On Sun, 2021-10-24 at 12:07 -0700, Gregory Sloop via samba
wrote:> > On Sun, 2021-10-24 at 09:03 +0100, Rowland Penny via samba wrote:
> > > On Sun, 2021-10-24 at 03:37 -0400, Eric Levy via samba wrote:
> > > > On Sun, 2021-10-24 at 20:35 +1300, Andrew Bartlett wrote:
> > > > > On Sun, 2021-10-24 at 03:23 -0400, Eric Levy via samba
wrote:
> > > > > > Right, so coming full circle to my opening
comments, we
> > > > > > have a
> > > > > > case
> > > > > > that is not supported internally by Samba, and I
wish to
> > > > > > inquire
> > > > > > about
> > > > > > enthusiasm for keeping open any possibility for
considering
> > > > > > such
> > > > > > support in future development.
> > > > > I don't have any enthusiasm for host-based (rather
than user
> > > > > based)
> > > > > authentication, if that is what you mean, but do
suggest a
> > > > > way,
> > > > > without
> > > > > changing Samba, that you could achive your goal.
> > > > > Other remote file systems may offer host-based
> > > > > authentication.
> > > > > Andrew,
> > > > I am not sure what you mean.
> > > I think Andrew is saying that Samba has no real interest in
> > > creating
> > > the set up that you seem to require, but you may find another
> > > tool
> > > that
> > > does, but I will not hold my breath whilst you search for it.
> > > Rowland
> > I did not understand the reference to host-based authentication.
>
> Eric.
>
> My two cents, after reading some of the thread...
>
> I've not carefully read this thread, but I think in general I
> understand the issues - and while I'm at a different place in life
> (where money isn't as scarce as it once was - yet I'm far from
rich)
> I think you're really complaining about a trivial cost.
>
> Almost any C2D or i3/i5 machine can act as a DC.
> Even better is a machine with a bit more oomph and run something like
> Xen/XCP and run your DC in a VM. (You can test with other VM's or run
> additional stuff without buying yet more hardware.)
>
> But all that said - you're avoiding running a DC because you'd have
> to buy more hardware. And you kind of take the stance that someone
> else should spend a substantial amount of time finding you an easy
> way to do this.
>
> Yet, a used Dell/HP/Compaq machine is probably easily less than $200.
> (At least here in the US, I've gotten Optiplex 7010's for <$100.
I
> assume you're not in some 3rd world country with terribly limited
> access to decent hardware. Outside of that, I think used hardware
> should be pretty trivially available. Heck, you could run a DC on a
> RaspPi - though I think that's muts.)
I think you mean 'nuts' :-D
If you do, then I must be a double nut, I run two rpi4's with a DC on
each (less electric). I wouldn't use them for a large business, but
they are ideal for my small home test domain.
>
> So, for <$200, you're asking others to spend a lot of time walking
> you through an "alternate" solution. (An alternate that ALREADY
has a
> very good solution in a DC.)
> I don't know exactly how much time has been expended in just this
> thread so far, but at any professional rate of pay, I'd nearly
> guarantee that $200 in time has already been expended.)
>
> To say it kind of bluntly; You're effectively expending other
> people's $200 (in time), so you can avoid it yourself. (Whether the
> cost, the hassle, or whatever...)
> And to me, that doesn't feel very equitable or reasonable.
>
> There are probably other ways to do what you want, but, by far, the
> best way already exists - and it's a DC. You'll spend a ton of time
> trying to re-create the wheel, and why do that? (Likely smarter
> people than you and I have spent a ton of time considering the
> problem, and the DC is the solution that's the best so far. You're
> not likely to come up with something better. And it certainly will
> cost more than the cost of the hardware you want to avoid buying - so
> it will be more costly and likely a worse solution too!)
>
> If I were to recommend something - a Dell Precision T3610 (Xeon QC) -
> ECC RAM is super cheap. Toss a regular 500G SSD in it. Run XCP-NG on
> it and you'll have an awesome test-bed where you co do all sorts of
> tinkering. You can make snapshots so if you screw things up, you can
> roll back in seconds etc. I'd guess you'd find a lot of utility in
> it. It will probably cost more than $200, but probably not a lot, if
> you're careful and patient.
>
> Cheers!
>
There are numerous ways of running a Samba DC, but the OP seems fixated
with not running a DC, even if means more work.
Rowland