samba4 AD - some doubts and concerns

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

samba4 AD - some doubts and concerns

Samba - General mailing list
Hello guys,

*The scenario:*

Today we have a samba3 NT4 + openldap as database. This samba3 is in a
physical machine with freebsd and the openldap is in a VM. I plan to
install samba4 AD on a VM using debian and then as a member samba4 as
fileserver.

As a firewall we use pfsense and in it we have several vlans, where each
vlan has its dhcp server configured to distribute public IPs.

*Samba3 NT4:*

In freebsd I need to put each IP of the WINS servers (input in pfsense)
configured in the file /etc/rc.conf, as below, otherwise the machines do
not enter the domain.

ifconfig_bce0="up"

> vlans_bce0="200 300 410 420 430 440 450 460 470 480 500"
> ifconfig_bce0_200="inet xxx.xxx.53.130/26"
> ifconfig_bce0_300="inet xxx.xxx.50.2/23"
> ifconfig_bce0_410="inet xxx.xxx.53.2/26"
> ifconfig_bce0_420="inet xxx.xxx.53.66/26"
> ifconfig_bce0_430="inet xxx.xxx.52.2/26"
> ifconfig_bce0_440="inet xxx.xxx.66/26"
> ifconfig_bce0_450="inet xxx.xxx.130/26"
> ifconfig_bce0_460="inet xxx.xxx.194/26"
> ifconfig_bce0_470="inet xxx.xxx.2/26"
> ifconfig_bce0_480="inet xxx.xxx.66/26"


I need to do this vlans settings in Samba4 AD?

--
Elias Pereira
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: samba4 AD - some doubts and concerns

Samba - General mailing list
> In freebsd I need to put each IP of the WINS servers (input in pfsense)
> configured in the file /etc/rc.conf, as below, otherwise the machines do
> not enter the domain.

Not certain what "enter the domain" means;  but Active Directory is  
very DNS oriented.  You will not need WINS to work for AD to work;  if  
DNS is working, and the LDAP + Kerberbos ports are open, it should be  
good.


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: samba4 AD - some doubts and concerns

Samba - General mailing list
Thanks Adam for your answer!! "not enter the domain" means that the machine
not found our domain (samba3 pdc/nt4) for auth.

-------------------------

What is the best way to put a new samba4 AD server on the "air"?

*Note*: *Today I have samba3 nt4 and at the moment I can not just turn it
off and start another. I need to do this side by side.*

On Tue, May 9, 2017 at 5:28 PM, Adam Tauno Williams via samba <
[hidden email]> wrote:

> In freebsd I need to put each IP of the WINS servers (input in pfsense)
>> configured in the file /etc/rc.conf, as below, otherwise the machines do
>> not enter the domain.
>>
>
> Not certain what "enter the domain" means;  but Active Directory is very
> DNS oriented.  You will not need WINS to work for AD to work;  if DNS is
> working, and the LDAP + Kerberbos ports are open, it should be good.
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



--
Elias Pereira
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: samba4 AD - some doubts and concerns

Samba - General mailing list
What is the best way to put a new samba4 AD server on the "air"?

*Note*: *Today I have samba3 nt4 and at the moment I can not just turn it
off and start another. I need to do this side by side. **In some places I
researched, it was said that there would be no problem at all.*

On Tue, May 9, 2017 at 6:28 PM, Elias Pereira <[hidden email]> wrote:

> Thanks Adam for your answer!! "not enter the domain" means that the
> machine not found our domain (samba3 pdc/nt4) for auth.
>
> -------------------------
>
> What is the best way to put a new samba4 AD server on the "air"?
>
> *Note*: *Today I have samba3 nt4 and at the moment I can not just turn it
> off and start another. I need to do this side by side.*
>
> On Tue, May 9, 2017 at 5:28 PM, Adam Tauno Williams via samba <
> [hidden email]> wrote:
>
>> In freebsd I need to put each IP of the WINS servers (input in pfsense)
>>> configured in the file /etc/rc.conf, as below, otherwise the machines do
>>> not enter the domain.
>>>
>>
>> Not certain what "enter the domain" means;  but Active Directory is very
>> DNS oriented.  You will not need WINS to work for AD to work;  if DNS is
>> working, and the LDAP + Kerberbos ports are open, it should be good.
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>
>
> --
> Elias Pereira
>



--
Elias Pereira
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba