samba - May 2014 - I've gone full circle now, let's start over

When I started considering Samba, the main objective was to have a way 
for our users to log into something and map the shares they required 
based on their group (departmental) needs. As I asked more questions, 
most recommended AD as this would allow the administrator to manage 
these users.

Now that I find I'll probably need VMs to handle the AD/DC and the 
shares because I only have two servers to work with, I have to ask:

Is there another way I can accomplish this without AD and Samba4?

Managing users is not a big deal for me as I admin our mail servers, and 
every email account gets a Linux user account. There are plenty of tools 
to deal with account management - I use Webmin. But I'm retiring in a 
few months, and I have to pass on the Linux responsibilities to a new 
person, and Samba user management is all new to us here.

The main problem is still how to have users log on to their machine and 
have their drives mapped to the shares without user intervention.

Clues?

steve campbell

On 2014-05-22 17:22, Steve Campbell wrote:
> But I'm retiring in a
> few months, and I have to pass on the Linux responsibilities to a new
> person, and Samba user management is all new to us here.
AD is standard procedure everywhere for over a decade now, VMs aren't
that much younger either. So whatever new guys you hire, they'll
probably be more familiar with the new setup than whatever you have now.
> The main problem is still how to have users log on to their machine
> and have their drives mapped to the shares without user intervention.
Just put a batch file in autostart, as long as you have a way to tell
what department those users are in.

If you want to centrally manage users, there's no practicable way around
an LDAP/NT domain (samba 3) or an Active Directory (samba 4).

-- 
Mit freundlichen Gr??en, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.samba.org/pipermail/samba/attachments/20140522/af9f4145/attachment.pgp>

It depends on the size of your location and the clients in question.


Assuming , when talking about mapping shares, you mean from Windows 
clients.      If you have more than 5 windows workstations, the Windows 
workgroup approach (i.e. no centralized accounts) is a pain to 
manage.      The domain approach with a domain controller is usually the 
way to go.      A Windows domain controller can be a Windows 200x Active 
Directory Domain Controller, as Samba 4 domain controller (which mimics 
a Windows 200x DC) or a Samba 3.x DC (with is more like a NT4 DC.)


I have been running Samba 3.x at my location for several years.     I am 
using an LDAP backend, and this is the same LDAP backend that is used 
for authenticating Linux workstations and other services.         If you 
have an existing LDAP infrastructure I would look at Samba 3.x     The 
big downside of Samba 3.x is that it looks like major development work 
is stopped on it.     However, from what I can tell, it is NOT easy to 
tie Samba 4 into an existing LDAP structure.








On 05/22/14 11:22, Steve Campbell wrote:
> When I started considering Samba, the main objective was to have a way 
> for our users to log into something and map the shares they required 
> based on their group (departmental) needs. As I asked more questions, 
> most recommended AD as this would allow the administrator to manage 
> these users.
>
> Now that I find I'll probably need VMs to handle the AD/DC and the 
> shares because I only have two servers to work with, I have to ask:
>
> Is there another way I can accomplish this without AD and Samba4?
>
> Managing users is not a big deal for me as I admin our mail servers, 
> and every email account gets a Linux user account. There are plenty of 
> tools to deal with account management - I use Webmin. But I'm retiring 
> in a few months, and I have to pass on the Linux responsibilities to a 
> new person, and Samba user management is all new to us here.
>
> The main problem is still how to have users log on to their machine 
> and have their drives mapped to the shares without user intervention.
>
> Clues?
>
> steve campbell

2014-05-22 17:22 GMT+02:00 Steve Campbell <campbell at cnpapers.com>:
> When I started considering Samba, the main objective was to have a way for
> our users to log into something and map the shares they required based on
> their group (departmental) needs. As I asked more questions, most
> recommended AD as this would allow the administrator to manage these users.
>
> Now that I find I'll probably need VMs to handle the AD/DC and the
shares
> because I only have two servers to work with, I have to ask:
>
> Is there another way I can accomplish this without AD and Samba4?
>
>
To get to know Smaba4 you can setup a workstation Windows or Linux, install
Oracle's VirtualBox and setup your first Samba4 ADDC.....
Before every change in configuration take a snapshot and return to this
snapshot when something went wrong.

You can also setup a virtual machine as Windows client and manage Samba4
from that client.

Best regards,
Marcel de Reuver