Lin Pro
2017-Mar-08 22:17 UTC
[Samba] Standalone Samba in a Win2008 DC environment, transition to samba
There is a network with windows 2008 AD DC and about 9 workstations plus some printers. The plan is to decomission the Win 2008 DC and reuse the hardware for other purposes at a later time (may be a samba AD DC, not important now). Samba Standalone is to take the role of a File and Print Server in this existing network. Questions: 1. Can Samba 4.5 "standalone" be started temporarily in parallel with Win DC so that workstations can "see" it and copy files to the samba server? (there are no plans to join the Win DC domain with samba standalone). 2. The workstations are a mix of windows 7, 8, 8.1 and 10. Wil they "see" the standalone server while still being under the Win DC control? 3. Do the workstations have to somehow "leave" the Windows AD DC first in order to start using the standalone samba server? If yes then how one does do that? Thanks for any hints best regards linforpros
Marc Muehlfeld
2017-Mar-09 19:39 UTC
[Samba] Standalone Samba in a Win2008 DC environment, transition to samba
Hello, Am 08.03.2017 um 23:17 schrieb Lin Pro via samba:> Questions: > 1. Can Samba 4.5 "standalone" be started temporarily in parallel with > Win DC so that workstations can "see" it and copy files to the samba > server? (there are no plans to join the Win DC domain with samba > standalone).Not just temporarily. You can have multiple standalone servers, AD DCs, NT domains, and clients in the same network, as long as all host and domain names are unique. Of course you can access hosts outside your domain, too. As long as the user an account on the host or in the foreign domain. Guest access without authentication is of course also possible, if configured. Of course, the user in your domain is in the background different to the user on the standalone host. This means, if you change your password in the domain, the one on the standalone host is still the same. And users are only able to change the password from Windows in the domain they are part of.> 2. The workstations are a mix of windows 7, 8, 8.1 and 10. Wil they > "see" the standalone server while still being under the Win DC > control?Sure. See question 1.> 3. Do the workstations have to somehow "leave" the Windows AD DC first > in order to start using the standalone samba server? If yes then how > one does do that?No. Just access/map the share using an Samba account that exists on the standalone host (if you don't allow anonymous access). You can access/map the share the usual way: \\server\share Regards, Marc
Lin Pro
2017-Mar-10 17:41 UTC
[Samba] Standalone Samba in a Win2008 DC environment, transition to samba
Hi All, It is unclear to me what group membership should \\server\users (or /srv/samba/users) get if it is planned to be ina standalone role... and using only POSIX ACLs. The relevant wiki instructions are stating: "Create the directory and set the correct permissions: # mkdir -p /srv/samba/users/ # chgrp -R "Domain Users" /srv/samba/users/ # chmod 2750 /srv/samba/users/" But there is a hidden assuption in the above that it is AD DC - "Domain Users". Or may be I should just create a linux group by that name or any other name and add all the future users to that group? In the back of my head I may consider converting this standalone srv into a Domain Member. Do you have an advice what to do in this case? Besides: groupadd "Domain Users" produces a warning - not a valid group name Lin best regards linforpros
Reasonably Related Threads
- Standalone Samba in a Win2008 DC environment, transition to samba
- Standalone Samba in a Win2008 DC environment, transition to samba
- Error in https://wiki.samba.org/index.php/User_Home_Folders
- security = user: how to log-off from windows workstation
- Setting Win ACLs via Comp Managment, connection to Member Server warning