Looking for a mentor/adviser
I am VERY interested in investigating alternative solutions to my Microsoft network that are Linux based and can provide the same/similar services. I have already made several disastrous attempts using Ubuntu server/workstation, Debian, and Mandrake to use Samba, resulting in some very serious damage to several domain controllers trying to integrate them into an existing AD environment. If there is someone who would be interested in mentoring me through the basics, I would be grateful. I would be satisfied with anyone whose skills exceed my own, even if they too are still learning as it could be a group project. I have resources to make the "Sandbox" remotely accessible to accommodate schedules etc, I would of course need some help getting that functionality working successfully and of course securely. I have several dedicated servers and workstations reserved for a "Sandbox" and I'd like to attempt to build an equivalent network to investigate the feasibility of migrating away from Microsoft. I've a rudimentary working knowledge of Linux but not ready for the CLI plunge yet, in other words.. I can break Linux better than a newbie. It is becoming obvious to me that I am not mastering the OS from books and fumbling, and there's as much bad advice/information on Google as good and I can't discern the difference at this point. If there is anyone interested, let me know. I would appreciate not getting the usual Microsoft bashing as I can't throw away something that works until I can replace it. If you are a consultant looking for work, I'm not your next meal ticket, yet... Sean Parsons AKA Doorman352 "The floggings will continue, until morale improves" --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Thu, 2010-01-28 at 18:03 -0700, Sean Parsons wrote: > I am VERY interested in investigating alternative solutions to my > Microsoft network that are Linux based and can provide the > same/similar services. I have already made several disastrous attempts > using Ubuntu server/workstation, Debian, and Mandrake to use Samba, > resulting in some very serious damage to several domain controllers > trying to integrate them into an existing AD environment. > > > > If there is someone who would be interested in mentoring me through > the basics, I would be grateful. I would be satisfied with anyone > whose skills exceed my own, even if they too are still learning as it > could be a group project. I have resources to make the “Sandbox” > remotely accessible to accommodate schedules etc, I would of course > need some help getting that functionality working successfully and of > course securely. > > > > I have several dedicated servers and workstations reserved for a > “Sandbox” and I’d like to attempt to build an equivalent network to > investigate the feasibility of migrating away from Microsoft. I’ve a > rudimentary working knowledge of Linux but not ready for the CLI > plunge yet, in other words…. I can break Linux better than a newbie. > It is becoming obvious to me that I am not mastering the OS from books > and fumbling, and there’s as much bad advice/information on Google as > good and I can’t discern the difference at this point. > > > > If there is anyone interested, let me know. I would appreciate not > getting the usual Microsoft bashing as I can’t throw away something > that works until I can replace it. Wouldn't it be more useful and instructive to keep your questions on list? You would benefit from a greater availability of opinions too. Also, it seems a bit unfair to want private advising and deprive the list of the knowledge that is gathered by solving problems which I would gather would be rather typical for many offices/businesses. There is no need to make changes to an AD environment to add Linux servers and/or workstations. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Craig, > > Wouldn't it be more useful and instructive to keep your questions on > list? You would benefit from a greater availability of opinions too. > > Also, it seems a bit unfair to want private advising and deprive the > list of the knowledge that is gathered by solving problems which I would > gather would be rather typical for many offices/businesses. > > There is no need to make changes to an AD environment to add Linux > servers and/or workstations. > > Craig > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
I personally agree that this would be great on list discussion. even if it is using Linux to support a MS platform, it still would be educational for me at least. On Fri, Jan 29, 2010 at 8:16 AM, wrote: > Craig, > >> >> Wouldn't it be more useful and instructive to keep your questions on >> list? You would benefit from a greater availability of opinions too. >> >> Also, it seems a bit unfair to want private advising and deprive the >> list of the knowledge that is gathered by solving problems which I would >> gather would be rather typical for many offices/businesses. >> >> There is no need to make changes to an AD environment to add Linux >> servers and/or workstations. >> >> Craig >> >> >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Ok, How would I build this sandbox as a list discussion? Sean Parsons > I personally agree that this would be great on list discussion. > > even if it is using Linux to support a MS platform, it still would be > educational for me at least. > > On Fri, Jan 29, 2010 at 8:16 AM, wrote: >> Craig, >> >>> >>> Wouldn't it be more useful and instructive to keep your questions on >>> list? You would benefit from a greater availability of opinions too. >>> >>> Also, it seems a bit unfair to want private advising and deprive the >>> list of the knowledge that is gathered by solving problems which I >>> would >>> gather would be rather typical for many offices/businesses. >>> >>> There is no need to make changes to an AD environment to add Linux >>> servers and/or workstations. >>> >>> Craig >>> >>> >>> >>> -- >>> This message has been scanned for viruses and >>> dangerous content by MailScanner, and is >>> believed to be clean. >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
I would start by telling us (1) the size of the mouse trap you want to build, (2) your requirements for the mouse trap today, and (3) what you want the mouse trap to look like in 5 years. Basically, a concise description of what you want today and tomorrow. Then, those in the group who have expertise in a particular area can chime in with their recommendations. An email list may be a little hard to manage this discussion, but it is worth a shot to see how it goes. Wost case, you will get to know a couple of experts on the list, and you can always throw money, beer, food, at them later.;-) Or, just bring your sandbox to the InstallFest this Saturday for some hands on help...jk unless your sandbox is one machine ;-) Mark On Fri, Jan 29, 2010 at 9:58 AM, wrote: > Ok, How would I build this sandbox as a list discussion? > > Sean Parsons > > > I personally agree that this would be great on list discussion. > > > > even if it is using Linux to support a MS platform, it still would be > > educational for me at least. > > > > On Fri, Jan 29, 2010 at 8:16 AM, wrote: > >> Craig, > >> > >>> > >>> Wouldn't it be more useful and instructive to keep your questions on > >>> list? You would benefit from a greater availability of opinions too. > >>> > >>> Also, it seems a bit unfair to want private advising and deprive the > >>> list of the knowledge that is gathered by solving problems which I > >>> would > >>> gather would be rather typical for many offices/businesses. > >>> > >>> There is no need to make changes to an AD environment to add Linux > >>> servers and/or workstations. > >>> > >>> Craig > >>> > >>> > >>> > >>> -- > >>> This message has been scanned for viruses and > >>> dangerous content by MailScanner, and is > >>> believed to be clean. > >>> > >>> --- > >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > >>> To subscribe, unsubscribe, or to change your mail settings: > >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > >> > >> --- > >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > >> To subscribe, unsubscribe, or to change your mail settings: > >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > >> > > > > > > > > -- > > A mouse trap, placed on top of your alarm clock, will prevent you from > > rolling over and going back to sleep after you hit the snooze button. > > > > Stephen > > --- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
I know that personally if you have just a desktop i would start with 3 virtual machines. AD server (windows) Linux server for new AD and then A client workstation Virtualbox comes to mind as a nice portable interface for this. and it is cross platform. issue with that is you will need about 4gb of ram to function on this or there about. On Fri, Jan 29, 2010 at 9:58 AM, wrote: > Ok, How would I build this sandbox as a list discussion? > > Sean Parsons > >> I personally agree that this would be great on list discussion. >> >> even if it is using Linux to support a MS platform, it still would be >> educational for me at least. >> >> On Fri, Jan 29, 2010 at 8:16 AM, wrote: >>> Craig, >>> Wouldn't it be more useful and instructive to keep your questions on list? You would benefit from a greater availability of opinions too. Also, it seems a bit unfair to want private advising and deprive the list of the knowledge that is gathered by solving problems which I would gather would be rather typical for many offices/businesses. There is no need to make changes to an AD environment to add Linux servers and/or workstations. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Well, I am trying to build as close an equivalent to my existing all Microsoft network as possible using Linux based solutions in order to determine if I can migrate away from Microsoft. At the same time attempt to learn more about Linux. I am using Small Business Server 2003 Standard and 3 Server 2003 machines to host my corporate network, I have about 30 workstations and these assets are distributed across to offices in Albuquerque and Phoenix. We use Exchange for mail, I have 3 domain controllers for AD. We use office 2007 for typical files and I use networked printers. I am not using much from SQL except for sharepoint but there are other options for that. As far as giving you specifics, how do you define an unknown? I can't explain what Linux can do vs Windows, as it's not apples-apples and oranges-oranges. Listing everything out and trying to keep things focused in a forum like this is going to be a monumental effort on top of the actual project. I can't debate 4 different opinions about which mail transport agent/client is best, I'm more interested in choosing one and trying to see if I can make it work, at this point. That is why I set out to build a sandbox with the aide of someone with more experience than I, to attempt to build as much equivalent functionality as possible to see where it gets me/us. I have no plan to use it in a production environment and if I decide to actually convert, I would plan a project for that separately, with more specifics, and hopefully my experience will have improved as well. I have unsuccessfully attempted to reproduce various pieces (Samba, Cups, DNS, etc) and join them to the existing domain and had 0% success in making it work with my existing network. So keeping them separate is my only option at this point. I have allocated four machines for use and a portion of my network, I can even allocate static IPs. I have planned for 2 servers and 1-2 workstation machines, I can bring them to installfest, but I'd need a lot of support equipment to hook them up into something usable. I still have concerns about this forum as I am new and getting 20 different conflicting suggestions will not be a constructive learning environment, not to mention monopolizing this forum. > I would start by telling us (1) the size of the mouse trap you want to > build, (2) your requirements for the mouse trap today, and (3) what you > want > the mouse trap to look like in 5 years. Basically, a concise description > of > what you want today and tomorrow. Then, those in the group who have > expertise in a particular area can chime in with their recommendations. > > An email list may be a little hard to manage this discussion, but it is > worth a shot to see how it goes. Wost case, you will get to know a couple > of > experts on the list, and you can always throw money, beer, food, at them > later.;-) > > Or, just bring your sandbox to the InstallFest this Saturday for some > hands > on help...jk unless your sandbox is one machine ;-) > > Mark > > On Fri, Jan 29, 2010 at 9:58 AM, wrote: > >> Ok, How would I build this sandbox as a list discussion? >> >> Sean Parsons >> >> > I personally agree that this would be great on list discussion. >> > >> > even if it is using Linux to support a MS platform, it still would be >> > educational for me at least. >> > >> > On Fri, Jan 29, 2010 at 8:16 AM, wrote: >> >> Craig, >> >> >> >>> >> >>> Wouldn't it be more useful and instructive to keep your questions on >> >>> list? You would benefit from a greater availability of opinions too. >> >>> >> >>> Also, it seems a bit unfair to want private advising and deprive the >> >>> list of the knowledge that is gathered by solving problems which I >> >>> would >> >>> gather would be rather typical for many offices/businesses. >> >>> >> >>> There is no need to make changes to an AD environment to add Linux >> >>> servers and/or workstations. >> >>> >> >>> Craig >> >>> >> >>> >> >>> >> >>> -- >> >>> This message has been scanned for viruses and >> >>> dangerous content by MailScanner, and is >> >>> believed to be clean. >> >>> >> >>> --- >> >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> >>> To subscribe, unsubscribe, or to change your mail settings: >> >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> >> >> --- >> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> >> To subscribe, unsubscribe, or to change your mail settings: >> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> >> > >> > >> > >> > -- >> > A mouse trap, placed on top of your alarm clock, will prevent you from >> > rolling over and going back to sleep after you hit the snooze button. >> > >> > Stephen >> > --- >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> > To subscribe,
Re: Looking for a mentor/adviser
I know I am absolutely not interested in muddying the waters by trying this with virtualized systems, maybe after I can actually get them to work. I posted previously that I have dedicated hardware to use. You are also describing a combined network and I have already abandoned that idea, so putting another windows server together is not going to be what I'm looking for. As far as I can tell Linux doesn't have an AD equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 domain controllers trying to join it. Not going to try that again anytime soon Sean Parsons > I know that personally if you have just a desktop i would start with 3 > virtual machines. > > AD server (windows) Linux server for new AD and then A client workstation > > Virtualbox comes to mind as a nice portable interface for this. and it > is cross platform. > > issue with that is you will need about 4gb of ram to function on this > or there about. > > On Fri, Jan 29, 2010 at 9:58 AM, wrote: >> Ok, How would I build this sandbox as a list discussion? >> >> Sean Parsons >> >>> I personally agree that this would be great on list discussion. >>> >>> even if it is using Linux to support a MS platform, it still would be >>> educational for me at least. >>> >>> On Fri, Jan 29, 2010 at 8:16 AM, wrote: Craig, > > Wouldn't it be more useful and instructive to keep your questions on > list? You would benefit from a greater availability of opinions too. > > Also, it seems a bit unfair to want private advising and deprive the > list of the knowledge that is gathered by solving problems which I > would > gather would be rather typical for many offices/businesses. > > There is no need to make changes to an AD environment to add Linux > servers and/or workstations. > > Craig > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> >>> >>> -- >>> A mouse trap, placed on top of your alarm clock, will prevent you from >>> rolling over and going back to sleep after you hit the snooze button. >>> >>> Stephen >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Fri, Jan 29, 2010 at 11:25 AM, wrote: > I know I am absolutely not interested in muddying the waters by trying > this with virtualized systems, maybe after I can actually get them to > work. I posted previously that I have dedicated hardware to use. > > You are also describing a combined network and I have already abandoned > that idea, so putting another windows server together is not going to be > what I'm looking for. As far as I can tell Linux doesn't have an AD > equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 > domain controllers trying to join it. Not going to try that again > anytime soon > > > Sean Parsons >> I know that personally if you have just a desktop i would start with 3 >> virtual machines. >> >> AD server (windows) Linux server for new AD and then A client workstation >> >> Virtualbox comes to mind as a nice portable interface for this. and it >> is cross platform. >> >> issue with that is you will need about 4gb of ram to function on this >> or there about. >> >> On Fri, Jan 29, 2010 at 9:58 AM, wrote: >>> Ok, How would I build this sandbox as a list discussion? >>> >>> Sean Parsons >>> I personally agree that this would be great on list discussion. even if it is using Linux to support a MS platform, it still would be educational for me at least. On Fri, Jan 29, 2010 at 8:16 AM, wrote: > Craig, > >> >> Wouldn't it be more useful and instructive to keep your questions on >> list? You would benefit from a greater availability of opinions too. >> >> Also, it seems a bit unfair to want private advising and deprive the >> list of the knowledge that is gathered by solving problems which I >> would >> gather would be rather typical for many offices/businesses. >> >> There is no need to make changes to an AD environment to add Linux >> servers and/or workstations. >> >> Craig >> >> >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > Are you trying to replace, completely, your Windows based infrastructure? if so, there are directories for linux that can replace AD, Cups or Samba printing, postfix for email (although you can't get the collaboration that Exchange provides. I guess you should define they key parts that you are looking to replace. What services do you need to provide to your users? Sharepoint can be replaced with a Wiki (http://www.atlassian.com/software/confluence/) using MySQL backend. What are your requirements? --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Actually there is this project: http://directory.fedoraproject.org/ http://directory.fedoraproject.org/wiki/Howto:WindowsSync http://directory.fedoraproject.org/wiki/Download There is a spin off that i cant remember the name of, but it combined with that project and adds some additional ease of use with Active directory. That alone is a great start. as for what can be done it really boils down to what you want i to do. What about exchange do you use? what on those windows servers do you do what services and functions. knowing what services you are running will help us advise you on alternatives. On Fri, Jan 29, 2010 at 11:25 AM, wrote: > I know I am absolutely not interested in muddying the waters by trying > this with virtualized systems, maybe after I can actually get them to > work. I posted previously that I have dedicated hardware to use. > > You are also describing a combined network and I have already abandoned > that idea, so putting another windows server together is not going to be > what I'm looking for. As far as I can tell Linux doesn't have an AD > equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 > domain controllers trying to join it. Not going to try that again > anytime soon > > > Sean Parsons >> I know that personally if you have just a desktop i would start with 3 >> virtual machines. >> >> AD server (windows) Linux server for new AD and then A client workstation >> >> Virtualbox comes to mind as a nice portable interface for this. and it >> is cross platform. >> >> issue with that is you will need about 4gb of ram to function on this >> or there about. >> >> On Fri, Jan 29, 2010 at 9:58 AM, wrote: >>> Ok, How would I build this sandbox as a list discussion? >>> >>> Sean Parsons >>> I personally agree that this would be great on list discussion. even if it is using Linux to support a MS platform, it still would be educational for me at least. On Fri, Jan 29, 2010 at 8:16 AM, wrote: > Craig, > >> >> Wouldn't it be more useful and instructive to keep your questions on >> list? You would benefit from a greater availability of opinions too. >> >> Also, it seems a bit unfair to want private advising and deprive the >> list of the knowledge that is gathered by solving problems which I >> would >> gather would be rather typical for many offices/businesses. >> >> There is no need to make changes to an AD environment to add Linux >> servers and/or workstations. >> >> Craig >> >> >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change y
Re: Looking for a mentor/adviser
i finally found it in some mail archives... http://www.freeipa.org/page/Main_Page On Fri, Jan 29, 2010 at 12:52 PM, Stephen wrote: > Actually there is this project: > > http://directory.fedoraproject.org/ > http://directory.fedoraproject.org/wiki/Howto:WindowsSync > http://directory.fedoraproject.org/wiki/Download > > There is a spin off that i cant remember the name of, but it combined > with that project and adds some additional ease of use with Active > directory. > > That alone is a great start. as for what can be done it really boils > down to what you want i to do. What about exchange do you use? what on > those windows servers do you do what services and functions. knowing > what services you are running will help us advise you on alternatives. > > > On Fri, Jan 29, 2010 at 11:25 AM, wrote: >> I know I am absolutely not interested in muddying the waters by trying >> this with virtualized systems, maybe after I can actually get them to >> work. I posted previously that I have dedicated hardware to use. >> >> You are also describing a combined network and I have already abandoned >> that idea, so putting another windows server together is not going to be >> what I'm looking for. As far as I can tell Linux doesn't have an AD >> equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 >> domain controllers trying to join it. Not going to try that again >> anytime soon >> >> >> Sean Parsons >>> I know that personally if you have just a desktop i would start with 3 >>> virtual machines. >>> >>> AD server (windows) Linux server for new AD and then A client workstation >>> >>> Virtualbox comes to mind as a nice portable interface for this. and it >>> is cross platform. >>> >>> issue with that is you will need about 4gb of ram to function on this >>> or there about. >>> >>> On Fri, Jan 29, 2010 at 9:58 AM, wrote: Ok, How would I build this sandbox as a list discussion? Sean Parsons > I personally agree that this would be great on list discussion. > > even if it is using Linux to support a MS platform, it still would be > educational for me at least. > > On Fri, Jan 29, 2010 at 8:16 AM, wrote: >> Craig, >> >>> >>> Wouldn't it be more useful and instructive to keep your questions on >>> list? You would benefit from a greater availability of opinions too. >>> >>> Also, it seems a bit unfair to want private advising and deprive the >>> list of the knowledge that is gathered by solving problems which I >>> would >>> gather would be rather typical for many offices/businesses. >>> >>> There is no need to make changes to an AD environment to add Linux >>> servers and/or workstations. >>> >>> Craig >>> >>> >>> >>> -- >>> This message has been scanned for viruses and >>> dangerous content by MailScanner, and is >>> believed to be clean. >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> >>> >>> -- >>> A mouse trap, placed on top of your alarm clock, will prevent you from >>> rolling over and going back to sleep after you hit the snooze button. >>> >>> Stephen >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > > -- > A mouse trap, placed on top o
Re: Looking for a mentor/adviser
On Fri, Jan 29, 2010 at 12:55 PM, Stephen wrote: > i finally found it in some mail archives... > > http://www.freeipa.org/page/Main_Page > > On Fri, Jan 29, 2010 at 12:52 PM, Stephen wrote: >> Actually there is this project: >> >> http://directory.fedoraproject.org/ >> http://directory.fedoraproject.org/wiki/Howto:WindowsSync >> http://directory.fedoraproject.org/wiki/Download >> >> There is a spin off that i cant remember the name of, but it combined >> with that project and adds some additional ease of use with Active >> directory. >> >> That alone is a great start. as for what can be done it really boils >> down to what you want i to do. What about exchange do you use? what on >> those windows servers do you do what services and functions. knowing >> what services you are running will help us advise you on alternatives. >> >> >> On Fri, Jan 29, 2010 at 11:25 AM, wrote: >>> I know I am absolutely not interested in muddying the waters by trying >>> this with virtualized systems, maybe after I can actually get them to >>> work. I posted previously that I have dedicated hardware to use. >>> >>> You are also describing a combined network and I have already abandoned >>> that idea, so putting another windows server together is not going to be >>> what I'm looking for. As far as I can tell Linux doesn't have an AD >>> equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 >>> domain controllers trying to join it. Not going to try that again >>> anytime soon >>> >>> >>> Sean Parsons I know that personally if you have just a desktop i would start with 3 virtual machines. AD server (windows) Linux server for new AD and then A client workstation Virtualbox comes to mind as a nice portable interface for this. and it is cross platform. issue with that is you will need about 4gb of ram to function on this or there about. On Fri, Jan 29, 2010 at 9:58 AM, wrote: > Ok, How would I build this sandbox as a list discussion? > > Sean Parsons > >> I personally agree that this would be great on list discussion. >> >> even if it is using Linux to support a MS platform, it still would be >> educational for me at least. >> >> On Fri, Jan 29, 2010 at 8:16 AM, wrote: >>> Craig, >>> Wouldn't it be more useful and instructive to keep your questions on list? You would benefit from a greater availability of opinions too. Also, it seems a bit unfair to want private advising and deprive the list of the knowledge that is gathered by solving problems which I would gather would be rather typical for many offices/businesses. There is no need to make changes to an AD environment to add Linux servers and/or workstations. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.a
Re: Looking for a mentor/adviser
Some might disagree with me here, but I don't think there is a really good linux/UNIX alternative for SBS (mainly AD and Exchange), I've used samba + openldap for domain controllers for several clients and it does a great job for central authentication / file shares and permissions, but not having really group policy management can be a major issue, and I've tried a few exchange alternatives, my favorites have been Insight from a company called Bynari, and Scalix both have good outlook plugins, which is a huge deal for some users, and I've heard good things about Zimbra if your not interested in using outlook, but both these can cost $ and maintain seperate accounts from the AD or openldap user database. If you're looking for some tips or help setting something like I described up and can live with their limitations I'd be happy to tell you more and share some config files. On 01/29/10 11:25, s...@theparsonsfamily.com wrote: > I know I am absolutely not interested in muddying the waters by trying > this with virtualized systems, maybe after I can actually get them to > work. I posted previously that I have dedicated hardware to use. > > You are also describing a combined network and I have already abandoned > that idea, so putting another windows server together is not going to be > what I'm looking for. As far as I can tell Linux doesn't have an AD > equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 > domain controllers trying to join it. Not going to try that again > anytime soon > > > Sean Parsons > >> I know that personally if you have just a desktop i would start with 3 >> virtual machines. >> >> AD server (windows) Linux server for new AD and then A client workstation >> >> Virtualbox comes to mind as a nice portable interface for this. and it >> is cross platform. >> >> issue with that is you will need about 4gb of ram to function on this >> or there about. >> >> On Fri, Jan 29, 2010 at 9:58 AM, wrote: >> >>> Ok, How would I build this sandbox as a list discussion? >>> >>> Sean Parsons >>> >>> I personally agree that this would be great on list discussion. even if it is using Linux to support a MS platform, it still would be educational for me at least. On Fri, Jan 29, 2010 at 8:16 AM, wrote: > Craig, > > >> >> Wouldn't it be more useful and instructive to keep your questions on >> list? You would benefit from a greater availability of opinions too. >> >> Also, it seems a bit unfair to want private advising and deprive the >> list of the knowledge that is gathered by solving problems which I >> would >> gather would be rather typical for many offices/businesses. >> >> There is no need to make changes to an AD environment to add Linux >> servers and/or workstations. >> >> Craig >> >> >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> --- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >>> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your m
RE: Looking for a mentor/adviser
Matt, I haven't selected a distribution, I tried Ubuntu and Debian, and didn't have a lot of success. My original post was simply to get someone willing to mentor me to help me build as much equivalency as possible so I can see if it can be done. How we were going to do this was yet to be determined. I will insist that "IF" I determine it is feasible that support contracts will be investigated for at least the short term. Sean Parsons -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Matt Iavarone Sent: Friday, January 29, 2010 2:13 PM To: Main PLUG discussion list Subject: Re: Looking for a mentor/adviser On Fri, Jan 29, 2010 at 12:55 PM, Stephen wrote: > i finally found it in some mail archives... > > http://www.freeipa.org/page/Main_Page > > On Fri, Jan 29, 2010 at 12:52 PM, Stephen wrote: >> Actually there is this project: >> >> http://directory.fedoraproject.org/ >> http://directory.fedoraproject.org/wiki/Howto:WindowsSync >> http://directory.fedoraproject.org/wiki/Download >> >> There is a spin off that i cant remember the name of, but it combined >> with that project and adds some additional ease of use with Active >> directory. >> >> That alone is a great start. as for what can be done it really boils >> down to what you want i to do. What about exchange do you use? what on >> those windows servers do you do what services and functions. knowing >> what services you are running will help us advise you on alternatives. >> >> >> On Fri, Jan 29, 2010 at 11:25 AM, wrote: >>> I know I am absolutely not interested in muddying the waters by trying >>> this with virtualized systems, maybe after I can actually get them to >>> work. I posted previously that I have dedicated hardware to use. >>> >>> You are also describing a combined network and I have already abandoned >>> that idea, so putting another windows server together is not going to be >>> what I'm looking for. As far as I can tell Linux doesn't have an AD >>> equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 >>> domain controllers trying to join it. Not going to try that again >>> anytime soon >>> >>> >>> Sean Parsons >>>> I know that personally if you have just a desktop i would start with 3 >>>> virtual machines. >>>> >>>> AD server (windows) Linux server for new AD and then A client workstation >>>> >>>> Virtualbox comes to mind as a nice portable interface for this. and it >>>> is cross platform. >>>> >>>> issue with that is you will need about 4gb of ram to function on this >>>> or there about. >>>> >>>> On Fri, Jan 29, 2010 at 9:58 AM, wrote: >>>>> Ok, How would I build this sandbox as a list discussion? >>>>> >>>>> Sean Parsons >>>>> >>>>>> I personally agree that this would be great on list discussion. >>>>>> >>>>>> even if it is using Linux to support a MS platform, it still would be >>>>>> educational for me at least. >>>>>> >>>>>> On Fri, Jan 29, 2010 at 8:16 AM, wrote: >>>>>>> Craig, >>>>>>> >>>>>>>> >>>>>>>> Wouldn't it be more useful and instructive to keep your questions on >>>>>>>> list? You would benefit from a greater availability of opinions too. >>>>>>>> >>>>>>>> Also, it seems a bit unfair to want private advising and deprive the >>>>>>>> list of the knowledge that is gathered by solving problems which I >>>>>>>> would >>>>>>>> gather would be rather typical for many offices/businesses. >>>>>>>> >>>>>>>> There is no need to make changes to an AD environment to add Linux >>>>>>>> servers and/or workstations. >>>>>>>> >>>>>>>> Craig >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> This message has been scanned for viruses and >>>>>>>> dangerous content by MailScanner, and is >>>>>>>> believed to be clean. >>>>>>>> >>>>>>&
Re: Looking for a mentor/adviser
Hi Sean, I would call this Mentor/Advisor a "tutor" or "systems administrator". What is the pay? Generally, Linux noobs, until they learn the whole concept of open source, open minds, where they don't pay another for knowledge, since it's all freely available, just share it, on boards like this one, will ask for someone to come along and think for them. You will find that building your own systems, playing with virtual systems, building your own OpenExchange, Samba, VirtualBox to cross platform integrate with Linux and Windoze is GREAT FUN, and very easy, once you learn to read and follow the directions? Seriously you might find someone willing to do this should you barter goods or services, but that would be more of an on-topic post for craigslist.org in the Gig or barter sections? You might come to the InstallFest and hang around listening to people like Craig, and Ryan Rix, any of which will answer your questions happily? Welcome to the FOSS world, hold onto your hat, this is a fast furious and fantasticly fun ride! On Fri, Jan 29, 2010 at 4:16 PM, Sean Parsons wrote: > Matt, > I haven't selected a distribution, I tried Ubuntu and Debian, and > didn't have a lot of success. My original post was simply to get someone > willing to mentor me to help me build as much equivalency as possible so I > can see if it can be done. How we were going to do this was yet to be > determined. > > I will insist that "IF" I determine it is feasible that support > contracts will be investigated for at least the short term. > > > Sean Parsons > > -Original Message- > From: plug-discuss-boun...@lists.plug.phoenix.az.us > [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Matt > Iavarone > Sent: Friday, January 29, 2010 2:13 PM > To: Main PLUG discussion list > Subject: Re: Looking for a mentor/adviser > > On Fri, Jan 29, 2010 at 12:55 PM, Stephen wrote: >> i finally found it in some mail archives... >> >> http://www.freeipa.org/page/Main_Page >> >> On Fri, Jan 29, 2010 at 12:52 PM, Stephen wrote: >>> Actually there is this project: >>> >>> http://directory.fedoraproject.org/ >>> http://directory.fedoraproject.org/wiki/Howto:WindowsSync >>> http://directory.fedoraproject.org/wiki/Download >>> >>> There is a spin off that i cant remember the name of, but it combined >>> with that project and adds some additional ease of use with Active >>> directory. >>> >>> That alone is a great start. as for what can be done it really boils >>> down to what you want i to do. What about exchange do you use? what on >>> those windows servers do you do what services and functions. knowing >>> what services you are running will help us advise you on alternatives. >>> >>> >>> On Fri, Jan 29, 2010 at 11:25 AM, wrote: >>>> I know I am absolutely not interested in muddying the waters by trying >>>> this with virtualized systems, maybe after I can actually get them to >>>> work. I posted previously that I have dedicated hardware to use. >>>> >>>> You are also describing a combined network and I have already abandoned >>>> that idea, so putting another windows server together is not going to be >>>> what I'm looking for. As far as I can tell Linux doesn't have an AD >>>> equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 >>>> domain controllers trying to join it. Not going to try that again >>>> anytime soon >>>> >>>> >>>> Sean Parsons >>>>> I know that personally if you have just a desktop i would start with 3 >>>>> virtual machines. >>>>> >>>>> AD server (windows) Linux server for new AD and then A client > workstation >>>>> >>>>> Virtualbox comes to mind as a nice portable interface for this. and it >>>>> is cross platform. >>>>> >>>>> issue with that is you will need about 4gb of ram to function on this >>>>> or there about. >>>>> >>>>> On Fri, Jan 29, 2010 at 9:58 AM, wrote: >>>>>> Ok, How would I build this sandbox as a list discussion? >>>>>> >>>>>> Sean Parsons >>>>>> >>>>>>> I personally agree that this would be great on list discussion. >>>>>>> >>>>>>> even if it is using Linux to support a MS platform, it still would be >>>>>>> educational for me at least
Re: Looking for a mentor/adviser
Craig, It has never been my intention to deprive anyone of anything, but this forum is not appropriate for a project like this as I can't seem to build the network on my own, as my failed attempts have shown. Your comment about AD is what I thought and have been proven wrong numerous times with catastrophic results. Samba in it's current configuration doesn't work with Kerberos and LDAP except for NT4 and I'm running Server 2003, so it broke the Domain Controllers when Linux attempted to join the domain. I have been through the Samba forums and documentation and it's not as simple as it is made to look in an existing network. My request is for someone willing to work with me on a project to build an equivalent Linux network to the one I currently manage and at the same time help me to get past the learning hurdles I haven't been able to jump. If you want to participate, that's fine, but I need to meet my current goal in a reasonable time/budget and after that I have no problem with people using this "sandbox" for other reasonable goals. If I can successfully reach my goal then I will attempt to re-create for my production environment, later. I'd welcome anyone's assistance. Sean parsons > > Wouldn't it be more useful and instructive to keep your questions on > list? You would benefit from a greater availability of opinions too. > > Also, it seems a bit unfair to want private advising and deprive the > list of the knowledge that is gathered by solving problems which I would > gather would be rather typical for many offices/businesses. > > There is no need to make changes to an AD environment to add Linux > servers and/or workstations. > > Craig > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Smeserver and Zimbra are pretty good. If you're just talking network drives/etc then Webmin takes most of the hassle out of setting up samba. Smeserver doesn't have calendaring/etc but Zimbra does. On Fri, Jan 29, 2010 at 1:55 PM, Paul Mooring wrote: > Some might disagree with me here, but I don't think there is a really > good linux/UNIX alternative for SBS (mainly AD and Exchange), I've used > samba + openldap for domain controllers for several clients and it does > a great job for central authentication / file shares and permissions, > but not having really group policy management can be a major issue, and > I've tried a few exchange alternatives, my favorites have been Insight > from a company called Bynari, and Scalix both have good outlook plugins, > which is a huge deal for some users, and I've heard good things about > Zimbra if your not interested in using outlook, but both these can cost > $ and maintain seperate accounts from the AD or openldap user database. > > If you're looking for some tips or help setting something like I > described up and can live with their limitations I'd be happy to tell > you more and share some config files. > > On 01/29/10 11:25, s...@theparsonsfamily.com wrote: > > I know I am absolutely not interested in muddying the waters by trying > > this with virtualized systems, maybe after I can actually get them to > > work. I posted previously that I have dedicated hardware to use. > > > > You are also describing a combined network and I have already abandoned > > that idea, so putting another windows server together is not going to be > > what I'm looking for. As far as I can tell Linux doesn't have an AD > > equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 > > domain controllers trying to join it. Not going to try that again > > anytime soon > > > > > > Sean Parsons > > > >> I know that personally if you have just a desktop i would start with 3 > >> virtual machines. > >> > >> AD server (windows) Linux server for new AD and then A client > workstation > >> > >> Virtualbox comes to mind as a nice portable interface for this. and it > >> is cross platform. > >> > >> issue with that is you will need about 4gb of ram to function on this > >> or there about. > >> > >> On Fri, Jan 29, 2010 at 9:58 AM, wrote: > >> > >>> Ok, How would I build this sandbox as a list discussion? > >>> > >>> Sean Parsons > >>> > >>> > I personally agree that this would be great on list discussion. > > even if it is using Linux to support a MS platform, it still would be > educational for me at least. > > On Fri, Jan 29, 2010 at 8:16 AM, wrote: > > > Craig, > > > > > >> > >> Wouldn't it be more useful and instructive to keep your questions on > >> list? You would benefit from a greater availability of opinions too. > >> > >> Also, it seems a bit unfair to want private advising and deprive the > >> list of the knowledge that is gathered by solving problems which I > >> would > >> gather would be rather typical for many offices/businesses. > >> > >> There is no need to make changes to an AD environment to add Linux > >> servers and/or workstations. > >> > >> Craig > >> > >> > >> > >> -- > >> This message has been scanned for viruses and > >> dangerous content by MailScanner, and is > >> believed to be clean. > >> > >> --- > >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > >> To subscribe, unsubscribe, or to change your mail settings: > >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > >> > > --- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > >>> --- > >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > >>> To subscribe, unsubscribe, or to change your mail settings: > >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > >>> > >>> > >> > >> > >> -- > >> A mouse trap, placed on top of your alarm clock, will prevent you from > >> rolling over and going back to sleep after you hit the snooze button. > >> > >> Stephen > >> ---
Re: Looking for a mentor/adviser
Well using freeIPA and Fedora directory server both point to using Fedora as your base. For file services i suggest using openfiler. very robust file server and very flexible. and i am leaning more towards CentOS for server installs and ubuntu for Desktops/Laptops right now. but this can change over time... i am still fond of Gentoo but until i have a dedicated 2nd machine for my linux experimentation ill keep my dual boot with Ubuntu. On Fri, Jan 29, 2010 at 4:16 PM, Sean Parsons wrote: > Matt, > I haven't selected a distribution, I tried Ubuntu and Debian, and > didn't have a lot of success. My original post was simply to get someone > willing to mentor me to help me build as much equivalency as possible so I > can see if it can be done. How we were going to do this was yet to be > determined. > > I will insist that "IF" I determine it is feasible that support > contracts will be investigated for at least the short term. > > > Sean Parsons > > -Original Message- > From: plug-discuss-boun...@lists.plug.phoenix.az.us > [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Matt > Iavarone > Sent: Friday, January 29, 2010 2:13 PM > To: Main PLUG discussion list > Subject: Re: Looking for a mentor/adviser > > On Fri, Jan 29, 2010 at 12:55 PM, Stephen wrote: >> i finally found it in some mail archives... >> >> http://www.freeipa.org/page/Main_Page >> >> On Fri, Jan 29, 2010 at 12:52 PM, Stephen wrote: >>> Actually there is this project: >>> >>> http://directory.fedoraproject.org/ >>> http://directory.fedoraproject.org/wiki/Howto:WindowsSync >>> http://directory.fedoraproject.org/wiki/Download >>> >>> There is a spin off that i cant remember the name of, but it combined >>> with that project and adds some additional ease of use with Active >>> directory. >>> >>> That alone is a great start. as for what can be done it really boils >>> down to what you want i to do. What about exchange do you use? what on >>> those windows servers do you do what services and functions. knowing >>> what services you are running will help us advise you on alternatives. >>> >>> >>> On Fri, Jan 29, 2010 at 11:25 AM, wrote: >>>> I know I am absolutely not interested in muddying the waters by trying >>>> this with virtualized systems, maybe after I can actually get them to >>>> work. I posted previously that I have dedicated hardware to use. >>>> >>>> You are also describing a combined network and I have already abandoned >>>> that idea, so putting another windows server together is not going to be >>>> what I'm looking for. As far as I can tell Linux doesn't have an AD >>>> equivalent except Samba 4 which isn't out yet Samba 3.x destroyed 2 >>>> domain controllers trying to join it. Not going to try that again >>>> anytime soon >>>> >>>> >>>> Sean Parsons >>>>> I know that personally if you have just a desktop i would start with 3 >>>>> virtual machines. >>>>> >>>>> AD server (windows) Linux server for new AD and then A client > workstation >>>>> >>>>> Virtualbox comes to mind as a nice portable interface for this. and it >>>>> is cross platform. >>>>> >>>>> issue with that is you will need about 4gb of ram to function on this >>>>> or there about. >>>>> >>>>> On Fri, Jan 29, 2010 at 9:58 AM, wrote: >>>>>> Ok, How would I build this sandbox as a list discussion? >>>>>> >>>>>> Sean Parsons >>>>>> >>>>>>> I personally agree that this would be great on list discussion. >>>>>>> >>>>>>> even if it is using Linux to support a MS platform, it still would be >>>>>>> educational for me at least. >>>>>>> >>>>>>> On Fri, Jan 29, 2010 at 8:16 AM, wrote: >>>>>>>> Craig, >>>>>>>> >>>>>>>>> >>>>>>>>> Wouldn't it be more useful and instructive to keep your questions > on >>>>>>>>> list? You would benefit from a greater availability of opinions > too. >>>>>>>>> >>>>>>>>> Also, it seems a bit unfair to want private advising and deprive > the >>>>>>>>
Re: Looking for a mentor/adviser
I don't mind working with you on this. however my current job has me very busy (fun but crazy right now) and the reason i suggest a Virtual host of some sort is you can make a private network and save a copy of it and break it as many times as you need to get it right. and later on it works very well for new servers to share hardware AND for backup/restore but thats a whole separate but interesting conversation. On Fri, Jan 29, 2010 at 8:31 AM, wrote: > Craig, > It has never been my intention to deprive anyone of anything, but this > forum is not appropriate for a project like this as I can't seem to build > the network on my own, as my failed attempts have shown. > > Your comment about AD is what I thought and have been proven wrong > numerous times with catastrophic results. Samba in it's current > configuration doesn't work with Kerberos and LDAP except for NT4 and I'm > running Server 2003, so it broke the Domain Controllers when Linux > attempted to join the domain. I have been through the Samba forums and > documentation and it's not as simple as it is made to look in an existing > network. > > My request is for someone willing to work with me on a project to build an > equivalent Linux network to the one I currently manage and at the same > time help me to get past the learning hurdles I haven't been able to jump. > > If you want to participate, that's fine, but I need to meet my current > goal in a reasonable time/budget and after that I have no problem with > people using this "sandbox" for other reasonable goals. If I can > successfully reach my goal then I will attempt to re-create for my > production environment, later. > > I'd welcome anyone's assistance. > > Sean parsons >> >> Wouldn't it be more useful and instructive to keep your questions on >> list? You would benefit from a greater availability of opinions too. >> >> Also, it seems a bit unfair to want private advising and deprive the >> list of the knowledge that is gathered by solving problems which I would >> gather would be rather typical for many offices/businesses. >> >> There is no need to make changes to an AD environment to add Linux >> servers and/or workstations. >> >> Craig >> >> >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
All, I am only new to Linux, been working on computers for longer than I want to admit. But there is as much bad info/advice about Linux out there as good and it's not easy to figure that out when your new. How tos don't always fit the situation and there isn't a lot of helpful direction after that. I can get opinions about which app is best or what distro I should be using, which isn't my problem. I could care less at this point what I use... I just want it to work. Once I figure out what's even possible I can decide to try variations. I don't want to move to Windows Server 2008 and Windows 7 if I can help it. I had set myself a goal to see if I could eliminate/minimize my dependency on Microsoft products, and learn/use Linux in 12 months, I'm 7 months into my timeframe and I haven't gotten much to actually work. I have attended several gatherings and I've spoken to several people. I've frequented the IRC channel and other forums looking for advice and perhaps some guidance. I have tried to implement various small scale projects to test functionality and to build up my experience. My attempts to do this on my own have failed. People I've spoken to say; oh, you'll figure it out So far numerous books and multiple attempts have shown that I haven't just figured it out. I can make Windows Server do just about anything, but I'm not getting some critical part of Linux toward making it work for me. Hence my post. I didn't ask someone to build a production environment for me or to provide step by step training. I asked if someone was willing to offer me help while I worked on this project, somebody who would talk through my plan and point me in the right direction, and maybe someone who could help me through some of the rough spots. Hopefully along the way I'd learn some as well. If all this is too much to ask without having to compensate people or hire them as consultants, then I guess I misunderstood what this user group was all about. I intend to do the work, I even agreed to share the experience with anyone else who wanted to work toward my goal. I didn't think I was being selfish and expecting someone to do it for me. I was only asking if someone was willing to offer me advice in a more one-on-one environment. My apologies for causing such a disruption. Sean Parsons -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Lisa Kachold Sent: Friday, January 29, 2010 4:38 PM To: Main PLUG discussion list Subject: Re: Looking for a mentor/adviser Hi Sean, I would call this Mentor/Advisor a "tutor" or "systems administrator". What is the pay? Generally, Linux noobs, until they learn the whole concept of open source, open minds, where they don't pay another for knowledge, since it's all freely available, just share it, on boards like this one, will ask for someone to come along and think for them. You will find that building your own systems, playing with virtual systems, building your own OpenExchange, Samba, VirtualBox to cross platform integrate with Linux and Windoze is GREAT FUN, and very easy, once you learn to read and follow the directions? Seriously you might find someone willing to do this should you barter goods or services, but that would be more of an on-topic post for craigslist.org in the Gig or barter sections? You might come to the InstallFest and hang around listening to people like Craig, and Ryan Rix, any of which will answer your questions happily? Welcome to the FOSS world, hold onto your hat, this is a fast furious and fantasticly fun ride! On Fri, Jan 29, 2010 at 4:16 PM, Sean Parsons wrote: > Matt, >I haven't selected a distribution, I tried Ubuntu and Debian, and > didn't have a lot of success. My original post was simply to get someone > willing to mentor me to help me build as much equivalency as possible so I > can see if it can be done. How we were going to do this was yet to be > determined. > >I will insist that "IF" I determine it is feasible that support > contracts will be investigated for at least the short term. > > > Sean Parsons > > -Original Message- > From: plug-discuss-boun...@lists.plug.phoenix.az.us > [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Matt > Iavarone > Sent: Friday, January 29, 2010 2:13 PM > To: Main PLUG discussion list > Subject: Re: Looking for a mentor/adviser > > On Fri, Jan 29, 2010 at 12:55 PM, Stephen wrote: >> i finally found it in some mail archives... >> >> http://www.freeipa.org/page/Main_Page >> >> On Fri, Jan 29, 2010 at 12:52 PM, Stephen wrote: >>> Actually there is t
Re: Looking for a mentor/adviser
This is far from a disruption. I am learning a few things myself as I would like to be able to offer much the same thing by replacing some very expensive software with alternative software. for a number of reasons. may voice on this list by many others. Dogmatic adherance to something you know stifles learning and flexibility. so far the only platform i have grown to dislike in a business setting is Mac/OSX On Fri, Jan 29, 2010 at 6:18 PM, Sean Parsons wrote: > All, > I am only new to Linux, been working on computers for longer than I > want to admit. But there is as much bad info/advice about Linux out there as > good and it's not easy to figure that out when your new. How tos don't always > fit the situation and there isn't a lot of helpful direction after that. I > can get opinions about which app is best or what distro I should be using, > which isn't my problem. I could care less at this point what I use... I just > want it to work. Once I figure out what's even possible I can decide to try > variations. I don't want to move to Windows Server 2008 and Windows 7 if I > can help it. > > I had set myself a goal to see if I could eliminate/minimize my > dependency on Microsoft products, and learn/use Linux in 12 months, I'm 7 > months into my timeframe and I haven't gotten much to actually work. I have > attended several gatherings and I've spoken to several people. I've > frequented the IRC channel and other forums looking for advice and perhaps > some guidance. I have tried to implement various small scale projects to test > functionality and to build up my experience. My attempts to do this on my > own have failed. People I've spoken to say; oh, you'll figure it out So > far numerous books and multiple attempts have shown that I haven't just > figured it out. I can make Windows Server do just about anything, but I'm not > getting some critical part of Linux toward making it work for me. Hence my > post. > > I didn't ask someone to build a production environment for me or to > provide step by step training. I asked if someone was willing to offer me > help while I worked on this project, somebody who would talk through my plan > and point me in the right direction, and maybe someone who could help me > through some of the rough spots. Hopefully along the way I'd learn some as > well. > > If all this is too much to ask without having to compensate people or > hire them as consultants, then I guess I misunderstood what this user group > was all about. I intend to do the work, I even agreed to share the experience > with anyone else who wanted to work toward my goal. I didn't think I was > being selfish and expecting someone to do it for me. > > I was only asking if someone was willing to offer me advice in a more > one-on-one environment. > > My apologies for causing such a disruption. > > > Sean Parsons > > > -Original Message- > From: plug-discuss-boun...@lists.plug.phoenix.az.us > [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Lisa > Kachold > Sent: Friday, January 29, 2010 4:38 PM > To: Main PLUG discussion list > Subject: Re: Looking for a mentor/adviser > > Hi Sean, > > I would call this Mentor/Advisor a "tutor" or "systems administrator". > > What is the pay? > > Generally, Linux noobs, until they learn the whole concept of open > source, open minds, where they don't pay another for knowledge, since > it's all freely available, just share it, on boards like this one, > will ask for someone to come along and think for them. > > You will find that building your own systems, playing with virtual > systems, building your own OpenExchange, Samba, VirtualBox to cross > platform integrate with Linux and Windoze is GREAT FUN, and very easy, > once you learn to read and follow the directions? > > Seriously you might find someone willing to do this should you barter > goods or services, but that would be more of an on-topic post for > craigslist.org in the Gig or barter sections? > > You might come to the InstallFest and hang around listening to people > like Craig, and Ryan Rix, any of which will answer your questions > happily? > > Welcome to the FOSS world, hold onto your hat, this is a fast furious > and fantasticly fun ride! > > On Fri, Jan 29, 2010 at 4:16 PM, Sean Parsons > wrote: >> Matt, >> I haven't selected a distribution, I tried Ubuntu and Debian, and >> didn't have a lot of success. My original post was simply to get someone >> willing to mentor me to help me build as mu
Re: Looking for a mentor/adviser
On Fri, Jan 29, 2010 at 6:18 PM, Sean Parsons wrote: > All, > I am only new to Linux, been working on computers for longer than I > want to admit. But there is as much bad info/advice about Linux out there as > good and it's not easy to figure that out when your new. How tos don't always > fit the situation and there isn't a lot of helpful direction after that. I > can get opinions about which app is best or what distro I should be using, > which isn't my problem. I could care less at this point what I use... I just > want it to work. Once I figure out what's even possible I can decide to try > variations. I don't want to move to Windows Server 2008 and Windows 7 if I > can help it. > > I had set myself a goal to see if I could eliminate/minimize my > dependency on Microsoft products, and learn/use Linux in 12 months, I'm 7 > months into my timeframe and I haven't gotten much to actually work. I have > attended several gatherings and I've spoken to several people. I've > frequented the IRC channel and other forums looking for advice and perhaps > some guidance. I have tried to implement various small scale projects to test > functionality and to build up my experience. My attempts to do this on my > own have failed. People I've spoken to say; oh, you'll figure it out So > far numerous books and multiple attempts have shown that I haven't just > figured it out. I can make Windows Server do just about anything, but I'm not > getting some critical part of Linux toward making it work for me. Hence my > post. > > I didn't ask someone to build a production environment for me or to > provide step by step training. I asked if someone was willing to offer me > help while I worked on this project, somebody who would talk through my plan > and point me in the right direction, and maybe someone who could help me > through some of the rough spots. Hopefully along the way I'd learn some as > well. > > If all this is too much to ask without having to compensate people or > hire them as consultants, then I guess I misunderstood what this user group > was all about. I intend to do the work, I even agreed to share the experience > with anyone else who wanted to work toward my goal. I didn't think I was > being selfish and expecting someone to do it for me. > > I was only asking if someone was willing to offer me advice in a more > one-on-one environment. > > My apologies for causing such a disruption. > > > Sean Parsons > > > -Original Message- > From: plug-discuss-boun...@lists.plug.phoenix.az.us > [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Lisa > Kachold > Sent: Friday, January 29, 2010 4:38 PM > To: Main PLUG discussion list > Subject: Re: Looking for a mentor/adviser > > Hi Sean, > > I would call this Mentor/Advisor a "tutor" or "systems administrator". > > What is the pay? > > Generally, Linux noobs, until they learn the whole concept of open > source, open minds, where they don't pay another for knowledge, since > it's all freely available, just share it, on boards like this one, > will ask for someone to come along and think for them. > > You will find that building your own systems, playing with virtual > systems, building your own OpenExchange, Samba, VirtualBox to cross > platform integrate with Linux and Windoze is GREAT FUN, and very easy, > once you learn to read and follow the directions? > > Seriously you might find someone willing to do this should you barter > goods or services, but that would be more of an on-topic post for > craigslist.org in the Gig or barter sections? > > You might come to the InstallFest and hang around listening to people > like Craig, and Ryan Rix, any of which will answer your questions > happily? > > Welcome to the FOSS world, hold onto your hat, this is a fast furious > and fantasticly fun ride! > > On Fri, Jan 29, 2010 at 4:16 PM, Sean Parsons > wrote: >> Matt, >> I haven't selected a distribution, I tried Ubuntu and Debian, and >> didn't have a lot of success. My original post was simply to get someone >> willing to mentor me to help me build as much equivalency as possible so I >> can see if it can be done. How we were going to do this was yet to be >> determined. >> >> I will insist that "IF" I determine it is feasible that support >> contracts will be investigated for at least the short term. >> >> >> Sean Parsons >> >> -Original Message- >> From: plug-discuss-boun...@lists.p
Re: Looking for a mentor/adviser
On Fri, 2010-01-29 at 09:31 -0600, s...@theparsonsfamily.com wrote: > Craig, > It has never been my intention to deprive anyone of anything, but this > forum is not appropriate for a project like this as I can't seem to build > the network on my own, as my failed attempts have shown. > > Your comment about AD is what I thought and have been proven wrong > numerous times with catastrophic results. Samba in it's current > configuration doesn't work with Kerberos and LDAP except for NT4 and I'm > running Server 2003, so it broke the Domain Controllers when Linux > attempted to join the domain. I have been through the Samba forums and > documentation and it's not as simple as it is made to look in an existing > network. I will only address one aspect of this... joining a Linux system to AD. It is done day in and day out by large and small corporations everywhere and can not and does not 'break' domain controllers simply by joining an AD domain/forest. The process of joining a Linux system to AD is essentially the same as joining a Windows system to AD and if it broke, the AD was already broken and you just realized the evidence of the breakage. The process of joining a Linux system to AD involves 2 steps... getting a kerberos ticket (validation) and then joining. It's benign in concept and operation. I didn't say that it was entirely simple but it's not overly complicated either. Craig PS - I am a samba team member -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Fri, 2010-01-29 at 12:14 -0600, s...@theparsonsfamily.com wrote: > Well, I am trying to build as close an equivalent to my existing all > Microsoft network as possible using Linux based solutions in order to > determine if I can migrate away from Microsoft. At the same time attempt > to learn more about Linux. I am using Small Business Server 2003 Standard > and 3 Server 2003 machines to host my corporate network, I have about 30 > workstations and these assets are distributed across to offices in > Albuquerque and Phoenix. We use Exchange for mail, I have 3 domain > controllers for AD. We use office 2007 for typical files and I use > networked printers. I am not using much from SQL except for sharepoint but > there are other options for that. > > As far as giving you specifics, how do you define an unknown? I can't > explain what Linux can do vs Windows, as it's not apples-apples and > oranges-oranges. Listing everything out and trying to keep things focused > in a forum like this is going to be a monumental effort on top of the > actual project. I can't debate 4 different opinions about which mail > transport agent/client is best, I'm more interested in choosing one and > trying to see if I can make it work, at this point. > > That is why I set out to build a sandbox with the aide of someone with > more experience than I, to attempt to build as much equivalent > functionality as possible to see where it gets me/us. I have no plan to > use it in a production environment and if I decide to actually convert, I > would plan a project for that separately, with more specifics, and > hopefully my experience will have improved as well. > > I have unsuccessfully attempted to reproduce various pieces (Samba, Cups, > DNS, etc) and join them to the existing domain and had 0% success in > making it work with my existing network. So keeping them separate is my > only option at this point. > > I have allocated four machines for use and a portion of my network, I can > even allocate static IPs. I have planned for 2 servers and 1-2 workstation > machines, I can bring them to installfest, but I'd need a lot of support > equipment to hook them up into something usable. > > I still have concerns about this forum as I am new and getting 20 > different conflicting suggestions will not be a constructive learning > environment, not to mention monopolizing this forum. If someone volunteers to 'mentor' you privately so be it. This list is precisely for the type of thing you are contemplating. I will relate what I typically set up for a client... - CentOS (distribution of choice though I would expect that you could pretty much pull this off with any distribution). - Samba (Windows server / NT type domain controller) - OpenLDAP (authentication & address books though I am contemplating eventually switching to FreeIPA) - Netatalk (Macintosh AFP server) - Postfix (SMTP) - Cyrus-IMAPd (POP3/IMAP server) Most robust server in it's class - Horde (with IMP/Kronolith/Turba/Ingo/Nag/Mnemo/Wicked) Shared e-mail, contacts, calendars, tasks, memos, wiki - MailScanner, SpamAssassin, Clamd (mail / virus scanning) - SQLGrey (greylisting) This gets me close but not all the way to what I can get from SBS. You could probably use Zimbra instead (Zimbra uses Postfix & Cyrus-IMAPd but uses amavisd instead of MailScanner and is a resource pig) Obviously apache/mysql and other necessary services would have to be present. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
After a long battle with technology, Craig White wrote: [snip] > - Netatalk (Macintosh AFP server) Really? That package recently dropped off the Gentoo ebuilds list because there wasn't that much demand for it and it's not really being maintained. There just aren't as many MacOS 9 boxes out there as there used to be, after all. -- Outside of a dog, a book is a man's best friend. Inside of a dog it's too dark to read. My blog: http://crow202.org/wordpress/ Matt G|There is no Darkness in Eternity/But only Light too dim for us to see --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On 1/30/10 10:10 AM, Matt Graham wrote: > After a long battle with technology, Craig White wrote: > [snip] >> - Netatalk (Macintosh AFP server) > > Really? That package recently dropped off the Gentoo ebuilds list because > there wasn't that much demand for it and it's not really being maintained. > There just aren't as many MacOS 9 boxes out there as there used to be, after > all. > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's still the default way to share OS X drives on Linux. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Kurt Granroth wrote: > On 1/30/10 10:10 AM, Matt Graham wrote: >> After a long battle with technology, Craig White wrote: >> [snip] >>> - Netatalk (Macintosh AFP server) >> Really? That package recently dropped off the Gentoo ebuilds list because >> there wasn't that much demand for it and it's not really being maintained. >> There just aren't as many MacOS 9 boxes out there as there used to be, after >> all. >> > > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's still > the default way to share OS X drives on Linux. Funny that would come up. We just configured an ubuntu server with netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ functionality is questionable. -- -Eric 'shubes' --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
Craig, I don't doubt that people do it. I made several honest attempts to research, understand and implement a Samba file server in and existing Small Business Server 2003 network using LDAP and Kerberos. I was not able to make it work, so I changed my plan and I asked if someone was willing to mentor me through another try. Since I didn't need multiple opinions, I just need to discover what I did wrong/what works, I wanted to avoid a large forum, and I'm sorry if that seems to keep upsetting people. Here's What happened: The How tos were really vague for adding Samba to anything but the simplest windows network (NT4), Then most examples assumed I was building a standalone server with the same functionality, not adding one. Based on my research it looked like the process was straight forward and so I built a Ubuntu server (LAMPS) and I set out to join it to my domain. I knew I needed LDAP and Kerberos so I tried to set those up with Webmin, they attempted to alter my existing domain controller and things went horribly wrong. I recovered my DC from backup and tried it a second time using the CLI, but I was not able to find where settings were stored and again, I tried to use the example files from Samba.org as a model, not knowing what is needed or not, may have contributed to a second failure. Again I recovered my Server form backup and changed tactics. I then tried to join a linux workstation to the domain with "like wise" and it worked, sort of. Small Business Server isn't just Windows Server 2003 with a new name. It adds Exchange and SQL has other scripted functionality embedded into AD which is why you have to use it's wizards for everything. After joining I started to have problems as AD was not properly formatted when the workstation was joined. SBS uses the AD tables for more than just domain membership, we have exchange, etc that rely on it. So Yes it probably can be done, but it is not simple, nor is it intuitive, it is specific to the type of environment. My AD environment isn't broken, it required specific settings that couldn't be anticipated from the how to and guides I found on Samba.org. I asked in IRC #Samba, #ubuntu-server, #Ubuntu-us-az, and #plugaz several times for help to understand where I went wrong and nobody answered, or if they did, I was told "Oh that is really tricky and I never did it". Samba's documentation admits issues with non NT4 AD implementation and promises to fix it in V4, but I wanted to talk to someone who had done it and nobody answered. Sean Parsons -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Craig White Sent: Saturday, January 30, 2010 9:27 AM To: Main PLUG discussion list Subject: Re: Looking for a mentor/adviser On Fri, 2010-01-29 at 09:31 -0600, s...@theparsonsfamily.com wrote: > Craig, > It has never been my intention to deprive anyone of anything, but this > forum is not appropriate for a project like this as I can't seem to build > the network on my own, as my failed attempts have shown. > > Your comment about AD is what I thought and have been proven wrong > numerous times with catastrophic results. Samba in it's current > configuration doesn't work with Kerberos and LDAP except for NT4 and I'm > running Server 2003, so it broke the Domain Controllers when Linux > attempted to join the domain. I have been through the Samba forums and > documentation and it's not as simple as it is made to look in an existing > network. I will only address one aspect of this... joining a Linux system to AD. It is done day in and day out by large and small corporations everywhere and can not and does not 'break' domain controllers simply by joining an AD domain/forest. The process of joining a Linux system to AD is essentially the same as joining a Windows system to AD and if it broke, the AD was already broken and you just realized the evidence of the breakage. The process of joining a Linux system to AD involves 2 steps... getting a kerberos ticket (validation) and then joining. It's benign in concept and operation. I didn't say that it was entirely simple but it's not overly complicated either. Craig PS - I am a samba team member -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: > Kurt Granroth wrote: > > On 1/30/10 10:10 AM, Matt Graham wrote: > >> After a long battle with technology, Craig White wrote: > >> [snip] > >>> - Netatalk (Macintosh AFP server) > >> Really? That package recently dropped off the Gentoo ebuilds list because > >> there wasn't that much demand for it and it's not really being maintained. > >> There just aren't as many MacOS 9 boxes out there as there used to be, > >> after > >> all. > >> > > > > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's still > > the default way to share OS X drives on Linux. > > Funny that would come up. We just configured an ubuntu server with > netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ > functionality is questionable. check the dns on the snow leopard system or better yet, connect via IP address instead of DNS resolution. I am seeing some strange behavior from snow leopard. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Craig White wrote: > On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: >> Kurt Granroth wrote: >>> On 1/30/10 10:10 AM, Matt Graham wrote: After a long battle with technology, Craig White wrote: [snip] > - Netatalk (Macintosh AFP server) Really? That package recently dropped off the Gentoo ebuilds list because there wasn't that much demand for it and it's not really being maintained. There just aren't as many MacOS 9 boxes out there as there used to be, after all. >>> Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's still >>> the default way to share OS X drives on Linux. >> Funny that would come up. We just configured an ubuntu server with >> netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ >> functionality is questionable. > > check the dns on the snow leopard system or better yet, connect via IP > address instead of DNS resolution. I am seeing some strange behavior > from snow leopard. > > Craig I wish we could, but I only have a Tiger system to test with. I don't think Don (whose server we worked on) has Snow Leopard yet either, just Leopard. :( I was planning to upgrade the Tiger host to Snow Leopard in the near future. Do you think I should hold off on that? The host is a MacMini. -- -Eric 'shubes' --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
On Sat, 2010-01-30 at 17:49 -0700, Sean Parsons wrote: > Craig, > I don't doubt that people do it. I made several honest attempts to > research, understand and implement a Samba file server in and existing Small > Business Server 2003 network using LDAP and Kerberos. I was not able to make > it work, so I changed my plan and I asked if someone was willing to mentor > me through another try. Since I didn't need multiple opinions, I just need > to discover what I did wrong/what works, I wanted to avoid a large forum, > and I'm sorry if that seems to keep upsetting people. > > Here's What happened: > > The How tos were really vague for adding Samba to anything but the > simplest windows network (NT4), Then most examples assumed I was building a > standalone server with the same functionality, not adding one. Based on my > research it looked like the process was straight forward and so I built a > Ubuntu server (LAMPS) and I set out to join it to my domain. vague? seriously? Samba has the best free documentation of any open source project. The Official Samba HowTo & Samba By Example both are available at www.samba.org (linked on the main page). The HowTo is exhaustive documentation developed over many years and the 'By Example' gives you a complete walk through on many various scenarios of usage. Using any other documentation is just stupid. > > I knew I needed LDAP and Kerberos so I tried to set those up with > Webmin, they attempted to alter my existing domain controller and things > went horribly wrong. I recovered my DC from backup and tried it a second > time using the CLI, but I was not able to find where settings were stored > and again, I tried to use the example files from Samba.org as a model, not > knowing what is needed or not, may have contributed to a second failure. > Again I recovered my Server form backup and changed tactics. you don't need LDAP to join a Linux server to AD. You have bad information. Neither LDAP nor kerberos have any ability to 'alter' an AD controller. Bad information and bad conclusion. > > I then tried to join a linux workstation to the domain with "like > wise" and it worked, sort of. Small Business Server isn't just Windows > Server 2003 with a new name. It adds Exchange and SQL has other scripted > functionality embedded into AD which is why you have to use it's wizards for > everything. After joining I started to have problems as AD was not properly > formatted when the workstation was joined. SBS uses the AD tables for more > than just domain membership, we have exchange, etc that rely on it. So Yes > it probably can be done, but it is not simple, nor is it intuitive, it is > specific to the type of environment. My AD environment isn't broken, it > required specific settings that couldn't be anticipated from the how to and > guides I found on Samba.org. Again - Linux servers and workstations are joined to AD domains all over the world without 'breaking' anything and I am quite aware of what SBS is and Windows networking. > > I asked in IRC #Samba, #ubuntu-server, #Ubuntu-us-az, and #plugaz > several times for help to understand where I went wrong and nobody answered, > or if they did, I was told "Oh that is really tricky and I never did > it". Samba's documentation admits issues with non NT4 AD implementation > and promises to fix it in V4, but I wanted to talk to someone who had done > it and nobody answered. Samba 3.x cannot participate as a domain controller on an AD domain. Documentation is quite clear. But it is relatively simple and benign for it to join an AD domain as a member server/workstation. It works, it's relatively simple and it is not hazardous to an AD domain whatsoever. I think your statement 'Samba's documentation admits issues with non NT4 AD implementation and promises to fix it in V4' is completely flawed. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: > Craig White wrote: > > On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: > >> Kurt Granroth wrote: > >>> On 1/30/10 10:10 AM, Matt Graham wrote: > After a long battle with technology, Craig White wrote: > [snip] > > - Netatalk (Macintosh AFP server) > Really? That package recently dropped off the Gentoo ebuilds list > because > there wasn't that much demand for it and it's not really being > maintained. > There just aren't as many MacOS 9 boxes out there as there used to be, > after > all. > > >>> Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's still > >>> the default way to share OS X drives on Linux. > >> Funny that would come up. We just configured an ubuntu server with > >> netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ > >> functionality is questionable. > > > > check the dns on the snow leopard system or better yet, connect via IP > > address instead of DNS resolution. I am seeing some strange behavior > > from snow leopard. > > > > Craig > > I wish we could, but I only have a Tiger system to test with. I don't > think Don (whose server we worked on) has Snow Leopard yet either, just > Leopard. :( > > I was planning to upgrade the Tiger host to Snow Leopard in the near > future. Do you think I should hold off on that? The host is a MacMini. I have several clients running many Mac's (Leopard) and connecting to Netatalk and using it daily... no problemo Snow Leopard seems to query multiple DNS servers via a round robin style rather than starting with the first in the list which caused me a headache. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
Craig, We obviously don't agree. I followed those examples and they didn't work. They were not easy to follow nor did they make the process easy to understand, perhaps you are using your experience to draw from, which I don't have. You also say I didn't need LDAP or Kerberos, that's pretty arrogant when you didn't know why I selected them in the first place, yes it may be possible to make it work without them, but my decision was to use these components and that's when everything went wrong. You are free to sing the praises of Samba, maybe someday I will to. But for know I know I can't do it from the documentation and I needed help. My statements stand as facts from my experience, and you were not there, nor have you considered my explanation beyond defending your opinion, which is not right or wrong, it's your opinion. I needed LDAP and Kerberos to handle the users and credentials, you may have decided not to integrate user accounts, but for me it was essential and I have no idea how you would do that without LDAP. I use Kerberos for my windows network, so it stands to reason I would use it on this Samba server residing in my network, heck it's even in the manual. I stated in my explanation where it went wrong, deciding that I'm wrong by doing it differently is not the same thing. I have a Linux based firewall that uses LDAP to authenticate users for access, works like a charm, so I've had some experience. My users should not have to re-authenticate every time they access a file, and caching credentials separately means I have to change them every time somebody changes a password, so I think you over simplified the problem. What I did wrong was not knowing what I was doing with Samba and trying to do this on a production network, because I thought I understood what I was doing. [Samba 3.x cannot participate as a domain controller on an AD domain.] [Documentation is quite clear. But it is relatively simple and benign for] [it to join an AD domain as a member server/workstation. It works, it's] [relatively simple and it is not hazardous to an AD domain whatsoever.] Chapter 4 of the Samba documentation states multiple times the need to LDAP to function completely, it does say it can work without - but at a loss of functionality, i.e. Single Sign On (SSO). It also talks about it's ability to work with NT4, but shows some caveats in 200x AD without additional components, and several warnings about potential problems with configuration, So I can point to where my information came from, and why I chose to use the elements. I remember now that the use of Winbind was also part of the process with LDAP so that should also be an element into my failure. Chapter 4 - "Domain Controller Types" and "Preparing for Domain Control" explain that it CAN function as a domain controller, and how. You may want to visit that section, and see where I got my information. I followed the documentation as best I could with the information I had, and it didn't work. If you can make it work differently, bravo! You are a better man than I, but then I already admitted I couldn't do it. [I think your statement 'Samba's documentation admits issues with non NT4] [AD implementation and promises to fix it in V4' is completely flawed.] I request you go to samba.org, click Latest News, and read the entry for December 25, 2009. Covers the added functionality promised in V4, so I believe I accurately paraphrased that article. Chapter 4 speaks volumes about limits and potential issues with implementation and the need for specific planning to minimize or avoid these issues. Sean Parsons -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Craig White Sent: Sunday, January 31, 2010 6:48 PM To: Main PLUG discussion list Subject: RE: Looking for a mentor/adviser On Sat, 2010-01-30 at 17:49 -0700, Sean Parsons wrote: > Craig, > I don't doubt that people do it. I made several honest attempts to > research, understand and implement a Samba file server in and existing Small > Business Server 2003 network using LDAP and Kerberos. I was not able to make > it work, so I changed my plan and I asked if someone was willing to mentor > me through another try. Since I didn't need multiple opinions, I just need > to discover what I did wrong/what works, I wanted to avoid a large forum, > and I'm sorry if that seems to keep upsetting people. > > Here's What happened: > > The How tos were really vague for adding Samba to anything but the > simplest windows network (NT4), Then most examples assumed I was building a > standalone server with the same functionality, not adding one. Based on my > research it looked like the process was straight forward an
RE: Looking for a mentor/adviser
On Sun, 2010-01-31 at 19:49 -0700, Sean Parsons wrote: > Craig, > > We obviously don't agree. I followed those examples and they didn't > work. They were not easy to follow nor did they make the process easy to > understand, perhaps you are using your experience to draw from, which I > don't have. You also say I didn't need LDAP or Kerberos, that's pretty > arrogant when you didn't know why I selected them in the first place, yes it > may be possible to make it work without them, but my decision was to use > these components and that's when everything went wrong. You are free to sing > the praises of Samba, maybe someday I will to. But for know I know I can't > do it from the documentation and I needed help. My statements stand as facts > from my experience, and you were not there, nor have you considered my > explanation beyond defending your opinion, which is not right or wrong, it's > your opinion. You have a serious language comprehension problem. I clearly said you didn't need LDAP to join Samba systems to AD. I did not say you didn't need kerberos to join Samba systems to AD because you do. I am hoping that you take more time to comprehend what I am saying because I am being very precise. The only praise I sang for Samba was their documentation because it is incredibly complete. Most people do not want to comprehend that much information and so they go elsewhere for less information. The problem is that there are so many different scenarios for using Samba, both as a server and as a client. It can be a domain controller or a domain member, it can be a client or server using Windows 98 File sharing methods or current CIFS methods. It supports ancient and current Windows authentication methods (again both as client or server). It can configure into local system authentication/authorization using many different mechanisms including /etc/passwd, LDAP and AD. It provides support for Windows printing both as server and as client. In short, there is so much that Samba does that no simple documentation could possibly exist. But more to the issue... I have used Samba for over 10 years, have used it in all possible ways and NEVER have I ever seen or even heard of a reliable report that 'joining' a system to AD has damaged the AD setup. And yes, we clearly disagree but I actually employ Samba at various levels in various businesses and have no issues with using it and somehow have managed to do this without damaging AD domain controllers. > > I needed LDAP and Kerberos to handle the users and credentials, you may have > decided not to integrate user accounts, but for me it was essential and I > have no idea how you would do that without LDAP. I use Kerberos for my > windows network, so it stands to reason I would use it on this Samba server > residing in my network, heck it's even in the manual. I stated in my > explanation where it went wrong, deciding that I'm wrong by doing it > differently is not the same thing. I have a Linux based firewall that uses > LDAP to authenticate users for access, works like a charm, so I've had some > experience. My users should not have to re-authenticate every time they > access a file, and caching credentials separately means I have to change > them every time somebody changes a password, so I think you over simplified > the problem. What I did wrong was not knowing what I was doing with Samba > and trying to do this on a production network, because I thought I > understood what I was doing. You still haven't provided any reason to use LDAP. Samba and any reasonable Linux distribution can surely use the account information provided by AD. So far, the only problem I think I over simplified is thinking that you actually understand Windows networking because it seems pretty clear that you are hoping for Linux walk-throughs and and Webmin to conceal the problem that you don't understand Linux. Just so we're clear... Windows SBS server is essentially a crippled Windows Server that I presume they sell so small businesses everywhere don't use Linux servers. > > [Samba 3.x cannot participate as a domain controller on an AD domain.] > [Documentation is quite clear. But it is relatively simple and benign for] > [it to join an AD domain as a member server/workstation. It works, it's] > [relatively simple and it is not hazardous to an AD domain whatsoever.] > > Chapter 4 of the Samba documentation states multiple times the need to LDAP > to function completely, it does say it can work without - but at a loss of > functionality, i.e. Single Sign On (SSO). It also talks about it's ability > to work with NT4, but shows some caveats in 200x AD without additional > components, and several warnings about potential problems with > configuration, So I can point to where my information came from, and why I > chose to use the elements. I remember now that the use of Winbind was also > part of the process with LDAP so that should also be an element into my > fai
Re: Looking for a mentor/adviser
Craig White wrote: > On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: >> Craig White wrote: >>> On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: Kurt Granroth wrote: > On 1/30/10 10:10 AM, Matt Graham wrote: >> After a long battle with technology, Craig White wrote: >> [snip] >>> - Netatalk (Macintosh AFP server) >> Really? That package recently dropped off the Gentoo ebuilds list >> because >> there wasn't that much demand for it and it's not really being >> maintained. >> There just aren't as many MacOS 9 boxes out there as there used to be, >> after >> all. >> > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's still > the default way to share OS X drives on Linux. Funny that would come up. We just configured an ubuntu server with netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ functionality is questionable. >>> >>> check the dns on the snow leopard system or better yet, connect via IP >>> address instead of DNS resolution. I am seeing some strange behavior >>> from snow leopard. >>> >>> Craig >> I wish we could, but I only have a Tiger system to test with. I don't >> think Don (whose server we worked on) has Snow Leopard yet either, just >> Leopard. :( >> >> I was planning to upgrade the Tiger host to Snow Leopard in the near >> future. Do you think I should hold off on that? The host is a MacMini. > > I have several clients running many Mac's (Leopard) and connecting to > Netatalk and using it daily... no problemo Do you have samba sharing any of the same data along with netatalk? > Snow Leopard seems to query multiple DNS servers via a round robin style > rather than starting with the first in the list which caused me a > headache. > > Craig I can see where that'd be a bit perplexing. -- -Eric 'shubes' --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
Craig, You are the master, and I'm just an idiot with 20 years of Microsoft experience. so you win, I'm totally wrong. I got nothing more to add, and no desire for this to continue to escalate. Thanks for your time, and best wishes for the future. Sean Parsons -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Craig White Sent: Sunday, January 31, 2010 8:42 PM To: Main PLUG discussion list Subject: RE: Looking for a mentor/adviser On Sun, 2010-01-31 at 19:49 -0700, Sean Parsons wrote: > Craig, > > We obviously don't agree. I followed those examples and they didn't > work. They were not easy to follow nor did they make the process easy to > understand, perhaps you are using your experience to draw from, which I > don't have. You also say I didn't need LDAP or Kerberos, that's pretty > arrogant when you didn't know why I selected them in the first place, yes it > may be possible to make it work without them, but my decision was to use > these components and that's when everything went wrong. You are free to sing > the praises of Samba, maybe someday I will to. But for know I know I can't > do it from the documentation and I needed help. My statements stand as facts > from my experience, and you were not there, nor have you considered my > explanation beyond defending your opinion, which is not right or wrong, it's > your opinion. You have a serious language comprehension problem. I clearly said you didn't need LDAP to join Samba systems to AD. I did not say you didn't need kerberos to join Samba systems to AD because you do. I am hoping that you take more time to comprehend what I am saying because I am being very precise. The only praise I sang for Samba was their documentation because it is incredibly complete. Most people do not want to comprehend that much information and so they go elsewhere for less information. The problem is that there are so many different scenarios for using Samba, both as a server and as a client. It can be a domain controller or a domain member, it can be a client or server using Windows 98 File sharing methods or current CIFS methods. It supports ancient and current Windows authentication methods (again both as client or server). It can configure into local system authentication/authorization using many different mechanisms including /etc/passwd, LDAP and AD. It provides support for Windows printing both as server and as client. In short, there is so much that Samba does that no simple documentation could possibly exist. But more to the issue... I have used Samba for over 10 years, have used it in all possible ways and NEVER have I ever seen or even heard of a reliable report that 'joining' a system to AD has damaged the AD setup. And yes, we clearly disagree but I actually employ Samba at various levels in various businesses and have no issues with using it and somehow have managed to do this without damaging AD domain controllers. > > I needed LDAP and Kerberos to handle the users and credentials, you may have > decided not to integrate user accounts, but for me it was essential and I > have no idea how you would do that without LDAP. I use Kerberos for my > windows network, so it stands to reason I would use it on this Samba server > residing in my network, heck it's even in the manual. I stated in my > explanation where it went wrong, deciding that I'm wrong by doing it > differently is not the same thing. I have a Linux based firewall that uses > LDAP to authenticate users for access, works like a charm, so I've had some > experience. My users should not have to re-authenticate every time they > access a file, and caching credentials separately means I have to change > them every time somebody changes a password, so I think you over simplified > the problem. What I did wrong was not knowing what I was doing with Samba > and trying to do this on a production network, because I thought I > understood what I was doing. You still haven't provided any reason to use LDAP. Samba and any reasonable Linux distribution can surely use the account information provided by AD. So far, the only problem I think I over simplified is thinking that you actually understand Windows networking because it seems pretty clear that you are hoping for Linux walk-throughs and and Webmin to conceal the problem that you don't understand Linux. Just so we're clear... Windows SBS server is essentially a crippled Windows Server that I presume they sell so small businesses everywhere don't use Linux servers. > > [Samba 3.x cannot participate as a domain controller on an AD domain.] > [Documentation is quite clear. But it is relatively simple and be
Re: Looking for a mentor/adviser
Sounds to me that Sean needs Craig to show him the ropes. Its obvious Craig thinks he knows what he is doing. Its also obvious that Sean thinks he has no idea what he is doing. To quote my 2 year old son's book[1], lets not make big problems out of little problems. Craig, why don't you offer to help Sean, and Sean, why don't you offer to buy Craig a beer for his troubles. Brownie points to both if you document what was necessary so others can learn from this experience. [1] http://www.amazon.com/dp/0375822976/ Eric On Sun, Jan 31, 2010 at 8:53 PM, Eric Shubert wrote: > Craig White wrote: > > On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: > >> Craig White wrote: > >>> On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: > Kurt Granroth wrote: > > On 1/30/10 10:10 AM, Matt Graham wrote: > >> After a long battle with technology, Craig White wrote: > >> [snip] > >>> - Netatalk (Macintosh AFP server) > >> Really? That package recently dropped off the Gentoo ebuilds list > because > >> there wasn't that much demand for it and it's not really being > maintained. > >> There just aren't as many MacOS 9 boxes out there as there used to > be, after > >> all. > >> > > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's > still > > the default way to share OS X drives on Linux. > Funny that would come up. We just configured an ubuntu server with > netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ > functionality is questionable. > >>> > >>> check the dns on the snow leopard system or better yet, connect via IP > >>> address instead of DNS resolution. I am seeing some strange behavior > >>> from snow leopard. > >>> > >>> Craig > >> I wish we could, but I only have a Tiger system to test with. I don't > >> think Don (whose server we worked on) has Snow Leopard yet either, just > >> Leopard. :( > >> > >> I was planning to upgrade the Tiger host to Snow Leopard in the near > >> future. Do you think I should hold off on that? The host is a MacMini. > > > > I have several clients running many Mac's (Leopard) and connecting to > > Netatalk and using it daily... no problemo > > Do you have samba sharing any of the same data along with netatalk? > > > Snow Leopard seems to query multiple DNS servers via a round robin style > > rather than starting with the first in the list which caused me a > > headache. > > > > Craig > > I can see where that'd be a bit perplexing. > > -- > -Eric 'shubes' > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- Eric Cope http://cope-et-al.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Sun, 2010-01-31 at 20:53 -0700, Eric Shubert wrote: > Craig White wrote: > > On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: > >> Craig White wrote: > >>> On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: > Kurt Granroth wrote: > > On 1/30/10 10:10 AM, Matt Graham wrote: > >> After a long battle with technology, Craig White wrote: > >> [snip] > >>> - Netatalk (Macintosh AFP server) > >> Really? That package recently dropped off the Gentoo ebuilds list > >> because > >> there wasn't that much demand for it and it's not really being > >> maintained. > >> There just aren't as many MacOS 9 boxes out there as there used to be, > >> after > >> all. > >> > > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's > > still > > the default way to share OS X drives on Linux. > Funny that would come up. We just configured an ubuntu server with > netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ > functionality is questionable. > >>> > >>> check the dns on the snow leopard system or better yet, connect via IP > >>> address instead of DNS resolution. I am seeing some strange behavior > >>> from snow leopard. > >>> > >>> Craig > >> I wish we could, but I only have a Tiger system to test with. I don't > >> think Don (whose server we worked on) has Snow Leopard yet either, just > >> Leopard. :( > >> > >> I was planning to upgrade the Tiger host to Snow Leopard in the near > >> future. Do you think I should hold off on that? The host is a MacMini. > > > > I have several clients running many Mac's (Leopard) and connecting to > > Netatalk and using it daily... no problemo > > Do you have samba sharing any of the same data along with netatalk? yes - everywhere anticipating your next questions... (2.05) and... (sample AppleVolumes.default setting) /home/shares/files Shared Files" perm:775 allow:@"Domain Users" \ rwlist:@"Domain Users" cnidscheme:dbd options:usedots # ls -ald /home/shares/files/.AppleDB drwxrwsr-x 2 ja Domain Users 4096 Dec 7 18:15 /home/shares/files/.AppleDB # ls -al /home/shares/files/.AppleDB total 34824 drwxrwxr-x 2 jaDomain Users 4096 Dec 7 18:15 . drwxrwxrwx 8 administrator Domain Users 4096 Dec 28 11:09 .. -rw-rwxr-x 1 jaDomain Users 35590144 Dec 23 10:33 cnid2.db -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 db_errlog -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 lock (I find setting the 'group' sticky bit on the shared folder and group ownership and write bits on .AppleDB and all enclosed files essential) Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Craig White wrote: > On Sun, 2010-01-31 at 20:53 -0700, Eric Shubert wrote: >> Craig White wrote: >>> On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: Craig White wrote: > On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: >> Kurt Granroth wrote: >>> On 1/30/10 10:10 AM, Matt Graham wrote: After a long battle with technology, Craig White wrote: [snip] > - Netatalk (Macintosh AFP server) Really? That package recently dropped off the Gentoo ebuilds list because there wasn't that much demand for it and it's not really being maintained. There just aren't as many MacOS 9 boxes out there as there used to be, after all. >>> Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's >>> still >>> the default way to share OS X drives on Linux. >> Funny that would come up. We just configured an ubuntu server with >> netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ >> functionality is questionable. > > check the dns on the snow leopard system or better yet, connect via IP > address instead of DNS resolution. I am seeing some strange behavior > from snow leopard. > > Craig I wish we could, but I only have a Tiger system to test with. I don't think Don (whose server we worked on) has Snow Leopard yet either, just Leopard. :( I was planning to upgrade the Tiger host to Snow Leopard in the near future. Do you think I should hold off on that? The host is a MacMini. >>> >>> I have several clients running many Mac's (Leopard) and connecting to >>> Netatalk and using it daily... no problemo >> Do you have samba sharing any of the same data along with netatalk? > > yes - everywhere > > anticipating your next questions... (2.05) and... > > (sample AppleVolumes.default setting) > /home/shares/files Shared Files" perm:775 allow:@"Domain Users" \ > rwlist:@"Domain Users" cnidscheme:dbd options:usedots > > # ls -ald /home/shares/files/.AppleDB > drwxrwsr-x 2 ja Domain Users 4096 Dec 7 > 18:15 /home/shares/files/.AppleDB > > # ls -al /home/shares/files/.AppleDB > total 34824 > drwxrwxr-x 2 jaDomain Users 4096 Dec 7 18:15 . > drwxrwxrwx 8 administrator Domain Users 4096 Dec 28 11:09 .. > -rw-rwxr-x 1 jaDomain Users 35590144 Dec 23 10:33 cnid2.db > -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 db_errlog > -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 lock > > (I find setting the 'group' sticky bit on the shared folder and group > ownership and write bits on .AppleDB and all enclosed files essential) > > Craig Thanks Craig. I hope to get to this by the end of the week. I think you've covered my unasked questions. :) I'll let you know how I make out. -- -Eric 'shubes' --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
On Sun, 2010-01-31 at 20:55 -0700, Sean Parsons wrote: > Craig, > You are the master, and I'm just an idiot with 20 years of Microsoft > experience. so you win, I'm totally wrong. > > I got nothing more to add, and no desire for this to continue to escalate. > Thanks for your time, and best wishes for the future. I suspect that what you actually did was to run dcpromo on your Windows SBS server and set it to 'legacy domain controller' in order to have your Samba server join the domain as a 'controller'. That of course, immediately broke Exchange. Of course, this is just a guess. The only reason you would need LDAP on Linux was if it was to be a domain controller which the documentation clearly states that it cannot be a domain controller on an AD domain. I am not escalating anything nor am I all that invested in your setup because I am only left to guess what you did. I am pretty confident that you were groping and eager to try anything without understanding the reasons and the ramifications. I have seen many people who think that they understand Windows networking but can't function beyond the wizards and GUI provided by Microsoft, can not query LDAP from CLI, don't actually understand how LDAP actually works, how to access it, how to extend it, etc. I can appreciate the extreme difficulty of trying to configure LDAP when you don't actually understand it because I learned it simultaneously with Samba 3 right when Samba 3 was released and it made me pull my hair out trying to learn them simultaneously and all the while I was thinking that Samba 3 was pretty much like Samba 2 (it wasn't - it's just that the commands looked the same). My advice... if you don't fully understand Linux, learn that first. At the point you are comfortable with Linux, learn Samba. At the point that you are fully comfortable with Samba, learn LDAP (if you actually need it or want to use Samba as a domain controller). Recognize that until Samba 4 is actually usable (and it will still be quite some time to reach that stage), you cannot use Samba as a domain controller in any domain that uses 'Exchange Server' 2003 or newer simply because Exchange Server 2003/2007 absolutely require current AD structure. But you can have a separate domain and set up trusts between your Samba domain and your AD. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Sun, 2010-01-31 at 21:23 -0700, Eric Shubert wrote: > Craig White wrote: > > On Sun, 2010-01-31 at 20:53 -0700, Eric Shubert wrote: > >> Craig White wrote: > >>> On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: > Craig White wrote: > > On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: > >> Kurt Granroth wrote: > >>> On 1/30/10 10:10 AM, Matt Graham wrote: > After a long battle with technology, Craig White wrote: > [snip] > > - Netatalk (Macintosh AFP server) > Really? That package recently dropped off the Gentoo ebuilds list > because > there wasn't that much demand for it and it's not really being > maintained. > There just aren't as many MacOS 9 boxes out there as there used to > be, after > all. > > >>> Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's > >>> still > >>> the default way to share OS X drives on Linux. > >> Funny that would come up. We just configured an ubuntu server with > >> netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ > >> functionality is questionable. > > > > check the dns on the snow leopard system or better yet, connect via IP > > address instead of DNS resolution. I am seeing some strange behavior > > from snow leopard. > > > > Craig > I wish we could, but I only have a Tiger system to test with. I don't > think Don (whose server we worked on) has Snow Leopard yet either, just > Leopard. :( > > I was planning to upgrade the Tiger host to Snow Leopard in the near > future. Do you think I should hold off on that? The host is a MacMini. > >>> > >>> I have several clients running many Mac's (Leopard) and connecting to > >>> Netatalk and using it daily... no problemo > >> Do you have samba sharing any of the same data along with netatalk? > > > > yes - everywhere > > > > anticipating your next questions... (2.05) and... > > > > (sample AppleVolumes.default setting) > > /home/shares/files Shared Files" perm:775 allow:@"Domain Users" \ > > rwlist:@"Domain Users" cnidscheme:dbd options:usedots > > > > # ls -ald /home/shares/files/.AppleDB > > drwxrwsr-x 2 ja Domain Users 4096 Dec 7 > > 18:15 /home/shares/files/.AppleDB > > > > # ls -al /home/shares/files/.AppleDB > > total 34824 > > drwxrwxr-x 2 jaDomain Users 4096 Dec 7 18:15 . > > drwxrwxrwx 8 administrator Domain Users 4096 Dec 28 11:09 .. > > -rw-rwxr-x 1 jaDomain Users 35590144 Dec 23 10:33 cnid2.db > > -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 db_errlog > > -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 lock > > > > (I find setting the 'group' sticky bit on the shared folder and group > > ownership and write bits on .AppleDB and all enclosed files essential) > > > > Craig > > Thanks Craig. I hope to get to this by the end of the week. I think > you've covered my unasked questions. :) I'll let you know how I make out. one more thing - if you are using 2.05 and LDAP... the supplied netatalk 'pam.d' module didn't work for LDAP (probably works for /etc/passwd users but I always use LDAP now) this, however does work with LDAP # cat /etc/pam.d/netatalk #%PAM-1.0 auth required pam_nologin.so auth include system-auth accountinclude system-auth sessioninclude system-auth password include system-auth Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Craig White wrote: > On Sun, 2010-01-31 at 21:23 -0700, Eric Shubert wrote: >> Craig White wrote: >>> On Sun, 2010-01-31 at 20:53 -0700, Eric Shubert wrote: Craig White wrote: > On Sun, 2010-01-31 at 18:42 -0700, Eric Shubert wrote: >> Craig White wrote: >>> On Sat, 2010-01-30 at 17:46 -0700, Eric Shubert wrote: Kurt Granroth wrote: > On 1/30/10 10:10 AM, Matt Graham wrote: >> After a long battle with technology, Craig White wrote: >> [snip] >>> - Netatalk (Macintosh AFP server) >> Really? That package recently dropped off the Gentoo ebuilds list >> because >> there wasn't that much demand for it and it's not really being >> maintained. >> There just aren't as many MacOS 9 boxes out there as there used to >> be, after >> all. >> > Not just MacOS 9... the modern OS X "File Sharing" uses AFP. It's > still > the default way to share OS X drives on Linux. Funny that would come up. We just configured an ubuntu server with netatalk at the IF today. It works with Tiger and Leopard, but 10.5.6+ functionality is questionable. >>> >>> check the dns on the snow leopard system or better yet, connect via IP >>> address instead of DNS resolution. I am seeing some strange behavior >>> from snow leopard. >>> >>> Craig >> I wish we could, but I only have a Tiger system to test with. I don't >> think Don (whose server we worked on) has Snow Leopard yet either, just >> Leopard. :( >> >> I was planning to upgrade the Tiger host to Snow Leopard in the near >> future. Do you think I should hold off on that? The host is a MacMini. > > I have several clients running many Mac's (Leopard) and connecting to > Netatalk and using it daily... no problemo Do you have samba sharing any of the same data along with netatalk? >>> >>> yes - everywhere >>> >>> anticipating your next questions... (2.05) and... >>> >>> (sample AppleVolumes.default setting) >>> /home/shares/files Shared Files" perm:775 allow:@"Domain Users" \ >>> rwlist:@"Domain Users" cnidscheme:dbd options:usedots >>> >>> # ls -ald /home/shares/files/.AppleDB >>> drwxrwsr-x 2 ja Domain Users 4096 Dec 7 >>> 18:15 /home/shares/files/.AppleDB >>> >>> # ls -al /home/shares/files/.AppleDB >>> total 34824 >>> drwxrwxr-x 2 jaDomain Users 4096 Dec 7 18:15 . >>> drwxrwxrwx 8 administrator Domain Users 4096 Dec 28 11:09 .. >>> -rw-rwxr-x 1 jaDomain Users 35590144 Dec 23 10:33 cnid2.db >>> -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 db_errlog >>> -rw-rwxr-x 1 jaDomain Users0 Dec 7 18:15 lock >>> >>> (I find setting the 'group' sticky bit on the shared folder and group >>> ownership and write bits on .AppleDB and all enclosed files essential) >>> >>> Craig >> Thanks Craig. I hope to get to this by the end of the week. I think >> you've covered my unasked questions. :) I'll let you know how I make out. > > one more thing - if you are using 2.05 and LDAP... > > the supplied netatalk 'pam.d' module didn't work for LDAP (probably > works for /etc/passwd users but I always use LDAP now) > > this, however does work with LDAP > > # cat /etc/pam.d/netatalk > #%PAM-1.0 > auth required pam_nologin.so > auth include system-auth > accountinclude system-auth > sessioninclude system-auth > password include system-auth > > Craig Thanks for the heads up, Craig. I'll be implementing LDAP eventually, but for now it's just me and the wife on this server. I'll KISS at this point. ;) -- -Eric 'shubes' --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Looking for a mentor/adviser
Craig, Again you assume facts not stated, exchange wasn't a factor. LDAP was chosen because the documentation supported it AND I had used it elsewhere with success, you decided it wasn't necessary and you don't know my network or the facts, that is arrogant on your part. DCPromo wasn't used as it runs on Windows boxes, not the Ubuntu server I was using, again you assumed I'm an idiot and your ignorance is showing. You can't downgrade an SBS server to a legacy mode because of Exchange, conversions are one way and not reversible. Chapter 4 of the Samba manual discusses and clearly explains the use of LDAP and recommends it's use, so where you get your facts from is not clear to me, perhaps the manual is wrong. Since the LDAP configuration occurs in several other chapters I have to wonder why it would be documented if not supported, and since you have no first hand knowledge of my network, you have to be pretty arrogant to tell me when or where I need it. You accused me of not knowing my craft and you don't know the facts, but as you pointed out and I openly admitted I didn't know what I was doing. I read the documentation, and I made my best guess as to it's implementation and it didn't work and there were serious consequences. That YOU can't dispute, I have the proof in the failure, so you will have to accept them as I didn't imagine it. The damage occurred when I was attempting to configure and synchronize the Linux machine to my existing domain using webmin and the information I obtained from the Samba website, again these are the facts and you disputing them is calling me a liar. You keep saying I was building a domain controller, I never said that, I said I was attempting to configure LDAP and Kerberos to work with my existing domain controller, again you have no idea what I was doing, but your sure I am making it up. I was attempting to use the Single Sign On and use LDAP for the AD directory storage and synchronization, which is discussed in the manual. I am familiar with it and I have used it elsewhere. If I knew what I was doing wrong, then I obviously wouldn't have done it a second time to verify my results, which were the same, again facts you can't dispute, unless you want to keep calling me a liar. The existing Microsoft Domain controller stopped working and required a complete restore to function again, not to mention every workstation having to be reset. Whatever Winbind, LDAP and the Kerberos configurations I did (covered in the manual), the minute I synced that Linux server to my domain controller is stopped working, I was there and I have the Microsoft Trouble ticket for them to do a post mortem and tell me what had happened, so again you are being arrogant that you know everything and you know what I did wrong. The fact that I screwed it up is still the fact, you just keep calling me a liar when I explained what I did. I am new to Linux so I started with the UBUNTU server manual reading up on Samba, and then I went to Samba.org to investigate something that was made to sound relatively simple, create a file server to share files on a windows network and use the single sign on capability in Samba. Did I understand everything I read, I thought so, and the documentation seemed reasonable and I followed it, and it contributed to a big problem. Why, probably because I used my Microsoft experience to understanding the Samba manual. Ok, so I screwed it up, you still don't have the right to call me a liar and tell me I don't know my job because I tried something new and attempted to expand my knowledge. As for your tone, I don't appreciate you attacking me and accusing me of lying, when I clearly stated I was in error, it was my fault and that I obviously misunderstood the manual. You accused me of fabricating the facts, they are still true, I attempted to follow the manual relying on my experience and I was wrong, but the manual gave me information and lead me to those conclusions. You continue to attack my experience and you don't know me, you didn't have all the facts, but you spout off that you know everything and I'm a liar, that is just rude and arrogant. I still stand that my explanation is the record of the facts, your assumptions are not based on you knowing what I did, where I went wrong and what my abilities are. They are your opinions being defended by your experience and nothing more. You can have the last word and post your response, but I am done and I have nothing more to say. Best wishes. Sean Parsons -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Craig White Sent: Sunday, January 31, 2010 9:26 PM To: Main PLUG discussion list Subject: RE: Looking for a mentor/adviser On Sun, 2010-01-31 at 20:55 -0700,
RE: Looking for a mentor/adviser
On Sun, 2010-01-31 at 22:10 -0700, Sean Parsons wrote: > Craig, > Again you assume facts not stated, exchange wasn't a factor. LDAP > was chosen because the documentation supported it AND I had used it > elsewhere with success, you decided it wasn't necessary and you don't know > my network or the facts, that is arrogant on your part. DCPromo wasn't used > as it runs on Windows boxes, not the Ubuntu server I was using, again you > assumed I'm an idiot and your ignorance is showing. You can't downgrade an > SBS server to a legacy mode because of Exchange, conversions are one way and > not reversible. Chapter 4 of the Samba manual discusses and clearly explains > the use of LDAP and recommends it's use, so where you get your facts from is > not clear to me, perhaps the manual is wrong. Since the LDAP configuration > occurs in several other chapters I have to wonder why it would be documented > if not supported, and since you have no first hand knowledge of my network, > you have to be pretty arrogant to tell me when or where I need it. > > You accused me of not knowing my craft and you don't know the facts, > but as you pointed out and I openly admitted I didn't know what I was doing. > I read the documentation, and I made my best guess as to it's implementation > and it didn't work and there were serious consequences. That YOU can't > dispute, I have the proof in the failure, so you will have to accept them as > I didn't imagine it. The damage occurred when I was attempting to configure > and synchronize the Linux machine to my existing domain using webmin and the > information I obtained from the Samba website, again these are the facts and > you disputing them is calling me a liar. You keep saying I was building a > domain controller, I never said that, I said I was attempting to configure > LDAP and Kerberos to work with my existing domain controller, again you have > no idea what I was doing, but your sure I am making it up. I was attempting > to use the Single Sign On and use LDAP for the AD directory storage and > synchronization, which is discussed in the manual. I am familiar with it and > I have used it elsewhere. > > If I knew what I was doing wrong, then I obviously wouldn't have > done it a second time to verify my results, which were the same, again facts > you can't dispute, unless you want to keep calling me a liar. The existing > Microsoft Domain controller stopped working and required a complete restore > to function again, not to mention every workstation having to be reset. > Whatever Winbind, LDAP and the Kerberos configurations I did (covered in the > manual), the minute I synced that Linux server to my domain controller is > stopped working, I was there and I have the Microsoft Trouble ticket for > them to do a post mortem and tell me what had happened, so again you are > being arrogant that you know everything and you know what I did wrong. The > fact that I screwed it up is still the fact, you just keep calling me a liar > when I explained what I did. > > I am new to Linux so I started with the UBUNTU server manual reading > up on Samba, and then I went to Samba.org to investigate something that was > made to sound relatively simple, create a file server to share files on a > windows network and use the single sign on capability in Samba. Did I > understand everything I read, I thought so, and the documentation seemed > reasonable and I followed it, and it contributed to a big problem. Why, > probably because I used my Microsoft experience to understanding the Samba > manual. Ok, so I screwed it up, you still don't have the right to call me a > liar and tell me I don't know my job because I tried something new and > attempted to expand my knowledge. > > As for your tone, I don't appreciate you attacking me and accusing > me of lying, when I clearly stated I was in error, it was my fault and that > I obviously misunderstood the manual. You accused me of fabricating the > facts, they are still true, I attempted to follow the manual relying on my > experience and I was wrong, but the manual gave me information and lead me > to those conclusions. You continue to attack my experience and you don't > know me, you didn't have all the facts, but you spout off that you know > everything and I'm a liar, that is just rude and arrogant. > > I still stand that my explanation is the record of the facts, your > assumptions are not based on you knowing what I did, where I went wrong and > what my abilities are. They are your opinions being defended by your > experience and nothing more. > > You can have the last word and post your response, but I am done and > I have nothing more to say. ok then... There is absolutely no reason to use LDAP on a Linux (or UNIX) system that merely wants to to join AD as a domain member. There is no documentation anywhere on Samba's web site that says otherwise. None. You should configure kerberos on this Linux
Re: Looking for a mentor/adviser
Hopefully this can explain where the confusion with LDAP is coming from, here's 2 smb.conf files I use with clients (with any details changed obviously) the top one is the relevant part of global for a file server that is part of a windows domain, kerberos is needed but not LDAP because an external password server is provided to authenticate against. I also put a sample share section on there that shows how to address permissions, the server still maps domain users and groups to uid/gids but rather than having a local OpenLDAP database it uses an external server, this is done mainly through the nsswitch.conf file: passwd: compat winbind shadow: compat group: compat winbind the second global section of smb.conf shows a samaba server acting as a domain controller (this only acts as an NT4 domain controller features expecting in 2003 aren't available), but you can see it does list it's own LDAP server for authentication and uses the smbldap-tools to manage users and groups. It's nsswitch.conf file points to it's own local LDAP server for mapping names to uid/gids: passwd: files ldap shadow: files ldap group: files ldap hope that's of some help. === First no LDAP file server === [global] dos charset = ASCII unix charset = UTF8 display charset = UTF8 workgroup = Domain realm = Domain security = ADS server string = Samba Server %v password server = 10.11.12.13 client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No client use spnego = yes [extra] path = /exports/extra force user = root read only = No valid users = @"domain\user",@"domain\group" === Second DC with LDAP server === [global] netbios name = Samba-DC workgroup = Domain server string = LDAP PDC [on Gentoo :: Samba server %v] security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = lo eth0 bind interfaces only = yes local master = yes os level = 65 domain master = yes preferred master = yes null passwords = no hide unreadable = yes hide dot files = yes domain logons = yes logon drive = H: logon home = \\%L\%U wins support = yes name resolve order = wins lmhosts host bcast dns proxy = no time server = yes log file = /var/log/samba/log.%m max log size = 50 log level = 3 add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add machine script = /usr/sbin/smbldap-useradd -W "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" passdb backend = ldapsam:ldap://127.0.0.1/ ldap delete dn = Yes ldap ssl = no ldap suffix = dc=domain ldap admin dn = cn=Administrator,dc=domain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=People enable privileges = yes ldapsam:trusted = yes idmap uid = 1-2 idmap gid = 1-2 --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
On Mon, 2010-02-01 at 13:26 -0700, Paul Mooring wrote: > Hopefully this can explain where the confusion with LDAP is coming > from, here's 2 smb.conf files I use with clients (with any details > changed obviously) the top one is the relevant part of global for a > file server that is part of a windows domain, kerberos is needed but > not LDAP because an external password server is provided to > authenticate against. I also put a sample share section on there that > shows how to address permissions, the server still maps domain users > and groups to uid/gids but rather than having a local OpenLDAP > database it uses an external server, this is done mainly through the > nsswitch.conf file: > > passwd: compat winbind > shadow: compat > group: compat winbind > > the second global section of smb.conf shows a samaba server acting as > a domain controller (this only acts as an NT4 domain controller > features expecting in 2003 aren't available), but you can see it does > list it's own LDAP server for authentication and uses the > smbldap-tools to manage users and groups. It's nsswitch.conf file > points to it's own local LDAP server for mapping names to uid/gids: > > passwd: files ldap > shadow: files ldap > group: files ldap > > hope that's of some help. > > === First no LDAP file server === > > [global] > dos charset = ASCII > unix charset = UTF8 > display charset = UTF8 > workgroup = Domain > realm = Domain > security = ADS > server string = Samba Server %v > password server = 10.11.12.13 > client NTLMv2 auth = Yes > client lanman auth = No > client plaintext auth = No > client use spnego = yes > > [extra] > path = /exports/extra > force user = root > read only = No > valid users = @"domain\user",@"domain\group" > > > === Second DC with LDAP server === > > [global] > > netbios name = Samba-DC > workgroup = Domain > server string = LDAP PDC [on Gentoo :: Samba server %v] > security = user > encrypt passwords = yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > interfaces = lo eth0 > bind interfaces only = yes > local master = yes > os level = 65 > domain master = yes > preferred master = yes > null passwords = no > hide unreadable = yes > hide dot files = yes > domain logons = yes > logon drive = H: > logon home = \\%L\%U > wins support = yes > name resolve order = wins lmhosts host bcast > dns proxy = no > time server = yes > log file = /var/log/samba/log.%m > max log size = 50 > > log level = 3 > > add user script = /usr/sbin/smbldap-useradd -m "%u" > ldap delete dn = Yes > add machine script = /usr/sbin/smbldap-useradd -W "%u" > add group script = /usr/sbin/smbldap-groupadd -p "%g" > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > > passdb backend = ldapsam:ldap://127.0.0.1/ > ldap delete dn = Yes > ldap ssl = no > > ldap suffix = dc=domain > ldap admin dn = cn=Administrator,dc=domain > ldap group suffix = ou=Groups > ldap user suffix = ou=People > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=People > > enable privileges = yes > ldapsam:trusted = yes > > idmap uid = 1-2 > idmap gid = 1-2 yes of course. just a simple comment... socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 is necessary only for older 2.4 kernels and not for current or reasonably current 2.6 kernels and may actually be counter productive. That configuration was part of original Samba recommendations from a long time ago and many sample files still include it but clearly should not. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Looking for a mentor/adviser
Well written Craig. Sean, you and I have had similar issues with your technical comprehension at a HackFest this past year, on a firewall distribution. Craig is so incredibly experienced, and such a succinct communicator, always willing to assist, that it just defeats all practical common sense to become argumentative with him rather than ask clear questions that will illuminate the areas you misunderstand. You might do well Sean to set up vigilance when you are motivated to become argumentative over abstract details, since this is a clear red flag that you don't understand the subject matter. It very well might be a learning disability, which you can overcome. After observing your long winded waste of argumentative words, when plain process flowcharted questions on subject would easily solve your problems, and ego based alienation of others over the past 12 months in your postings, I want to make the following suggestions, since you are highly intelligent, and motivated to do more than bang your head against a wall with linux: 1) Make map based diagrams of the technical issues. 2) Whenever you pass a word of concept you don't fully understand, hit wikipedia. Example: "kerberos", the authentication process inherent in Samba and A/D, which clearly is not LDAP. 3) On Sun, Jan 31, 2010 at 8:41 PM, Craig White wrote: > On Sun, 2010-01-31 at 19:49 -0700, Sean Parsons wrote: >> Craig, >> >> We obviously don't agree. I followed those examples and they didn't >> work. They were not easy to follow nor did they make the process easy to >> understand, perhaps you are using your experience to draw from, which I >> don't have. You also say I didn't need LDAP or Kerberos, that's pretty >> arrogant when you didn't know why I selected them in the first place, yes it >> may be possible to make it work without them, but my decision was to use >> these components and that's when everything went wrong. You are free to sing >> the praises of Samba, maybe someday I will to. But for know I know I can't >> do it from the documentation and I needed help. My statements stand as facts >> from my experience, and you were not there, nor have you considered my >> explanation beyond defending your opinion, which is not right or wrong, it's >> your opinion. > > You have a serious language comprehension problem. > > I clearly said you didn't need LDAP to join Samba systems to AD. I did > not say you didn't need kerberos to join Samba systems to AD because you > do. > > I am hoping that you take more time to comprehend what I am saying > because I am being very precise. > > The only praise I sang for Samba was their documentation because it is > incredibly complete. Most people do not want to comprehend that much > information and so they go elsewhere for less information. > > The problem is that there are so many different scenarios for using > Samba, both as a server and as a client. It can be a domain controller > or a domain member, it can be a client or server using Windows 98 File > sharing methods or current CIFS methods. It supports ancient and current > Windows authentication methods (again both as client or server). It can > configure into local system authentication/authorization using many > different mechanisms including /etc/passwd, LDAP and AD. It provides > support for Windows printing both as server and as client. In short, > there is so much that Samba does that no simple documentation could > possibly exist. > > But more to the issue... I have used Samba for over 10 years, have used > it in all possible ways and NEVER have I ever seen or even heard of a > reliable report that 'joining' a system to AD has damaged the AD setup. > > And yes, we clearly disagree but I actually employ Samba at various > levels in various businesses and have no issues with using it and > somehow have managed to do this without damaging AD domain controllers. > >> >> I needed LDAP and Kerberos to handle the users and credentials, you may have >> decided not to integrate user accounts, but for me it was essential and I >> have no idea how you would do that without LDAP. I use Kerberos for my >> windows network, so it stands to reason I would use it on this Samba server >> residing in my network, heck it's even in the manual. I stated in my >> explanation where it went wrong, deciding that I'm wrong by doing it >> differently is not the same thing. I have a Linux based firewall that uses >> LDAP to authenticate users for access, works like a charm, so I've had some >> experience. My users should not have to re-authenticate every time they >> access a file, and caching credentials separately means I have to change >> them every time somebody changes a password, so I think you over simplified >> the problem. What I did wrong was not knowing what I was doing with Samba >> and trying to do this on a production network, because I thought I >> understood what I was doing. > > You still haven't provided any reason to use L
[CLOSED] Re: Looking for a mentor/adviser
On Mon 1 February 2010 4:53:08 pm Lisa Kachold wrote: > You might do well Sean to set up vigilance when you are motivated to > become argumentative over abstract details, since this is a clear red > flag that you don't understand the subject matter. It very well might > be a learning disability, which you can overcome. Hey all, At this point, after talking things over with Hans and Alan in IRC, we think it's best if this thread is closed. It is getting no where productive very fast, regardless of who is the cause of this. Sean has his mentor and will be reporting his progress on the mailing list (might I also suggest documenting it in a wordpress.com or blogger.com blog?); at this point, the rest of this thread should not dissolve into argument or name calling from -anyone,- whether it is Sean or Lisa or Craig or -anyone else- on the plug-discuss mailing lists. Sean has made his interest in learning about GNU/Linux and moving his business from a completely Microsoft environment into an integrated environment completely clear in past posts to the list. As a result of this thread, even after receiving the help he requested, he is considering (or has) unsubscribed from the mailing list. This is _not_ the kind of message we want to send to newer Phoenix LUG members. I have no time for a full analysis of this situation, only enough to see that this thread is doing nothing productive and only making _everyone_ involved look fairly silly. As a result, we (Hans and I) are asking that this thread be closed. Please don't reply to this message or any others in this thread. Note, the "Project Update" thread is not under moderation at this time. :-) Thanks and best, Ryan THREAD CLOSED -- Ryan Rix == http://hackersramblings.wordpress.com | http://rix.si/ == signature.asc Description: This is a digitally signed message part. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: [CLOSED] Re: Looking for a mentor/adviser
On Mon 1 February 2010 8:27:51 pm Ryan Rix wrote: > and Alan in IRC Oops, scratch that part; talked with Hans though. -- Ryan Rix == http://hackersramblings.wordpress.com | http://rix.si/ == signature.asc Description: This is a digitally signed message part. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
