Hi there, Has anyone tried to configure a NAS server to authenticate users using a Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server? I'm evaluating replacing some Linux file server for a NAS product, but all them make me nervous when the vendor talks about "Active Directory support" and nothing else. In theory, many NASes are Linux boxes running samba, so there shouldn't be a problem, except if the web admin interface won't support a samba DC setup and I won't have SSH access to configure the NAS samba myself. So I'm asking if someone there has had any real experience, be it using Fedora, CentOS or RHEL as the Samba3 PDC or Samba4 DC. PS: I'm cross-posting because I asked before on the samba mailing list and nobody cared to answer. Or nobody has had any real experience. I'm hoing many sysadmins on the Fedora list also works on companies with RHEL or CentOS and had a real experience to share. []s, Fernando Lozano
On Wed, Jul 10, 2013 at 8:44 PM, Fernando Lozano <fernando at lozano.eti.br> wrote:> Hi there, > > Has anyone tried to configure a NAS server to authenticate users using a > Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server?not in a while, but I have done a samba 3 DC> I'm evaluating replacing some Linux file server for a NAS product, but > all them make me nervous when the vendor talks about "Active Directory > support" and nothing else.if 3rd party support is your concern, why are you using fedora instead of RHEL?> In theory, many NASes are Linux boxes running samba, so there shouldn't > be a problem, except if the web admin interface won't support a samba DC > setup and I won't have SSH access to configure the NAS samba myself.a cheaper nas will probably use samba, but not all NASs do. there are several commercial SMB/CIFS implementation out there.
Hi Fernando I have a site that runs 2 trusted domain PDC's across a OpenVPN link. At one end there is a (older) Buffalo Terrastation NAS. The NAS quite happily authenticates etc both sets of domain users. It has the option of Workgroup, NT Domain or AD. I use NT Domain. The PDC's run on Debian GNU/Linux 6.0.5 (squeeze) Samba 3.56. I use idmap_tdb winbind of course. This really is an evolving thing here. There are a few issues that likewise I have had no response to list questions over. Am happy to elaborate if you need more info. Bob On 11/07/13 11:44, Fernando Lozano wrote:> Hi there, > > Has anyone tried to configure a NAS server to authenticate users using a > Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server? >
I've had experience with a Western Digital "MyBook Live DUO", and it does NOT support any type of network authentication. Users must be created and deleted on that device. --- CONFIDENTIALITY WARNING: Pseudo-legal disclaimers do not buy you or your employer any legal recourse for leaked information. E-mail messages should never contain privileged or confidential information. Always treat e-mail as "public". -----Original Message----- From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] On Behalf Of Fernando Lozano Sent: Wednesday, July 10, 2013 8:45 PM To: users at lists.fedoraproject.org; samba at lists.samba.org Subject: [Samba] About NAS versus Samba Hi there, Has anyone tried to configure a NAS server to authenticate users using a Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server? I'm evaluating replacing some Linux file server for a NAS product, but all them make me nervous when the vendor talks about "Active Directory support" and nothing else. In theory, many NASes are Linux boxes running samba, so there shouldn't be a problem, except if the web admin interface won't support a samba DC setup and I won't have SSH access to configure the NAS samba myself. So I'm asking if someone there has had any real experience, be it using Fedora, CentOS or RHEL as the Samba3 PDC or Samba4 DC. PS: I'm cross-posting because I asked before on the samba mailing list and nobody cared to answer. Or nobody has had any real experience. I'm hoing many sysadmins on the Fedora list also works on companies with RHEL or CentOS and had a real experience to share. []s, Fernando Lozano -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Hi ! QNAP TurboNas (our model number is TS-EC1279U-RP) do successfully the trick. Joined as a member to our S4 AD, we use it as a cifs server in a mixed environnement. The server is ssh opened, and the configuration files (ex : smb.conf) could be modified by hand or by an automated script. We've linked it to our group creation and actually offer good and simple services. Cheers, ----------------------- *** Oliver
On Wed, Jul 10, 2013 at 9:44 PM, Fernando Lozano <fernando at lozano.eti.br> wrote:> Hi there, > > Has anyone tried to configure a NAS server to authenticate users using a > Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server?Given choices, I used NFS. Samba is great for cross compatibility, but CIFS is a very chatty protocol with some longstanding complexities leading to awkward access control in my experience. That said, I've built a render cluster with 200 nodes running a 40 TByte storage setup with Samba 3.x for the Windows clients and NFSv3 for the SuSE users. It worked much better than the commercially funded storage array. (Ran headlong into the 2 TByte storage size issue due to 32-bit fiber optic controllers, but split it into 4 10 TByte arays.) I also did the first published ports of Samba to SunOS 4.1.x, so I've done a *lot* of setups.> I'm evaluating replacing some Linux file server for a NAS product, but > all them make me nervous when the vendor talks about "Active Directory > support" and nothing else. > > In theory, many NASes are Linux boxes running samba, so there shouldn't > be a problem, except if the web admin interface won't support a samba DC > setup and I won't have SSH access to configure the NAS samba myself. > > So I'm asking if someone there has had any real experience, be it using > Fedora, CentOS or RHEL as the Samba3 PDC or Samba4 DC.More building them up from scartch as part of other services. For commercial NAS support, I've been dealing a lot with NetApp, which incorporates a lot of the mirroring and snapshots and high performance issues an off the shefl USB disk storage box won't have. Those do play nicely with Samba, AD, and usually NIS as well.> PS: I'm cross-posting because I asked before on the samba mailing list > and nobody cared to answer. Or nobody has had any real experience. I'm > hoing many sysadmins on the Fedora list also works on companies with > RHEL or CentOS and had a real experience to share. > > > []s, Fernando Lozano > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba