Hi, I setup a secondary DC to server as a fileserver for testing purposes. The DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox. The DC OS also runs Fedora 21 x64. The smb.conf follows: [global] workgroup = BPDNET realm = ad.blackpenguin.org netbios name = DCBACKUP server role = active directory domain controller vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes [netlogon] path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [images] path = /home/data/images read only = No The filesystem on the DC is set with ACLs: /dev/mapper/fedora--server-home /home ext4 user_xattr,acl,barrier=1 1 1 The /home/data folder is a machine shared folder via VirtualBox. The underlying Linux OS does not have ACLs enabled. I noticed that I cannot change any rights on any folder created under /home/data. Has anyone tried anything similar to this? I'm only concerned about the share security. The reason to implement this is to try the setup. My primary domain controller works just perfectly - it is a physical machine, but my secondary DC has to be virtual and has to be able to do storage. However the share resource cannot be on the virtual machine since this will accommodate hundreds of gigs and the VM cannot and should not grow to that size. -- View this message in context: http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-VirtualBox-tp4685846.html Sent from the Samba - General mailing list archive at Nabble.com.
Hello, So what?-- my secondary DC has to be virtual and has to be able to do storage! But?-- my secondary DC has to be virtual and has to be able to do storage This could only be solved by a third machine serving the storage! So why not a samba4 fileserver with enough storage? And no second DC! Greetings Daniel EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de -----Urspr?ngliche Nachricht----- Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von bogdan_bartos Gesendet: Dienstag, 12. Mai 2015 05:03 An: samba at lists.samba.org Betreff: [Samba] Secondary DC as fileserver within VirtualBox Hi, I setup a secondary DC to server as a fileserver for testing purposes. The DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox. The DC OS also runs Fedora 21 x64. The smb.conf follows: [global] workgroup = BPDNET realm = ad.blackpenguin.org netbios name = DCBACKUP server role = active directory domain controller vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes [netlogon] path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [images] path = /home/data/images read only = No The filesystem on the DC is set with ACLs: /dev/mapper/fedora--server-home /home ext4 user_xattr,acl,barrier=1 1 1 The /home/data folder is a machine shared folder via VirtualBox. The underlying Linux OS does not have ACLs enabled. I noticed that I cannot change any rights on any folder created under /home/data. Has anyone tried anything similar to this? I'm only concerned about the share security. The reason to implement this is to try the setup. My primary domain controller works just perfectly - it is a physical machine, but my secondary DC has to be virtual and has to be able to do storage. my secondary DC has to be virtual and has to be able to do storage. -- View this message in context: http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-Virtual Box-tp4685846.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
On 12/05/15 09:49, Daniel M?ller wrote:> Hello, > So what?-- my secondary DC has to be virtual and has to be able to do > storage! > But?-- my secondary DC has to be virtual and has to be able to do storage > This could only be solved by a third machine serving the storage! > So why not a samba4 fileserver with enough storage? And no second DC! > > > Greetings > Daniel > > > > EDV Daniel M?ller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 T?bingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: mueller at tropenklinik.de > Internet: www.tropenklinik.de > > > > -----Urspr?ngliche Nachricht----- > Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im > Auftrag von bogdan_bartos > Gesendet: Dienstag, 12. Mai 2015 05:03 > An: samba at lists.samba.org > Betreff: [Samba] Secondary DC as fileserver within VirtualBox > > Hi, > > I setup a secondary DC to server as a fileserver for testing purposes. The > DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox. > The DC OS also runs Fedora 21 x64. > > The smb.conf follows: > [global] > workgroup = BPDNET > realm = ad.blackpenguin.org > netbios name = DCBACKUP > server role = active directory domain controller > vfs objects = acl_xattr > map acl inherit = Yes > store dos attributes = Yes > [netlogon] > path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts > read only = No > [sysvol] > path = /usr/local/samba/var/locks/sysvol > read only = No > [images] > path = /home/data/images > read only = No > > The filesystem on the DC is set with ACLs: > /dev/mapper/fedora--server-home /home ext4 > user_xattr,acl,barrier=1 1 1 > > The /home/data folder is a machine shared folder via VirtualBox. The > underlying Linux OS does not have ACLs enabled. I noticed that I cannot > change any rights on any folder created under /home/data. Has anyone tried > anything similar to this? I'm only concerned about the share security. > > The reason to implement this is to try the setup. My primary domain > controller works just perfectly - it is a physical machine, but my secondary > DC has to be virtual and has to be able to do storage. my secondary DC has > to be virtual and has to be able to do storage. > > > > -- > View this message in context: > http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-Virtual > Box-tp4685846.html > Sent from the Samba - General mailing list archive at Nabble.com. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >Or better still, First machine, AD DC second machine as member server with the second DC in VM Rowland
BlackPenguin ADMIN
2015-May-12 11:37 UTC
[Samba] Secondary DC as fileserver within VirtualBox
That is exactly the application - to avoid another machine in the future. It does need to be a DC with virtual storage. On 12/05/15 02:49 AM, Daniel M?ller wrote:> Hello, > So what?-- my secondary DC has to be virtual and has to be able to do > storage! > But?-- my secondary DC has to be virtual and has to be able to do storage > This could only be solved by a third machine serving the storage! > So why not a samba4 fileserver with enough storage? And no second DC! > > > Greetings > Daniel > > > > EDV Daniel M?ller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 T?bingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: mueller at tropenklinik.de > Internet: www.tropenklinik.de > > > > -----Urspr?ngliche Nachricht----- > Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im > Auftrag von bogdan_bartos > Gesendet: Dienstag, 12. Mai 2015 05:03 > An: samba at lists.samba.org > Betreff: [Samba] Secondary DC as fileserver within VirtualBox > > Hi, > > I setup a secondary DC to server as a fileserver for testing purposes. The > DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox. > The DC OS also runs Fedora 21 x64. > > The smb.conf follows: > [global] > workgroup = BPDNET > realm = ad.blackpenguin.org > netbios name = DCBACKUP > server role = active directory domain controller > vfs objects = acl_xattr > map acl inherit = Yes > store dos attributes = Yes > [netlogon] > path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts > read only = No > [sysvol] > path = /usr/local/samba/var/locks/sysvol > read only = No > [images] > path = /home/data/images > read only = No > > The filesystem on the DC is set with ACLs: > /dev/mapper/fedora--server-home /home ext4 > user_xattr,acl,barrier=1 1 1 > > The /home/data folder is a machine shared folder via VirtualBox. The > underlying Linux OS does not have ACLs enabled. I noticed that I cannot > change any rights on any folder created under /home/data. Has anyone tried > anything similar to this? I'm only concerned about the share security. > > The reason to implement this is to try the setup. My primary domain > controller works just perfectly - it is a physical machine, but my secondary > DC has to be virtual and has to be able to do storage. my secondary DC has > to be virtual and has to be able to do storage. > > > > -- > View this message in context: > http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-Virtual > Box-tp4685846.html > Sent from the Samba - General mailing list archive at Nabble.com. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- *BOGDAN BARTOS* /System's Administrator/ admin at blackpenguin.org <mailto:admin at blackpenguin.org> h. 001.403.266.1513 | c. 001.403.919.5699 *IT SERVICES* - http://www.blackpenguin.org/itservices