Hi, We've been having lots of issues with our Linux based Samba servers since the Windows domains have migrated to AD. We were hoping and expecting that, at least in the short term, we could run in "mixed" mode and not have to make any changes to our Samba servers. However, things just aren't working well. Also, I've posted several issues to this list over the last several weeks and many of the issues I've encountered have gone unresolved. So, the question(s) I have is what is the recommended/suggested Samba version and configuration we should consider deploying in an infrastructure running with Windows 2003 servers and AD? We are running primarily RedHat 9 and RedHat ES 30 and a majority of our Samba servers are currently running 3.0.7 with some running 2.2.7a, (both of which are RedHat's distributions). We've had all kinds of problems varying from intermittent "password server not available" issues, to smbd locking up and most recently having problems changing a server from server to domain security style. Interestingly, (or maybe not), none of these problems existed prior to the AD upgrades........ I'm considering making an effort to go full ads mode on the samba servers, however, I've also seen that others have had issues doing this. I'm open to suggestions. Thanks, -John
On Wed, 2005-01-05 at 23:21 -0500, john.debella@teradyne.com wrote:> Hi, > > We've been having lots of issues with our Linux based Samba servers since > the Windows domains have migrated to AD. We were hoping and expecting > that, at least in the short term, we could run in "mixed" mode and not > have to make any changes to our Samba servers. However, things just aren't > working well. Also, I've posted several issues to this list over the last > several weeks and many of the issues I've encountered have gone > unresolved. > > So, the question(s) I have is what is the recommended/suggested Samba > version and configuration we should consider deploying in an > infrastructure running with Windows 2003 servers and AD? We are running > primarily RedHat 9 and RedHat ES 30 and a majority of our Samba servers > are currently running 3.0.7 with some running 2.2.7a, (both of which are > RedHat's distributions). We've had all kinds of problems varying from > intermittent "password server not available" issues, to smbd locking up > and most recently having problems changing a server from server to domain > security style. Interestingly, (or maybe not), none of these problems > existed prior to the AD upgrades........ > > I'm considering making an effort to go full ads mode on the samba servers, > however, I've also seen that others have had issues doing this. > > I'm open to suggestions.You must make sure you use MIT Kerberos v1.3.4+ (1.3.[0|1|2|3] seemed intermittent to me). Winbind... this is the pivotal piece that needs to work properly. If everything else fails except winbind, thats a wonderful start. If everything works except for winbind, that will be an uphill battle, at least it has been for me doing remote samba installs where I have to rely on others to "fix" W2K3 domains and perms and such. Most of the time they fudge it up... or don't really trust Samba due to it being "Shareware" (yes I know it isn't) Work on getting a simple test environ (if possible) and try Samba in full ADS mode. (no mixed mode) Hammer it and make it work. Then apply your knowledge to a limited production server. The deploy once all the "issues" are resolved. I also want to heavily suggest samba 3.0.8 or after... really 3.0.10 as of now. -- greg, greg@gregfolkert.net The technology that is Stronger, better, faster: Linux -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20050106/5217de57/attachment.bin
John, Just last month we setup a AD network with Samba 3.0.10 on Solaris 8 & 9 and it worked the first time! I didn't have anything to do with setting up AD but I was responsible for samba. I installed the MIT Kerberos 1.3.5 libraries, built Samba 3.0.10 with --with-ads. Worked excellantly :-)) spike john.debella@teradyne.com wrote:> Hi, > > We've been having lots of issues with our Linux based Samba servers since > the Windows domains have migrated to AD. We were hoping and expecting > that, at least in the short term, we could run in "mixed" mode and not > have to make any changes to our Samba servers. However, things just aren't > working well. Also, I've posted several issues to this list over the last > several weeks and many of the issues I've encountered have gone > unresolved. > > So, the question(s) I have is what is the recommended/suggested Samba > version and configuration we should consider deploying in an > infrastructure running with Windows 2003 servers and AD? We are running > primarily RedHat 9 and RedHat ES 30 and a majority of our Samba servers > are currently running 3.0.7 with some running 2.2.7a, (both of which are > RedHat's distributions). We've had all kinds of problems varying from > intermittent "password server not available" issues, to smbd locking up > and most recently having problems changing a server from server to domain > security style. Interestingly, (or maybe not), none of these problems > existed prior to the AD upgrades........ > > I'm considering making an effort to go full ads mode on the samba servers, > however, I've also seen that others have had issues doing this. > > I'm open to suggestions. > > Thanks, > -John > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba