I'm interested in using samba4 in a production environment that has multiple locations tied together via a WAN. In order to do so I need to figure out what is the absolute most stable and supported path. I found this email thread here stating samba4 ad roles, and file server roles should be on separate servers. https://groups.google.com/forum/#!topic/mailing.unix.samba/QySoM_uGGL8 Can anyone answer is this still the case? In addition I've been noticing that sysvol replication is not officially supported and third party tools such as rsync can be used as a work around. So I think I would ultimately like each location to have it's own standalone PDC or just member servers of the PDC. My question is are trust relationships working between samba 4 and samba4 servers yet? I've been reading that trust relationships are one way only does this apply to samba servers only talking to eachother as well? Could one user from one location log in at another location and so on this way? Is this just a bad idea altogether right now? If the above is not possible would joining file servers as member servers only prove to be the best way forward until these features are implimented? Thanks in advance for any help or advice you may be able to provide. Joe Maloney
Dear Joe, No one had write a complete one yet. But you can check on this link on the Picture. https://wiki.samba.org/index.php/Samba_CTDB_GPFS_Cluster_HowTo You should a small AD Dc server like that maybe 2 just to be safe. Than only the share will be serve by the samba ctdb cluster with cluster files system Or you files sharing server. However in over wan. I would suggest that the wan location with multi user have a samba Read only DC. Rsync is a good tools for sysvol. You can setup a 5 mins sync if you need high level synchronization. I don't have any knowledge about the trust. Can't help you there. Regards, Chan Min Wai> Joe Maloney <jmaloney at pcbsd.org> ? 09/02/2014 4:46 PG ??? > > I'm interested in using samba4 in a production environment that has > multiple locations tied together via a WAN. In order to do so I need to > figure out what is the absolute most stable and supported path. > > > I found this email thread here stating samba4 ad roles, and file server > roles should be on separate servers. > > > https://groups.google.com/forum/#!topic/mailing.unix.samba/QySoM_uGGL8 > > > Can anyone answer is this still the case? > > > In addition I've been noticing that sysvol replication is not officially > supported and third party tools such as rsync can be used as a work > around. So I think I would ultimately like each location to have it's own > standalone PDC or just member servers of the PDC. > > > My question is are trust relationships working between samba 4 and samba4 > servers yet? I've been reading that trust relationships are one way only > does this apply to samba servers only talking to eachother as well? Could > one user from one location log in at another location and so on this way? > Is this just a bad idea altogether right now? > > > If the above is not possible would joining file servers as member servers > only prove to be the best way forward until these features are > implimented? Thanks in advance for any help or advice you may be able to > provide. > > > Joe Maloney > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
On Sat, 2014-02-08 at 14:46 -0600, Joe Maloney wrote:> I'm interested in using samba4 in a production environment that has > multiple locations tied together via a WAN. In order to do so I need to > figure out what is the absolute most stable and supported path. > > > I found this email thread here stating samba4 ad roles, and file server > roles should be on separate servers. > > > https://groups.google.com/forum/#!topic/mailing.unix.samba/QySoM_uGGL8 > > > Can anyone answer is this still the case? > > > In addition I've been noticing that sysvol replication is not officially > supported and third party tools such as rsync can be used as a work > around. So I think I would ultimately like each location to have it's own > standalone PDC or just member servers of the PDC.Your language is a bit confusing. Each location should have at least one DC (depending on the size of the location), and if possible a separate file server.> My question is are trust relationships working between samba 4 and samba4 > servers yet? I've been reading that trust relationships are one way only > does this apply to samba servers only talking to eachother as well? Could > one user from one location log in at another location and so on this way? > Is this just a bad idea altogether right now?This refers to trusts between different DOMAINS or REALMS, not between servers in the domain, which is fully functional.> If the above is not possible would joining file servers as member servers > only prove to be the best way forward until these features are > implimented? Thanks in advance for any help or advice you may be able to > provide.Your file severs should be joined as a member server. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba