samba - Dec 2016 - Samba on Debian 8: ADS domain questions

Hai, 

Thats a setup i really dont advice. Should work, but expect problems.

You can happy run both in VMs.
Can you explain maybe why your setting up like this, 
so we can maybe help you to get a better setup? 


Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Stefan G.
> Weichinger via samba
> Verzonden: woensdag 14 december 2016 11:50
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Samba on Debian 8: ADS domain questions
> 
> 
> one more!
> 
> We plan to run the PDC inside a (KVM-)VM first and run the fileserver on
> the (KVM-)host as member server.
> 
> Is it a problem that the PDC will come up *after* the fileserver in case
> of rebooting etc ?
> 
> I assume clients can't connect to the fileserver until the PDC is up,
> not more ... and as soon the PDC is available things just work?
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

Am 2016-12-14 um 12:26 schrieb L.P.H. van Belle via
samba:
> Hai, 
> 
> Thats a setup i really dont advice. Should work, but expect problems.
Why?
> You can happy run both in VMs.
> Can you explain maybe why your setting up like this, 
> so we can maybe help you to get a better setup? 
Because current status is:

samba4.x as NT4-DC on physical Gentoo-server, plus acting as main file
server for that site

that same server provides KVM virtualization for one or two production vms

we would like to solve this without adding another physical machine

-

test-DC in a virtualbox VM on my laptop, Debian linux, working so far
with test VMs

* scenario one would be: upgrade physical samba4 to ADS

- no way to switch back to NT4 domain if things go wrong for the first
PCs we switch on ... // if things go smooth, fine, if not, we would like
to stop migration after the first tests ... (only switch on 2 or 3 PCs
and test things first)

- uncertainty if samba on Debian behaves like samba on Gentoo. Think
other dependencies, other kerberos, other package versions

- and we would like to gradually switch over to Debian, so that would be
a step in that direction.

I have a backup server (=2nd physical server) there as well, which could
also become the new DC. Might be the better option than the VM, it is
Debian as well ...

And the "main" file server could become a 2nd DC as Rowland
recommended?
That server would have to provide shares as well, though.

thanks all, Stefan

Hi Stephan, 

I commented inbetween. 
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Stefan G.
> Weichinger via samba
> Verzonden: woensdag 14 december 2016 13:19
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Samba on Debian 8: ADS domain questions
> 
> Am 2016-12-14 um 12:26 schrieb L.P.H. van Belle via samba:
> > Hai,
> >
> > Thats a setup i really dont advice. Should work, but expect problems.
> 
> Why?
Due to somethings getting connection errors which can cause authentication
problems en/or problems with starting other services.
> 
> > You can happy run both in VMs.
> > Can you explain maybe why your setting up like this,
> > so we can maybe help you to get a better setup?
> 
> Because current status is:
> 
> samba4.x as NT4-DC on physical Gentoo-server, plus acting as main file
> server for that site
> 
> that same server provides KVM virtualization for one or two production vms
> 
> we would like to solve this without adding another physical machine
Ah ok, then in your case what i would do. 
Im using Xen server,
http://www.tecmint.com/xenserver-physical-to-virtual-migration/
 
or KVM/QEMU example. 

http://manuel.kiessling.net/2013/03/19/converting-a-running-physical-machine-to-a-kvm-virtual-machine/

setup a test pc import te vm test test, all ok. Export it again.
Reinstall the server for dedicated KVM server and import the tested vm again. 

Hope this helps out a but. 

Xen server is free and if you have 2 server with same architectures ( amd or
intel ) you get live motion for free. (http://xenserver.org/)
Which is very very handy if you have 2 or more servers. 
And you have 2 servers..  .. 
And then in your case 2 server. Run 3 (or 4) VM's. 
2 x DC. ( one per phisical server ) 

1 x member, one per phisical.
1 x test server. 

But it just a suggestion here. 
> 
> -
> 
> test-DC in a virtualbox VM on my laptop, Debian linux, working so far
> with test VMs
> 
> * scenario one would be: upgrade physical samba4 to ADS
> 
> - no way to switch back to NT4 domain if things go wrong for the first
> PCs we switch on ... // if things go smooth, fine, if not, we would like
> to stop migration after the first tests ... (only switch on 2 or 3 PCs
> and test things first)
> 
> - uncertainty if samba on Debian behaves like samba on Gentoo. Think
> other dependencies, other kerberos, other package versions
Make it yourself easy, get my debian 8 samba packages, im testing these now for
about a week and until now i havent seen any errors.
Found here:  http://downloads.van-belle.nl/samba4/ 
In the samba-4.5.2 folder is an very easy installer, start it, it explains
itself.

Im expecting to put these packages in about 1-2 weeks in my apt repo. 
> 
> - and we would like to gradually switch over to Debian, so that would be
> a step in that direction.
> 
> I have a backup server (=2nd physical server) there as well, which could
> also become the new DC. Might be the better option than the VM, it is
> Debian as well ...
> 
> And the "main" file server could become a 2nd DC as Rowland
recommended?
> That server would have to provide shares as well, though.
I would suggest keep the main file server but set it up as member. 
Copy the db files to the new DC and upgrade there. 
Keeps you old server intact, and you can test outside your production network.


> 
> thanks all, Stefan
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

This is my disk for my DC, you dont need much.
Filesystem                                    Size  Used Avail Use% Mounted 
/dev/xvda1                                    6.0G 1002M  4.7G  18% /
And i run my DC's with 2Gb ram, dut i dont have a big AD.
I do run about 10 servers here agains 2 dc's.

Hope this helps you out. 


Greetz, 

Louis

2016-12-14 13:58 GMT+01:00 L.P.H. van Belle via samba <samba at
lists.samba.org
>:
> Hi Stephan,
>
> I commented inbetween.
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Stefan G.
> > Weichinger via samba
> > Verzonden: woensdag 14 december 2016 13:19
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] Samba on Debian 8: ADS domain questions
> >
> > Am 2016-12-14 um 12:26 schrieb L.P.H. van Belle via samba:
> > > Hai,
> > >
> > > Thats a setup i really dont advice. Should work, but expect
problems.
> >
> > Why?
>
> Due to somethings getting connection errors which can cause authentication
> problems en/or problems with starting other services.
>
This can be solved very easily booting VMs in the right order and possibly
adding latency between VMs launches.

>
> >
> > > You can happy run both in VMs.
> > > Can you explain maybe why your setting up like this,
> > > so we can maybe help you to get a better setup?
> >
> > Because current status is:
> >
> > samba4.x as NT4-DC on physical Gentoo-server, plus acting as main file
> > server for that site
> >
> > that same server provides KVM virtualization for one or two production
> vms
> >
> > we would like to solve this without adding another physical machine
> Ah ok, then in your case what i would do.
> Im using Xen server, http://www.tecmint.com/xenserver-physical-to-virtual-
> migration/
>
> or KVM/QEMU example.
>
> http://manuel.kiessling.net/2013/03/19/converting-a-
> running-physical-machine-to-a-kvm-virtual-machine/
>
> setup a test pc import te vm test test, all ok. Export it again.
> Reinstall the server for dedicated KVM server and import the tested vm
> again.
>
> Hope this helps out a but.
>
> Xen server is free and if you have 2 server with same architectures ( amd
> or intel ) you get live motion for free. (http://xenserver.org/)
> Which is very very handy if you have 2 or more servers.
> And you have 2 servers..  ..
> And then in your case 2 server. Run 3 (or 4) VM's.
> 2 x DC. ( one per phisical server )
>
> 1 x member, one per phisical.
> 1 x test server.
>
> But it just a suggestion here.
>
> >
> > -
> >
> > test-DC in a virtualbox VM on my laptop, Debian linux, working so far
> > with test VMs
> >
> > * scenario one would be: upgrade physical samba4 to ADS
> >
> > - no way to switch back to NT4 domain if things go wrong for the first
> > PCs we switch on ... // if things go smooth, fine, if not, we would
like
> > to stop migration after the first tests ... (only switch on 2 or 3 PCs
> > and test things first)
> >
> > - uncertainty if samba on Debian behaves like samba on Gentoo. Think
> > other dependencies, other kerberos, other package versions
> Make it yourself easy, get my debian 8 samba packages, im testing these
> now for about a week and until now i havent seen any errors.
> Found here:  http://downloads.van-belle.nl/samba4/
> In the samba-4.5.2 folder is an very easy installer, start it, it explains
> itself.
>
> Im expecting to put these packages in about 1-2 weeks in my apt repo.
>
> >
> > - and we would like to gradually switch over to Debian, so that would
be
> > a step in that direction.
> >
> > I have a backup server (=2nd physical server) there as well, which
could
> > also become the new DC. Might be the better option than the VM, it is
> > Debian as well ...
>
> >
> > And the "main" file server could become a 2nd DC as Rowland
recommended?
> > That server would have to provide shares as well, though.
>
> I would suggest keep the main file server but set it up as member.
> Copy the db files to the new DC and upgrade there.
> Keeps you old server intact, and you can test outside your production
> network.
>
>
>
> >
> > thanks all, Stefan
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
>
>
> This is my disk for my DC, you dont need much.
> Filesystem                                    Size  Used Avail Use% Mounted
> /dev/xvda1                                    6.0G 1002M  4.7G  18% /
> And i run my DC's with 2Gb ram, dut i dont have a big AD.
> I do run about 10 servers here agains 2 dc's.
>
> Hope this helps you out.
>
>
> Greetz,
>
> Louis
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

You miss read mathias ;-) 

 
>This can be solved very easily booting VMs in the right order and possibly
adding latency between VMs launches.
The Guest DC is on fysical server where the member is also.

 

How are you going to boot the GUEST os before the HOST os, on the same server. 

This cant be done.. 

 

Or did i miss read the question.. 

 

Greetz, 

 

Louis

 

 

 


Van: mathias dufresne [mailto:infractory at gmail.com] 
Verzonden: woensdag 14 december 2016 14:46
Aan: L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Samba on Debian 8: ADS domain questions


 

 

 

2016-12-14 13:58 GMT+01:00 L.P.H. van Belle via samba <samba at
lists.samba.org>:

Hi Stephan,

I commented inbetween.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Stefan G.
> Weichinger via samba
> Verzonden: woensdag 14 december 2016 13:19
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Samba on Debian 8: ADS domain questions
>
> Am 2016-12-14 um 12:26 schrieb L.P.H. van Belle via samba:
> > Hai,
> >
> > Thats a setup i really dont advice. Should work, but expect problems.
>
> Why?
Due to somethings getting connection errors which can cause authentication
problems en/or problems with starting other services.

 



 


>
> > You can happy run both in VMs.
> > Can you explain maybe why your setting up like this,
> > so we can maybe help you to get a better setup?
>
> Because current status is:
>
> samba4.x as NT4-DC on physical Gentoo-server, plus acting as main file
> server for that site
>
> that same server provides KVM virtualization for one or two production vms
>
> we would like to solve this without adding another physical machine
Ah ok, then in your case what i would do.
Im using Xen server,
http://www.tecmint.com/xenserver-physical-to-virtual-migration/

or KVM/QEMU example.

http://manuel.kiessling.net/2013/03/19/converting-a-running-physical-machine-to-a-kvm-virtual-machine/

setup a test pc import te vm test test, all ok. Export it again.
Reinstall the server for dedicated KVM server and import the tested vm again.

Hope this helps out a but.

Xen server is free and if you have 2 server with same architectures ( amd or
intel ) you get live motion for free. (http://xenserver.org/)
Which is very very handy if you have 2 or more servers.
And you have 2 servers..  ..
And then in your case 2 server. Run 3 (or 4) VM's.
2 x DC. ( one per phisical server )

1 x member, one per phisical.
1 x test server.

But it just a suggestion here.
>
> -
>
> test-DC in a virtualbox VM on my laptop, Debian linux, working so far
> with test VMs
>
> * scenario one would be: upgrade physical samba4 to ADS
>
> - no way to switch back to NT4 domain if things go wrong for the first
> PCs we switch on ... // if things go smooth, fine, if not, we would like
> to stop migration after the first tests ... (only switch on 2 or 3 PCs
> and test things first)
>
> - uncertainty if samba on Debian behaves like samba on Gentoo. Think
> other dependencies, other kerberos, other package versions
Make it yourself easy, get my debian 8 samba packages, im testing these now for
about a week and until now i havent seen any errors.
Found here:  http://downloads.van-belle.nl/samba4/
In the samba-4.5.2 folder is an very easy installer, start it, it explains
itself.

Im expecting to put these packages in about 1-2 weeks in my apt repo.
>
> - and we would like to gradually switch over to Debian, so that would be
> a step in that direction.
>
> I have a backup server (=2nd physical server) there as well, which could
> also become the new DC. Might be the better option than the VM, it is
> Debian as well ...
>
> And the "main" file server could become a 2nd DC as Rowland
recommended?
> That server would have to provide shares as well, though.
I would suggest keep the main file server but set it up as member.
Copy the db files to the new DC and upgrade there.
Keeps you old server intact, and you can test outside your production network.


>
> thanks all, Stefan
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

This is my disk for my DC, you dont need much.
Filesystem                                    Size  Used Avail Use% Mounted
/dev/xvda1                                    6.0G 1002M  4.7G  18% /
And i run my DC's with 2Gb ram, dut i dont have a big AD.
I do run about 10 servers here agains 2 dc's.

Hope this helps you out.


Greetz,

Louis




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba