Le 17/03/2015 11:54, Sven Schwedas a ?crit :> Okay, let's recap: > > ? Old hardware with low RAM and no VT-x/AMD-V support > (It's an x86 box with some Linux, right?) > ? You have an existing domain > ? And you want to add an DC on a second site to it > > Anything else you should have told us the first mail so nobody's time is > wasted with suggestions that you already know beforehand to not work? > E.g., already having evaluated winbind offline logon to attempt and > solve this?Well, if you carefully read the first email, you'll see a precise question that asks for any special configuration to take in order to be able to run two instances of samba on the same box using a chroot. No question about "does this provide enhanced security", "is there any other option", "is my hardware high enough", "is it a good idea to let people work during a network outage", simply, "is it feasible/are there any caveat" According to documentation, winbind offline logon is only used with pam_winbind, that why it has been left apart (moreover it won't be able to let users not in cache to access files and there is no doc about cache lifetime, size, etc.)
> "is it feasible/are there any caveat"Baseline is: not feasible. The baseline is: only one samba per box. You need to different IPs, which operate independently from each other, as You can't move the ports, where Your daemons are listening. You would also need different daemons listening on these two IPs. Even if this was possible, You would not find someone having done it here. It is against all the recommendations, and this hacked installation is likely to be not manageable. It is that far away from the ordinary use case, that I would advise to think for some different way to achive Your goal. Whatever it was (as we don't have gotten it by now...). - Peter
On 17/03/2015 11:40, Peter Serbe wrote:>> "is it feasible/are there any caveat" > Baseline is: not feasible. > The baseline is: only one samba per box. > You need to different IPs, which operate > independently from each other, as You can't > move the ports, where Your daemons are listening. > You would also need different daemons listening > on these two IPs. > > Even if this was possible,Which it clearly is, using containers. --
Le 17/03/2015 12:40, Peter Serbe a ?crit :>> "is it feasible/are there any caveat" > Baseline is: not feasible. > The baseline is: only one samba per box. > You need to different IPs, which operate > independently from each other, as You can't > move the ports, where Your daemons are listening. > You would also need different daemons listening > on these two IPs.So even with two interfaces and bind interfaces only you cannot do it? Sad> Even if this was possible, You would not find > someone having done it here. It is against all > the recommendations, and this hacked installation > is likely to be not manageable. It is that far > away from the ordinary use case, that I would > advise to think for some different way to achive > Your goal. Whatever it was (as we don't have > gotten it by now...).Well? Having a VM just to split the DC from the file server seems a little overkill, so I guess I'll have to switch to Samba 4.2 in order to have a usable winbindd on the DC Regards,