NT4-type domains - samba4 provides active directory domain types including GPO (I have such a setup running in 7. with around 10 users. It works quite good, beside the fact that samba segfaults from time to time (which I covered by running samba4 in foreground within an endless bash.-loop)). there is even a new build-option that creates the 'samba franky' release which uses samba3 & samba4 at the same time to make nearly all samba3 feature in combination with AD environments available, but it didn't have the time to look into that. But it sounds quite promising, since samba4 lacks some features samba3 already has. Regards, --- Mr. Olli > samba can use authentication backends that include passwd files, LDAP > and kerberos. Active directory is a requirement to use LDAP, whereas > samba is offering it as a auth backend only. > > fine line, I know. > > IOW, whereas Active Directory - as a technology: > Uses kerberos for authorization > Uses LDAP for a storage backend for Kerberos > Uses u...@domain logins (thanks to Kerberos), > Uses other techs not related to this thread > > NT4-style domains - as a technology: > Not using Kerberos > Not using LDAP storage > > Samba allows it's authorization backend to offer more possibilities > than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc. > > > It's technology vs technology, not product vs product. > > > On 6/7/09, Olivier Nicole wrote: > > Hi, > > > >> Samba is still only a NT4-type > >> DC, no Active Directory type of function (Group Policies, u...@domain > >> logins, kerberos, ldap, etc) > > > > I am not sure if I understand you well, but my samba is authenticating > > users agaiinst LDAP. > > > > Best regards, > > > > Olivier > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Samba3 domain controller howto?
yes, you are mis-understanding samba itself is a NT4-type domain. samba can use authentication backends that include passwd files, LDAP and kerberos. Active directory is a requirement to use LDAP, whereas samba is offering it as a auth backend only. fine line, I know. IOW, whereas Active Directory - as a technology: Uses kerberos for authorization Uses LDAP for a storage backend for Kerberos Uses u...@domain logins (thanks to Kerberos), Uses other techs not related to this thread NT4-style domains - as a technology: Not using Kerberos Not using LDAP storage Samba allows it's authorization backend to offer more possibilities than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc. It's technology vs technology, not product vs product. On 6/7/09, Olivier Nicole wrote: > Hi, > >> Samba is still only a NT4-type >> DC, no Active Directory type of function (Group Policies, u...@domain >> logins, kerberos, ldap, etc) > > I am not sure if I understand you well, but my samba is authenticating > users agaiinst LDAP. > > Best regards, > > Olivier > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Samba3 domain controller howto?
Hi, > Samba is still only a NT4-type > DC, no Active Directory type of function (Group Policies, u...@domain > logins, kerberos, ldap, etc) I am not sure if I understand you well, but my samba is authenticating users agaiinst LDAP. Best regards, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Samba3 domain controller howto?
On 6/7/09, Mark Busby wrote: > > > > --- On Sun, 6/7/09, Dave wrote: > >> From: Dave >> Subject: Samba3 domain controller howto? >> To: freebsd-questions@freebsd.org >> Date: Sunday, June 7, 2009, 6:28 AM >> Hello, >> I've found a lot of this for LInux, but >> am looking for something >> FreeBSD specific. I'm wanting to set up a FreeBSD 7.2 >> machine, samba3, >> dynamic dhcp and dns, to act as a domain controller. Has >> anyone done this >> and do you have some notes or a howto? >> Thanks. >> Dave. > > > The samba howto's on the samba website cover this very well, the only step I > can think of that is a bit diff on freebsd, is adding the $ to the machine > account but it's stated on the website. > Dhcp is covered in the handbook on the freebsd website. > dns/dnsmasq for DHCP and DNS (will provide dynamic DNS) samba for windows networking shares. Samba is still only a NT4-type DC, no Active Directory type of function (Group Policies, u...@domain logins, kerberos, ldap, etc) Samba's own password db is quite advanced, but samba itself is still a NT4-type of function. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Samba3 domain controller howto?
--- On Sun, 6/7/09, Dave wrote: > From: Dave > Subject: Samba3 domain controller howto? > To: freebsd-questions@freebsd.org > Date: Sunday, June 7, 2009, 6:28 AM > Hello, > I've found a lot of this for LInux, but > am looking for something > FreeBSD specific. I'm wanting to set up a FreeBSD 7.2 > machine, samba3, > dynamic dhcp and dns, to act as a domain controller. Has > anyone done this > and do you have some notes or a howto? > Thanks. > Dave. The samba howto's on the samba website cover this very well, the only step I can think of that is a bit diff on freebsd, is adding the $ to the machine account but it's stated on the website. Dhcp is covered in the handbook on the freebsd website. > > ___ > freebsd-questions@freebsd.org > mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"