L.P.H. van Belle
2018-May-16 08:18 UTC
[Samba] Samba4 on Ubuntu 18.04 Howto setup ADDC with bind9_DLZ (extra part 4.8.1 samba)
Hai Gregory, No problem, now netplan, but i cant tell you much about netplan out of experiance, i've never used it. But what is it exact you want to know?? The how and why i configure like this is already a bit explained. about this part:> So, I'm curious about the contrast between modifying netplan vs simply disabling systemd.resolvedBut I did a bit reading. (https://netplan.io/) and that looks ok, so the contrast here imo, there isnt. once you configured with netplan, networkmanager and systemd-networkd/resolved use the netplan config. So, now its a new one on my todo list to figure a setup with netplan. Thanks guys ;-/ Now a nice example of why to configure network/dns and stay in scope of the systems viewpoint. http://www.ubuntugeek.com/how-to-fix-dns-problems-after-upgrading-ubuntu-17-10-from-ubuntu-17-04-16-10-16-04.html I was also a victum of such upgrade problems multiple times yes. to configure outside the systems viewpoint. ( long ago ubuntu 8.x/10.x Debian 4-5-6 ) Understanding "my way" of installing.. I'll try to keep it a short message.. and remember its "my way" not a preffered way, its my preffered way of installing. I install minimal, as minimal as possible at least for servers. Ubuntu does not like my way of installing thats also why i higly preffer Debian. ( Things like /vmlinux not found, grub problems due to usb install, i installed to little, and due to that unable to boot of other program errors. ) then i setup the needed tools i want to use. just things like an editor and basic tools. - i start with the basic network settings, ip and resolving and i make sure this is 100% correct. what i use, well, i dont care about this, i use thats offered in the minimal install so in ubuntu 14.04 it was primary networkmanager now its systemd-networkd. Just take some time to read into a new thing and do that when the server is still at a minimal install, and most important, use minimal changes. If you change a default system file, ALWAYS backup it before changing it. - (if used optional) configure DNS server. - setup a time server, or configure it to get a good time source ( any domain member points always to the primary NTP in the LAN ) These to are the most important things to configure. a good network setup and time server setup. After these i test my resolving. And as of this point i setup based on the use of the server. I install in the same order, always, because the keeps e steps easy to repeat and if something goes wrong its more easy to track down. This is why i created this. https://github.com/thctlo/samba4/tree/master/howtos This order is also how i always install my servers and anyone can adopt this for any os. Just follow the install order, try it and see if you encounter problems. I'll bet you get problem but less then before. So in my opinion, its not about whats prefered or how its configured, it about what/how you install and use it, then you can think about howto configure it and whats preffered. Did i make sence here? Greetz, Louis Van: Gregory Sloop [mailto:gregs at sloop.net] Verzonden: woensdag 16 mei 2018 1:22 Aan: L.P.H. van Belle via samba; L.P.H. van Belle Onderwerp: Re: [Samba] Samba4 on Ubuntu 18.04 Howto setup ADDC with bind9_DLZ (extra part 4.8.1 samba) Sorry to bother you more, Louis... Can you take a quick whack at this? ---> So, I'm curious about the contrast between modifying netplan vs > simply disabling systemd.resolved > > Is there some advantage to the gyrations to make netplan work, vs > simply disabling resolved and manually defining the IP and DNS > server?--- I'd honestly prefer disabling systemd.resolved - but would like to understand your way of doing it better, so I can make an informed choice. Thanks [and sorry all for the thread drifting from strictly Samba stuff...] -Greg LPHvBvs> Hai, LPHvBvs> And yes, i can confirm that Rowland is correct about my point of view. LPHvBvs> I'll also explain a bit why so people can understand my thoughts. LPHvBvs> I install a server as minimal as possible, yes, you might LPHvBvs> miss some packages, but you can install these after the base setup. LPHvBvs> The Why is, This saves a lot of space, unneeded LPHvBvs> updates/upgrade of packages you dont use and it results in a more stable server. LPHvBvs> I setup with, at least i try to, as less as possible of LPHvBvs> adjustment of the default config files and try to stay in LPHvBvs> line with the thoughts of the developers. LPHvBvs> The Why is, and you upgrade packages or the OS upgrade, LPHvBvs> lesser problems and lesser you need to upgrade to quicker and LPHvBvs> more save for unattended upgrade. LPHvBvs> Because if this all my servers run with unattended upgrades. LPHvBvs> Daily all packages, kernel reboot needed, in the weekends. LPHvBvs> This is why i dont care about sysv services systemd LPHvBvs> whatever, use it how to os is designed. LPHvBvs> And if you dont like it, .. ( sorry for the example ) like LPHvBvs> Rowland and systemd, he switched to Devuan. LPHvBvs> A Debian version but without systemd. LPHvBvs> I dont like Ubuntu, but i do like Debian. LPHvBvs> You think, but its the same, no, totaly not, yes, same LPHvBvs> packages, but not the same in how the system runs. LPHvBvs> A good example is how the resolving is done, the "unneeded" LPHvBvs> packages ubuntu installs which only slows down your system. LPHvBvs> My vision. LPHvBvs> Servers, Debian stable, no gui as minimal as possible. LPHvBvs> * A note, companies might need, ubuntu or RedHat due to LPHvBvs> hardware/software support and regulations. LPHvBvs> Desktop, Debian stable/Ubuntu Desktop/Ubuntu Mate/Mint LPHvBvs> Regular user, keep the desktop defaults. LPHvBvs> user like me, install the minimal desktop. LPHvBvs> Media server, kodi/plex etc, Ubuntu server. LPHvBvs> Debian is getting better here, but i have not tested that. LPHvBvs> Above is based on almost 20 years linux use. LPHvBvs> Just shareing my thoughs here about the how and why i use my linux. LPHvBvs> Questions, just ask me. LPHvBvs> Greetz, LPHvBvs> Louis>> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Rowland Penny via samba >> Verzonden: vrijdag 11 mei 2018 16:24 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] Samba4 on Ubuntu 18.04 Howto setup >> ADDC with bind9_DLZ (extra part 4.8.1 samba)>> On Fri, 11 May 2018 07:14:38 -0700 >> Gregory Sloop via samba <samba at lists.samba.org> wrote:>> > So, I'm curious about the contrast between modifying netplan vs >> > simply disabling systemd.resolved >> > >> > Is there some advantage to the gyrations to make netplan work, vs >> > simply disabling resolved and manually defining the IP and DNS >> > server? [I'm not complaining, I'm thankful for all the >> options - just >> > wanting to have the best handle possible on the reasoning behind one >> > method vs the other.] >> >>> My opinion is pretty basic, if you are setting up a Samba AD DC, then >> you don't need/want anything installed that could change the DNS >> settings.>> Louis's point of view seems to be, do the least amount of alteration >> to the OS to get it work without removing anything.>> You pays your money and makes your choice ;-)>> Rowland>> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba-- Gregory Sloop, Principal: Sloop Network & Computer Consulting Voice: 503.251.0452 x82 EMail: gregs at sloop.net http://www.sloop.net ---
Paul Littlefield
2018-May-16 09:38 UTC
[Samba] Samba4 on Ubuntu 18.04 Howto setup ADDC with bind9_DLZ (extra part 4.8.1 samba)
Hi List, My 2p worth... about Ubuntu 18.04 Server with Samba 4 AD DC. TIMEZONE = I set up my server for the actual timezone, rather than UTC... $ sudo dpkg-reconfigure tzdata NTP = I use the new systemd timesync daemon instead of good old ntpd... $ sudo timedatectl status $ sudo systemctl status systemd-timesyncd DNS = I disable the new systemd resolver daemon and create a new resolv.conf file manually... $ sudo systemctl disable systemd-resolved.service $ sudo service systemd-resolved stop $ sudo nano /etc/resolv.conf I reboot and then continue with the Samba 4 AD DC installation. My hair remains intact. :-) Paully
Rowland Penny
2018-May-16 10:07 UTC
[Samba] Samba4 on Ubuntu 18.04 Howto setup ADDC with bind9_DLZ (extra part 4.8.1 samba)
On Wed, 16 May 2018 09:38:55 +0000 Paul Littlefield via samba <samba at lists.samba.org> wrote:> Hi List, > > My 2p worth... about Ubuntu 18.04 Server with Samba 4 AD DC. > > TIMEZONE = I set up my server for the actual timezone, rather than > UTC... $ sudo dpkg-reconfigure tzdata > > NTP = I use the new systemd timesync daemon instead of good old > ntpd... $ sudo timedatectl status > $ sudo systemctl status systemd-timesyncd >Does 'timesync' know about signed support ? e.g. /var/lib/samba/ntp_signd You might want to reconsider using timesync. Rowland
L.P.H. van Belle
2018-May-16 10:23 UTC
[Samba] Samba4 on Ubuntu 18.04 Howto setup ADDC with bind9_DLZ (extra part 4.8.1 samba)
Hai Paul. Yep. time sync is a must in ADDC setups and for very server it a must imo. You might need to sync a hardware clock also, because if the hardware clock gets more then 5 min out of sync. You might end up en some strang problem. And do note, NTP Server is only needed on the DC,s members, just point them to the DC. Better imo, add CNAME ntp1 to dc1 and ntp2 to dc2 and use the ntp1/2 .domain.tld names in the configs. Now, if you want another ntp, just change the cname endpoint. sudo dpkg-reconfigure tzdata If you setup correct, the base install would have handled that and a dpkg-reconfigure should not be needed. being picky here, since you wanted to know .. My way to install. ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: woensdag 16 mei 2018 12:07 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Samba4 on Ubuntu 18.04 Howto setup > ADDC with bind9_DLZ (extra part 4.8.1 samba) > > On Wed, 16 May 2018 09:38:55 +0000 > Paul Littlefield via samba <samba at lists.samba.org> wrote: > > > Hi List, > > > > My 2p worth... about Ubuntu 18.04 Server with Samba 4 AD DC. > > > > TIMEZONE = I set up my server for the actual timezone, rather than > > UTC... $ sudo dpkg-reconfigure tzdata > > > > NTP = I use the new systemd timesync daemon instead of good old > > ntpd... $ sudo timedatectl status > > $ sudo systemctl status systemd-timesyncd > > > > Does 'timesync' know about signed support ? > e.g. /var/lib/samba/ntp_signd > > You might want to reconsider using timesync. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >