When I started considering Samba, the main objective was to have a way for our users to log into something and map the shares they required based on their group (departmental) needs. As I asked more questions, most recommended AD as this would allow the administrator to manage these users. Now that I find I'll probably need VMs to handle the AD/DC and the shares because I only have two servers to work with, I have to ask: Is there another way I can accomplish this without AD and Samba4? Managing users is not a big deal for me as I admin our mail servers, and every email account gets a Linux user account. There are plenty of tools to deal with account management - I use Webmin. But I'm retiring in a few months, and I have to pass on the Linux responsibilities to a new person, and Samba user management is all new to us here. The main problem is still how to have users log on to their machine and have their drives mapped to the shares without user intervention. Clues? steve campbell
On 2014-05-22 17:22, Steve Campbell wrote:> But I'm retiring in a > few months, and I have to pass on the Linux responsibilities to a new > person, and Samba user management is all new to us here.AD is standard procedure everywhere for over a decade now, VMs aren't that much younger either. So whatever new guys you hire, they'll probably be more familiar with the new setup than whatever you have now.> The main problem is still how to have users log on to their machine > and have their drives mapped to the shares without user intervention.Just put a batch file in autostart, as long as you have a way to tell what department those users are in. If you want to centrally manage users, there's no practicable way around an LDAP/NT domain (samba 3) or an Active Directory (samba 4). -- Mit freundlichen Gr??en, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167 http://software.tao.at -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 665 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20140522/af9f4145/attachment.pgp>
It depends on the size of your location and the clients in question. Assuming , when talking about mapping shares, you mean from Windows clients. If you have more than 5 windows workstations, the Windows workgroup approach (i.e. no centralized accounts) is a pain to manage. The domain approach with a domain controller is usually the way to go. A Windows domain controller can be a Windows 200x Active Directory Domain Controller, as Samba 4 domain controller (which mimics a Windows 200x DC) or a Samba 3.x DC (with is more like a NT4 DC.) I have been running Samba 3.x at my location for several years. I am using an LDAP backend, and this is the same LDAP backend that is used for authenticating Linux workstations and other services. If you have an existing LDAP infrastructure I would look at Samba 3.x The big downside of Samba 3.x is that it looks like major development work is stopped on it. However, from what I can tell, it is NOT easy to tie Samba 4 into an existing LDAP structure. On 05/22/14 11:22, Steve Campbell wrote:> When I started considering Samba, the main objective was to have a way > for our users to log into something and map the shares they required > based on their group (departmental) needs. As I asked more questions, > most recommended AD as this would allow the administrator to manage > these users. > > Now that I find I'll probably need VMs to handle the AD/DC and the > shares because I only have two servers to work with, I have to ask: > > Is there another way I can accomplish this without AD and Samba4? > > Managing users is not a big deal for me as I admin our mail servers, > and every email account gets a Linux user account. There are plenty of > tools to deal with account management - I use Webmin. But I'm retiring > in a few months, and I have to pass on the Linux responsibilities to a > new person, and Samba user management is all new to us here. > > The main problem is still how to have users log on to their machine > and have their drives mapped to the shares without user intervention. > > Clues? > > steve campbell
Marcel de Reuver
2014-May-22 15:39 UTC
[Samba] I've gone full circle now, let's start over
2014-05-22 17:22 GMT+02:00 Steve Campbell <campbell at cnpapers.com>:> When I started considering Samba, the main objective was to have a way for > our users to log into something and map the shares they required based on > their group (departmental) needs. As I asked more questions, most > recommended AD as this would allow the administrator to manage these users. > > Now that I find I'll probably need VMs to handle the AD/DC and the shares > because I only have two servers to work with, I have to ask: > > Is there another way I can accomplish this without AD and Samba4? > >To get to know Smaba4 you can setup a workstation Windows or Linux, install Oracle's VirtualBox and setup your first Samba4 ADDC..... Before every change in configuration take a snapshot and return to this snapshot when something went wrong. You can also setup a virtual machine as Windows client and manage Samba4 from that client. Best regards, Marcel de Reuver
Apparently Analagous Threads
- Memory leak in samba-ad-dc on 4.5.x not related to aio?
- Server GC/name.dom/dom is not registered with our KDC: Miscellaneous failure (see text): Server (GC/name/dom@DOM) unknown
- Winbind error "Could not fetch our SID - did we join?"
- SysVol questions
- Samba 4 and Debian