Date: Mon, 08 Jun 2009 14:27:26 +0200 From: Mister Olli <mister.olli@googlemail.com> To: dave.mehler@gmail.com Cc: freebsd-questions@freebsd.org Subject: RE: Samba3 domain controller howto? Message-ID: <1244464046.12252.28.camel@phoenix.blechhirn.net> In-Reply-To: <1765BE3D07864F69AB4F9D3874BCBC64@hades> References: <273384.34545.qm@web81206.mail.mud.yahoo.com> <ade45ae90906071218u794e8d3aqe4f5eee5a389a67d@mail.gmail.com> <200906080259.n582xtVg024068@banyan.cs.ait.ac.th> <ade45ae90906072011m21e9c5a8k28da8c246e1a6aef@mail.gmail.com> <1244459893.12252.17.camel@phoenix.blechhirn.net> <1765BE3D07864F69AB4F9D3874BCBC64@hades>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I used the following procedure to install samba4 on a freebsd box: http://wiki.samba.org/index.php/Samba4/HOWTO in my current setup (which is about 4 months old) the following this do not work: - active directory groups did somehow not work as expected, but I didn't had the time to look deeper into it - updating DNS records within named, as the version freebsd comes with does not support the GSSAPI. if someone finds a way to replace builtin named with a newer version please drop me an email. - stability (didn't had the time to examine the segfaults further.) I already had contact about this issue with andrew bartlett from the developer team and they are willing to fix this issues when they have enough informations. look here (http://wiki.samba.org/index.php/Franky) for informations about the 'franky' release and how to compile it. seems to be simple if you're a little bit familiar with samba. I didn't had the time to look and test, and surely won't have any until mid-august. so it would be great to hear your experiences :-) Regards, --- Mr. Olli On Mon, 2009-06-08 at 07:40 -0400, Dave wrote: > Hi, > Do you have a procedure for getting samba4 going? If it can do active > directory i'd like to try it. And get it all going, with samba3 as well. > Thanks. > Dave. > > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Mister Olli > Sent: Monday, June 08, 2009 7:18 AM > To: Tim Judd > Cc: Olivier Nicole; freebsd-questions@freebsd.org; redtick@sbcglobal.net > Subject: Re: Samba3 domain controller howto? > > hi, > > > yes, you are mis-understanding > > > > samba itself is a NT4-type domain. > not quite right. It depends on the samba version your using. > - samba3 only provides NT4-type domains > - samba4 provides active directory domain types including GPO (I have such a > setup running in 7.<SOMETHING> with around 10 users. It works quite good, > beside the fact that samba segfaults from time to time (which I covered by > running samba4 in foreground within an endless bash.-loop)). > > there is even a new build-option that creates the 'samba franky' release > which uses samba3 & samba4 at the same time to make nearly all samba3 > feature in combination with AD environments available, but it didn't have > the time to look into that. But it sounds quite promising, since > samba4 lacks some features samba3 already has. > > > Regards, > --- > Mr. Olli > > > > samba can use authentication backends that include passwd files, LDAP > > and kerberos. Active directory is a requirement to use LDAP, whereas > > samba is offering it as a auth backend only. > > > > fine line, I know. > > > > IOW, whereas Active Directory - as a technology: > > Uses kerberos for authorization > > Uses LDAP for a storage backend for Kerberos > > Uses user@domain logins (thanks to Kerberos), > > Uses other techs not related to this thread > > > > NT4-style domains - as a technology: > > Not using Kerberos > > Not using LDAP storage > > > > Samba allows it's authorization backend to offer more possibilities > > than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc. > > > > > > It's technology vs technology, not product vs product. > > > > > > On 6/7/09, Olivier Nicole <on@cs.ait.ac.th> wrote: > > > Hi, > > > > > >> Samba is still only a NT4-type > > >> DC, no Active Directory type of function (Group Policies, > > >> user@domain logins, kerberos, ldap, etc) > > > > > > I am not sure if I understand you well, but my samba is > > > authenticating users agaiinst LDAP. > > > > > > Best regards, > > > > > > Olivier > > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1244464046.12252.28.camel>