Thank you Rowland for your replies. Isn't it possible to forward during join time the content of the right smb.conf? This could make deployment easier which would help some of us... Just my two cents... 2016-02-08 14:03 GMT+01:00 Rowland penny <rpenny at samba.org>:> On 08/02/16 12:36, mathias dufresne wrote: > >> Hi all, >> >> When provisionning a Samba 4 AD domain with --use-rfc2307 the option >> "idmap_ldb:use rfc2307 = yes" is added to our first DC's smb.conf. >> >> When joining a Samba4 to a domain to make it a DC we can't >> use --use-rfc2307 and "idmap_ldb:use rfc2307 = yes" is not automatically >> added to newly joined DC's smb.conf. >> >> Question 1: is this option useless on non-FSMO DC? >> > > No, if you have it on the first DC, you should also have it on any > secondary DC. > > >> Question 2: if this option is not useless on non-FSMO DC, don't you think >> smb.conf should be copied from working DC at "join" time? >> > > You already get the smb.conf created for you, you just don't get the > 'idmap_ldb' line > > >> Question 3: as this could be a choice, is it advised to first copy >> smb.conf >> from working DC to newly joined DC then start Samba service on this newly >> joined DC or is it advised to first start Samba with default smb.conf then >> stop it, copy smb.conf from working DC and start Samba again? >> > > No, before starting Samba on the secondary DC, add the 'idmap_ldb' line, > then start Samba. > > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 08/02/16 15:21, mathias dufresne wrote:> Thank you Rowland for your replies. > > Isn't it possible to forward during join time the content of the right > smb.conf? This could make deployment easier which would help some of us... > > Just my two cents... >I have had a look at this, the code to add the required line to smb.conf is part of the provision and on the first DC it is run. It is not run on the join because to make it work, there would have to be an '--use-rfc2307' option for the 'join' command, but you cannot do this because it would also run the code to provision the fake ypserver. Three options here: Add the line to every smb.conf, not really a good idea if the ntvfs backend is also used Add the line to every smb.conf and make the s3fs backend the default, this is only really possible if the ntvfs backend is also removed. Add another option to the 'join' command, 'join-rfc2307' and alter the provision code slightly to add the line if the option is supplied. This is my preferred option at the moment. Rowland
I love your prefered option : ) In fact this question came to me after seeing there people with highly customized smb.conf. For me I have one line to add and I had lot of time to build up my domain, see some (most I hope!) of mistake to avoid and so on. For new guys with not much time to deploy (very small business, sometimes admins which are still quiet beginners...) having an internal process to grab smb.conf from FSMO owner when joining new DC would help. But as you mentioned this would ask some work: some options could refuse to be set early, shares are often a non-sense to copy (not same server, not same share) and so much I don't see... Have a nice evening all 2016-02-08 17:45 GMT+01:00 Rowland penny <rpenny at samba.org>:> On 08/02/16 15:21, mathias dufresne wrote: > >> Thank you Rowland for your replies. >> >> Isn't it possible to forward during join time the content of the right >> smb.conf? This could make deployment easier which would help some of us... >> >> Just my two cents... >> >> > I have had a look at this, the code to add the required line to smb.conf > is part of the provision and on the first DC it is run. It is not run on > the join because to make it work, there would have to be an '--use-rfc2307' > option for the 'join' command, but you cannot do this because it would also > run the code to provision the fake ypserver. > > Three options here: > > Add the line to every smb.conf, not really a good idea if the ntvfs > backend is also used > Add the line to every smb.conf and make the s3fs backend the default, this > is only really possible if the ntvfs backend is also removed. > Add another option to the 'join' command, 'join-rfc2307' and alter the > provision code slightly to add the line if the option is supplied. This is > my preferred option at the moment. > > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >