Hello guys, *The scenario:* Today we have a samba3 NT4 + openldap as database. This samba3 is in a physical machine with freebsd and the openldap is in a VM. I plan to install samba4 AD on a VM using debian and then as a member samba4 as fileserver. As a firewall we use pfsense and in it we have several vlans, where each vlan has its dhcp server configured to distribute public IPs. *Samba3 NT4:* In freebsd I need to put each IP of the WINS servers (input in pfsense) configured in the file /etc/rc.conf, as below, otherwise the machines do not enter the domain. ifconfig_bce0="up"> vlans_bce0="200 300 410 420 430 440 450 460 470 480 500" > ifconfig_bce0_200="inet xxx.xxx.53.130/26" > ifconfig_bce0_300="inet xxx.xxx.50.2/23" > ifconfig_bce0_410="inet xxx.xxx.53.2/26" > ifconfig_bce0_420="inet xxx.xxx.53.66/26" > ifconfig_bce0_430="inet xxx.xxx.52.2/26" > ifconfig_bce0_440="inet xxx.xxx.66/26" > ifconfig_bce0_450="inet xxx.xxx.130/26" > ifconfig_bce0_460="inet xxx.xxx.194/26" > ifconfig_bce0_470="inet xxx.xxx.2/26" > ifconfig_bce0_480="inet xxx.xxx.66/26"I need to do this vlans settings in Samba4 AD? -- Elias Pereira
> In freebsd I need to put each IP of the WINS servers (input in pfsense) > configured in the file /etc/rc.conf, as below, otherwise the machines do > not enter the domain.Not certain what "enter the domain" means; but Active Directory is very DNS oriented. You will not need WINS to work for AD to work; if DNS is working, and the LDAP + Kerberbos ports are open, it should be good.
Thanks Adam for your answer!! "not enter the domain" means that the machine not found our domain (samba3 pdc/nt4) for auth. ------------------------- What is the best way to put a new samba4 AD server on the "air"? *Note*: *Today I have samba3 nt4 and at the moment I can not just turn it off and start another. I need to do this side by side.* On Tue, May 9, 2017 at 5:28 PM, Adam Tauno Williams via samba < samba at lists.samba.org> wrote:> In freebsd I need to put each IP of the WINS servers (input in pfsense) >> configured in the file /etc/rc.conf, as below, otherwise the machines do >> not enter the domain. >> > > Not certain what "enter the domain" means; but Active Directory is very > DNS oriented. You will not need WINS to work for AD to work; if DNS is > working, and the LDAP + Kerberbos ports are open, it should be good. > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Elias Pereira