I don't see the following at https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller There is an 'order' of installation for an AD. Some things must come before others, some things can come when you may. Here is my take based on what I have learned over the past weeks: OS installation (listed for completeness, even though this is a 'dah' item). NTP time services CUPS (seems to go anywhere, though) Samba provisioning (this includes ldap and kerberos setup) DNS with DLZ Kerberos DHCP/DHCP6 Adjust Samba configuration Start Samba Do I have the order right? Have I left anything out? For a file server (which I have not tackled yet) it seems it would be: OS installation (listed for completeness, even though this is a 'dah' item). Static IP config (could be fixed MAC dhcp provisioning?) NTP time sync CUPS (seems to go anywhere, though) DNS entries on AD (automatic if MAC-based dhcp provisioning?) Adjust Samba configuration Start Samba Join Domain This sort of information at the beginning of the documentation would help a newbie to know what they are getting themselves into!
Yes, looks ok to me. And this is why i created scripts for install, this way you never forget to maintain the correct order. Only the member server.> Start Samba > Join DomainSwitch,> Join Domain > Start SambaGreetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Robert Moskowitz > Verzonden: vrijdag 4 september 2015 14:19 > Aan: sambalist > Onderwerp: [Samba] AD order of installation > > I don't see the following at > https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Con > troller > > There is an 'order' of installation for an AD. Some things must come > before others, some things can come when you may. Here is my take based > on what I have learned over the past weeks: > > OS installation (listed for completeness, even though this is a 'dah' > item). > NTP time services > CUPS (seems to go anywhere, though) > Samba provisioning (this includes ldap and kerberos setup) > DNS with DLZ > Kerberos > DHCP/DHCP6 > Adjust Samba configuration > Start Samba > > Do I have the order right? Have I left anything out? > > For a file server (which I have not tackled yet) it seems it would be: > > OS installation (listed for completeness, even though this is a 'dah' > item). > Static IP config (could be fixed MAC dhcp provisioning?) > NTP time sync > CUPS (seems to go anywhere, though) > DNS entries on AD (automatic if MAC-based dhcp provisioning?) > Adjust Samba configuration > Start Samba > Join Domain > > This sort of information at the beginning of the documentation would > help a newbie to know what they are getting themselves into! > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Unless you are specifying by IP, NTP isn't going to resolve with e.g. 0.pool.ntp.org if you don't have DNS running. Personal Experience. If you're using Samba's builtin DNS (I don't), then seems to me NTP should be last on your list. Of course, ntp can temporarily resolve using /etc/resolv.conf until you get your DNS running. My issue was mostly an order of startup versus order of installation. --Mark -----Original Message-----> To: sambalist <samba at lists.samba.org> > From: Robert Moskowitz <rgm at htt-consult.com> > Date: Fri, 4 Sep 2015 08:19:30 -0400 > Subject: [Samba] AD order of installation > > I don't see the following at > https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller > > There is an 'order' of installation for an AD. Some things must come > before others, some things can come when you may. Here is my take based > on what I have learned over the past weeks: > > OS installation (listed for completeness, even though this is a 'dah' item). > NTP time services > CUPS (seems to go anywhere, though) > Samba provisioning (this includes ldap and kerberos setup) > DNS with DLZ > Kerberos > DHCP/DHCP6 > Adjust Samba configuration > Start Samba > > Do I have the order right? Have I left anything out? > > For a file server (which I have not tackled yet) it seems it would be: > > OS installation (listed for completeness, even though this is a 'dah' item). > Static IP config (could be fixed MAC dhcp provisioning?) > NTP time sync > CUPS (seems to go anywhere, though) > DNS entries on AD (automatic if MAC-based dhcp provisioning?) > Adjust Samba configuration > Start Samba > Join Domain > > This sort of information at the beginning of the documentation would > help a newbie to know what they are getting themselves into! > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > From samba-bounces at lists.samba.org Fri Sep 4 08:25:56 2015 > Return-Path: <samba-bounces at lists.samba.org> > X-Virus-Status: Clean > X-Virus-Scanned: clamav-milter 0.98.6 at mail > DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.samba.org; s=78453942; > h=List-Id:Subject:Date:From:To; bh=Ct9pkpSJQJsva7R/VZzlT9U/2ttSltm5B1OQVSTucjY=; > b=r2JrQTR4mO1/qUbyd8Y0ABe/vbptQIwKLw9PK1kGWZjoXipEctjfAEMQoqNGqNDIGuS36H4jIEFXWo1OjD5SG6RG9vGPz/AaggiveroIb4DFwPpfvdK4kEAgKYV966EOMpRFaQAp1dzwoo7uF434+vdfJKy16YGdD3mhcFOMOX4=; > To: sambalist <samba at lists.samba.org> > From: Robert Moskowitz <rgm at htt-consult.com> > Date: Fri, 4 Sep 2015 08:19:30 -0400 > User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 > Thunderbird/38.1.0 > Subject: [Samba] AD order of installation > X-BeenThere: samba at lists.samba.org > X-Mailman-Version: 2.1.18 > Precedence: list > List-Id: General questions regarding Samba <samba.lists.samba.org> > List-Unsubscribe: <https://lists.samba.org/mailman/options/samba>, > <mailto:samba-request at lists.samba.org?subject=unsubscribe> > List-Archive: <http://lists.samba.org/pipermail/samba/> > List-Post: <mailto:samba at lists.samba.org> > List-Help: <mailto:samba-request at lists.samba.org?subject=help> > List-Subscribe: <https://lists.samba.org/mailman/listinfo/samba>, > <mailto:samba-request at lists.samba.org?subject=subscribe> > Content-Type: text/plain; charset="utf-8"; Format="flowed" > Errors-To: samba-bounces at lists.samba.org > Sender: "samba" <samba-bounces at lists.samba.org> > X-Spam-Status: No, score=0.0 required=3.0 tests=T_DKIM_INVALID, > T_RP_MATCHES_RCVD autolearn=ham version=3.3.2-_revision__1.14__ > X-Spam-Report: > * -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay > * domain > * 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid > X-Spam-Checker-Version: SpamAssassin 3.3.2-_revision__1.14__ (2011-06-06) on > mail.hprs.local > Status: R > > I don't see the following at > https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller > > There is an 'order' of installation for an AD. Some things must come > before others, some things can come when you may. Here is my take based > on what I have learned over the past weeks: > > OS installation (listed for completeness, even though this is a 'dah' item). > NTP time services > CUPS (seems to go anywhere, though) > Samba provisioning (this includes ldap and kerberos setup) > DNS with DLZ > Kerberos > DHCP/DHCP6 > Adjust Samba configuration > Start Samba > > Do I have the order right? Have I left anything out? > > For a file server (which I have not tackled yet) it seems it would be: > > OS installation (listed for completeness, even though this is a 'dah' item). > Static IP config (could be fixed MAC dhcp provisioning?) > NTP time sync > CUPS (seems to go anywhere, though) > DNS entries on AD (automatic if MAC-based dhcp provisioning?) > Adjust Samba configuration > Start Samba > Join Domain > > This sort of information at the beginning of the documentation would > help a newbie to know what they are getting themselves into! > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 09/04/2015 11:47 AM, Mark Foley wrote:> Unless you are specifying by IP, NTP isn't going to resolve with e.g. > 0.pool.ntp.org if you don't have DNS running. Personal Experience.Good point. As I run on an armv7 with no battery rtc, I have to get time sync going before doing practically anything. It much depends on how your system resolves before local DNS is running. Typically resolving works, or how would you get all the rpms or such installed before configuring them?> If you're using Samba's builtin DNS (I don't), then seems to me NTP should be > last on your list.Wiki says to have ntp for kerberos. So I think it needs to come before that.> Of course, ntp can temporarily resolve using /etc/resolv.conf until you get your > DNS running. My issue was mostly an order of startup versus order of installation.Way I expect things to work. Anyone documenting this on the wiki may want to expand on this :) thanks for your feedback.> > --Mark > > -----Original Message----- >> To: sambalist <samba at lists.samba.org> >> From: Robert Moskowitz <rgm at htt-consult.com> >> Date: Fri, 4 Sep 2015 08:19:30 -0400 >> Subject: [Samba] AD order of installation >> >> I don't see the following at >> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller >> >> There is an 'order' of installation for an AD. Some things must come >> before others, some things can come when you may. Here is my take based >> on what I have learned over the past weeks: >> >> OS installation (listed for completeness, even though this is a 'dah' item). >> NTP time services >> CUPS (seems to go anywhere, though) >> Samba provisioning (this includes ldap and kerberos setup) >> DNS with DLZ >> Kerberos >> DHCP/DHCP6 >> Adjust Samba configuration >> Start Samba >> >> Do I have the order right? Have I left anything out? >> >> For a file server (which I have not tackled yet) it seems it would be: >> >> OS installation (listed for completeness, even though this is a 'dah' item). >> Static IP config (could be fixed MAC dhcp provisioning?) >> NTP time sync >> CUPS (seems to go anywhere, though) >> DNS entries on AD (automatic if MAC-based dhcp provisioning?) >> Adjust Samba configuration >> Start Samba >> Join Domain >> >> This sort of information at the beginning of the documentation would >> help a newbie to know what they are getting themselves into! >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> From samba-bounces at lists.samba.org Fri Sep 4 08:25:56 2015 >> Return-Path: <samba-bounces at lists.samba.org> >> X-Virus-Status: Clean >> X-Virus-Scanned: clamav-milter 0.98.6 at mail >> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.samba.org; s=78453942; >> h=List-Id:Subject:Date:From:To; bh=Ct9pkpSJQJsva7R/VZzlT9U/2ttSltm5B1OQVSTucjY=; >> b=r2JrQTR4mO1/qUbyd8Y0ABe/vbptQIwKLw9PK1kGWZjoXipEctjfAEMQoqNGqNDIGuS36H4jIEFXWo1OjD5SG6RG9vGPz/AaggiveroIb4DFwPpfvdK4kEAgKYV966EOMpRFaQAp1dzwoo7uF434+vdfJKy16YGdD3mhcFOMOX4=; >> To: sambalist <samba at lists.samba.org> >> From: Robert Moskowitz <rgm at htt-consult.com> >> Date: Fri, 4 Sep 2015 08:19:30 -0400 >> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 >> Thunderbird/38.1.0 >> Subject: [Samba] AD order of installation >> X-BeenThere: samba at lists.samba.org >> X-Mailman-Version: 2.1.18 >> Precedence: list >> List-Id: General questions regarding Samba <samba.lists.samba.org> >> List-Unsubscribe: <https://lists.samba.org/mailman/options/samba>, >> <mailto:samba-request at lists.samba.org?subject=unsubscribe> >> List-Archive: <http://lists.samba.org/pipermail/samba/> >> List-Post: <mailto:samba at lists.samba.org> >> List-Help: <mailto:samba-request at lists.samba.org?subject=help> >> List-Subscribe: <https://lists.samba.org/mailman/listinfo/samba>, >> <mailto:samba-request at lists.samba.org?subject=subscribe> >> Content-Type: text/plain; charset="utf-8"; Format="flowed" >> Errors-To: samba-bounces at lists.samba.org >> Sender: "samba" <samba-bounces at lists.samba.org> >> X-Spam-Status: No, score=0.0 required=3.0 tests=T_DKIM_INVALID, >> T_RP_MATCHES_RCVD autolearn=ham version=3.3.2-_revision__1.14__ >> X-Spam-Report: >> * -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay >> * domain >> * 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid >> X-Spam-Checker-Version: SpamAssassin 3.3.2-_revision__1.14__ (2011-06-06) on >> mail.hprs.local >> Status: R >> >> I don't see the following at >> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller >> >> There is an 'order' of installation for an AD. Some things must come >> before others, some things can come when you may. Here is my take based >> on what I have learned over the past weeks: >> >> OS installation (listed for completeness, even though this is a 'dah' item). >> NTP time services >> CUPS (seems to go anywhere, though) >> Samba provisioning (this includes ldap and kerberos setup) >> DNS with DLZ >> Kerberos >> DHCP/DHCP6 >> Adjust Samba configuration >> Start Samba >> >> Do I have the order right? Have I left anything out? >> >> For a file server (which I have not tackled yet) it seems it would be: >> >> OS installation (listed for completeness, even though this is a 'dah' item). >> Static IP config (could be fixed MAC dhcp provisioning?) >> NTP time sync >> CUPS (seems to go anywhere, though) >> DNS entries on AD (automatic if MAC-based dhcp provisioning?) >> Adjust Samba configuration >> Start Samba >> Join Domain >> >> This sort of information at the beginning of the documentation would >> help a newbie to know what they are getting themselves into! >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >>