Samba3 domain controller howto?
mister.olli at googlemail.com
Mon Jun 8 12:27:32 UTC 2009
I used the following procedure to install samba4 on a freebsd box:
in my current setup (which is about 4 months old) the following this do
- active directory groups did somehow not work as expected, but I didn't
had the time to look deeper into it
- updating DNS records within named, as the version freebsd comes with
does not support the GSSAPI. if someone finds a way to replace builtin
named with a newer version please drop me an email.
- stability (didn't had the time to examine the segfaults further.) I
already had contact about this issue with andrew bartlett from the
developer team and they are willing to fix this issues when they have
look here (http://wiki.samba.org/index.php/Franky) for informations
about the 'franky' release and how to compile it. seems to be simple if
you're a little bit familiar with samba.
I didn't had the time to look and test, and surely won't have any until
so it would be great to hear your experiences :-)
On Mon, 2009-06-08 at 07:40 -0400, Dave wrote:
> Do you have a procedure for getting samba4 going? If it can do active
> directory i'd like to try it. And get it all going, with samba3 as well.
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Mister Olli
> Sent: Monday, June 08, 2009 7:18 AM
> To: Tim Judd
> Cc: Olivier Nicole; freebsd-questions at freebsd.org; redtick at sbcglobal.net
> Subject: Re: Samba3 domain controller howto?
> > yes, you are mis-understanding
> > samba itself is a NT4-type domain.
> not quite right. It depends on the samba version your using.
> - samba3 only provides NT4-type domains
> - samba4 provides active directory domain types including GPO (I have such a
> setup running in 7.<SOMETHING> with around 10 users. It works quite good,
> beside the fact that samba segfaults from time to time (which I covered by
> running samba4 in foreground within an endless bash.-loop)).
> there is even a new build-option that creates the 'samba franky' release
> which uses samba3 & samba4 at the same time to make nearly all samba3
> feature in combination with AD environments available, but it didn't have
> the time to look into that. But it sounds quite promising, since
> samba4 lacks some features samba3 already has.
> Mr. Olli
> > samba can use authentication backends that include passwd files, LDAP
> > and kerberos. Active directory is a requirement to use LDAP, whereas
> > samba is offering it as a auth backend only.
> > fine line, I know.
> > IOW, whereas Active Directory - as a technology:
> > Uses kerberos for authorization
> > Uses LDAP for a storage backend for Kerberos
> > Uses user at domain logins (thanks to Kerberos),
> > Uses other techs not related to this thread
> > NT4-style domains - as a technology:
> > Not using Kerberos
> > Not using LDAP storage
> > Samba allows it's authorization backend to offer more possibilities
> > than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc.
> > It's technology vs technology, not product vs product.
> > On 6/7/09, Olivier Nicole <on at cs.ait.ac.th> wrote:
> > > Hi,
> > >
> > >> Samba is still only a NT4-type
> > >> DC, no Active Directory type of function (Group Policies,
> > >> user at domain logins, kerberos, ldap, etc)
> > >
> > > I am not sure if I understand you well, but my samba is
> > > authenticating users agaiinst LDAP.
> > >
> > > Best regards,
> > >
> > > Olivier
> > >
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions