samba - May 2015 - Secondary DC as fileserver within VirtualBox

Hi,

I setup a secondary DC to server as a fileserver for testing purposes. The
DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox.
The DC OS also runs Fedora 21 x64.

The smb.conf follows:
[global]
	workgroup = BPDNET
	realm = ad.blackpenguin.org
	netbios name = DCBACKUP
	server role = active directory domain controller
	vfs objects = acl_xattr
	map acl inherit = Yes
	store dos attributes = Yes
[netlogon]
	path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts
	read only = No
[sysvol]
	path = /usr/local/samba/var/locks/sysvol
	read only = No
[images]
    path = /home/data/images
    read only = No

The filesystem on the DC is set with ACLs:
/dev/mapper/fedora--server-home /home                   ext4   
user_xattr,acl,barrier=1        1 1

The /home/data folder is a machine shared folder via VirtualBox. The
underlying Linux OS does not have ACLs enabled. I noticed that I cannot
change any rights on any folder created under /home/data. Has anyone tried
anything similar to this? I'm only concerned about the share security.

The reason to implement this is to try the setup. My primary domain
controller works just perfectly - it is a physical machine, but my secondary
DC has to be virtual and has to be able to do storage. However the share
resource cannot be on the virtual machine since this will accommodate
hundreds of gigs and the VM cannot and should not grow to that size.



--
View this message in context:
http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-VirtualBox-tp4685846.html
Sent from the Samba - General mailing list archive at Nabble.com.

Hello,
So what?-- my secondary DC has to be virtual and has to be able to do
storage!
But?-- my secondary DC has to be virtual and has to be able to do storage
This could only be solved  by a third machine  serving the storage!
So why  not a samba4 fileserver with enough storage? And no second DC!


Greetings
Daniel



EDV Daniel M?ller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 T?bingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de 



-----Urspr?ngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
Im
Auftrag von bogdan_bartos
Gesendet: Dienstag, 12. Mai 2015 05:03
An: samba at lists.samba.org
Betreff: [Samba] Secondary DC as fileserver within VirtualBox

Hi,

I setup a secondary DC to server as a fileserver for testing purposes. The
DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox.
The DC OS also runs Fedora 21 x64.

The smb.conf follows:
[global]
	workgroup = BPDNET
	realm = ad.blackpenguin.org
	netbios name = DCBACKUP
	server role = active directory domain controller
	vfs objects = acl_xattr
	map acl inherit = Yes
	store dos attributes = Yes
[netlogon]
	path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts
	read only = No
[sysvol]
	path = /usr/local/samba/var/locks/sysvol
	read only = No
[images]
    path = /home/data/images
    read only = No

The filesystem on the DC is set with ACLs:
/dev/mapper/fedora--server-home /home                   ext4   
user_xattr,acl,barrier=1        1 1

The /home/data folder is a machine shared folder via VirtualBox. The
underlying Linux OS does not have ACLs enabled. I noticed that I cannot
change any rights on any folder created under /home/data. Has anyone tried
anything similar to this? I'm only concerned about the share security.

The reason to implement this is to try the setup. My primary domain
controller works just perfectly - it is a physical machine, but my secondary
DC has to be virtual and has to be able to do storage. my secondary DC has
to be virtual and has to be able to do storage.



--
View this message in context:
http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-Virtual
Box-tp4685846.html
Sent from the Samba - General mailing list archive at Nabble.com.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

On 12/05/15 09:49, Daniel M?ller wrote:
> Hello,
> So what?-- my secondary DC has to be virtual and has to be able to do
> storage!
> But?-- my secondary DC has to be virtual and has to be able to do storage
> This could only be solved  by a third machine  serving the storage!
> So why  not a samba4 fileserver with enough storage? And no second DC!
>
>
> Greetings
> Daniel
>
>
>
> EDV Daniel M?ller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 T?bingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
>
>
> -----Urspr?ngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at
lists.samba.org] Im
> Auftrag von bogdan_bartos
> Gesendet: Dienstag, 12. Mai 2015 05:03
> An: samba at lists.samba.org
> Betreff: [Samba] Secondary DC as fileserver within VirtualBox
>
> Hi,
>
> I setup a secondary DC to server as a fileserver for testing purposes. The
> DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox.
> The DC OS also runs Fedora 21 x64.
>
> The smb.conf follows:
> [global]
> 	workgroup = BPDNET
> 	realm = ad.blackpenguin.org
> 	netbios name = DCBACKUP
> 	server role = active directory domain controller
> 	vfs objects = acl_xattr
> 	map acl inherit = Yes
> 	store dos attributes = Yes
> [netlogon]
> 	path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts
> 	read only = No
> [sysvol]
> 	path = /usr/local/samba/var/locks/sysvol
> 	read only = No
> [images]
>      path = /home/data/images
>      read only = No
>
> The filesystem on the DC is set with ACLs:
> /dev/mapper/fedora--server-home /home                   ext4
> user_xattr,acl,barrier=1        1 1
>
> The /home/data folder is a machine shared folder via VirtualBox. The
> underlying Linux OS does not have ACLs enabled. I noticed that I cannot
> change any rights on any folder created under /home/data. Has anyone tried
> anything similar to this? I'm only concerned about the share security.
>
> The reason to implement this is to try the setup. My primary domain
> controller works just perfectly - it is a physical machine, but my
secondary
> DC has to be virtual and has to be able to do storage. my secondary DC has
> to be virtual and has to be able to do storage.
>
>
>
> --
> View this message in context:
>
http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-Virtual
> Box-tp4685846.html
> Sent from the Samba - General mailing list archive at Nabble.com.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
Or better still,

First machine, AD DC
second machine as member server with the second DC in VM

Rowland

That is exactly the application - to avoid another machine in the 
future. It does need to be a DC with virtual storage.

On 12/05/15 02:49 AM, Daniel M?ller wrote:
> Hello,
> So what?-- my secondary DC has to be virtual and has to be able to do
> storage!
> But?-- my secondary DC has to be virtual and has to be able to do storage
> This could only be solved  by a third machine  serving the storage!
> So why  not a samba4 fileserver with enough storage? And no second DC!
>
>
> Greetings
> Daniel
>
>
>
> EDV Daniel M?ller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 T?bingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
>
>
> -----Urspr?ngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at
lists.samba.org] Im
> Auftrag von bogdan_bartos
> Gesendet: Dienstag, 12. Mai 2015 05:03
> An: samba at lists.samba.org
> Betreff: [Samba] Secondary DC as fileserver within VirtualBox
>
> Hi,
>
> I setup a secondary DC to server as a fileserver for testing purposes. The
> DC (DCBACKUP) in question runs on top of a Fedora 21 x64 with VirtualBox.
> The DC OS also runs Fedora 21 x64.
>
> The smb.conf follows:
> [global]
> 	workgroup = BPDNET
> 	realm = ad.blackpenguin.org
> 	netbios name = DCBACKUP
> 	server role = active directory domain controller
> 	vfs objects = acl_xattr
> 	map acl inherit = Yes
> 	store dos attributes = Yes
> [netlogon]
> 	path = /usr/local/samba/var/locks/sysvol/ad.blackpenguin.org/scripts
> 	read only = No
> [sysvol]
> 	path = /usr/local/samba/var/locks/sysvol
> 	read only = No
> [images]
>      path = /home/data/images
>      read only = No
>
> The filesystem on the DC is set with ACLs:
> /dev/mapper/fedora--server-home /home                   ext4
> user_xattr,acl,barrier=1        1 1
>
> The /home/data folder is a machine shared folder via VirtualBox. The
> underlying Linux OS does not have ACLs enabled. I noticed that I cannot
> change any rights on any folder created under /home/data. Has anyone tried
> anything similar to this? I'm only concerned about the share security.
>
> The reason to implement this is to try the setup. My primary domain
> controller works just perfectly - it is a physical machine, but my
secondary
> DC has to be virtual and has to be able to do storage. my secondary DC has
> to be virtual and has to be able to do storage.
>
>
>
> --
> View this message in context:
>
http://samba.2283325.n4.nabble.com/Secondary-DC-as-fileserver-within-Virtual
> Box-tp4685846.html
> Sent from the Samba - General mailing list archive at Nabble.com.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
-- 
*BOGDAN BARTOS*
/System's Administrator/
admin at blackpenguin.org <mailto:admin at blackpenguin.org>
h. 001.403.266.1513 | c. 001.403.919.5699
*IT SERVICES* - http://www.blackpenguin.org/itservices