Marco Shmerykowsky
2018-May-26 13:21 UTC
[Samba] Q: Samba4 AD DC & small office file sharing
In lieu of virtualization, I wouldn't be opposed to some small, inexpensive appliance type device (sort of like the Netgate firewalls that run pfsense). I came across the MintBox Mini Pro (http://www.fit-pc.com/web/products/mintbox/mintbox-mini-pro/) Any experience or alternate suggestions? On Fri, May 25, 2018 2:27 pm, Robert Marcano via samba wrote:> On 05/25/2018 12:54 PM, Marco Shmerykowsky PE via samba wrote: >> For my current small office configuration, the machine serving >> as a NT4 Style PDC is also the main file server. Works fine. >> >> In reading up on creating an updated configuration, I see The Samba >> Wiki states the following: >> >> "The Samba AD DC is able to provide file shares, just like all other >> installation modes. However, the Samba team does not recommend using a >> DC as a file server" >> >> Does this mean that another machine should be added to serve solely >> as the DC or am I misreading it. If it's yet another machine, is >> this truly required for a small setup? > > For very small offices, I am installing a docker container running the > Samba AD server and on the host I run a Samba server joined to that AD > domain. The trick is to add two network interfaces (virtual is ok) to > the server, run Docker (or equivalent, runc, rkit..etc.) where the > containers runs tied to one host interface and the other is for the host > Samba (the domain joined server) > >> >> >> --- >> This email has been checked for viruses by AVG. >> https://www.avg.com >> >> > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On Sat, 26 May 2018 09:21:01 -0400 Marco Shmerykowsky via samba <samba at lists.samba.org> wrote:> > In lieu of virtualization, I wouldn't be opposed to some > small, inexpensive appliance type device (sort of like > the Netgate firewalls that run pfsense). > > I came across the MintBox Mini Pro > (http://www.fit-pc.com/web/products/mintbox/mintbox-mini-pro/) > > Any experience or alternate suggestions? >Yes, just about any 64bit computer on the planet. I know the wikipage says it isn't recommended to use a DC as fileserver, but I have never understood why. Every DC is used as a fileserver, what do you think 'sysvol' & 'netlogon' are ? Yes, they are shares serving files aka 'fileserver', anybody want to argue this ? If you read further down the page, you will find this: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Using_the_Domain_Controller_as_a_File_Server Where it gives an example of a problem you might have, the only problem is, if you only have windows clients, it probably is a benefit rather than a problem and you can use this set up on Linux. Rowland
Le 26/05/2018 à 15:47, Rowland Penny via samba a écrit :> On Sat, 26 May 2018 09:21:01 -0400 > Marco Shmerykowsky via samba <samba at lists.samba.org> wrote: > >> >> In lieu of virtualization, I wouldn't be opposed to some >> small, inexpensive appliance type device (sort of like >> the Netgate firewalls that run pfsense). >> >> I came across the MintBox Mini Pro >> (http://www.fit-pc.com/web/products/mintbox/mintbox-mini-pro/) >> >> Any experience or alternate suggestions? >> > > Yes, just about any 64bit computer on the planet. > > I know the wikipage says it isn't recommended to use a DC as > fileserver, but I have never understood why. Every DC is used as a > fileserver, what do you think 'sysvol' & 'netlogon' are ? Yes, they > are shares serving files aka 'fileserver', anybody want to argue this ? > > If you read further down the page, you will find this: > > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Using_the_Domain_Controller_as_a_File_Server > > Where it gives an example of a problem you might have, the only problem > is, if you only have windows clients, it probably is a benefit rather > than a problem and you can use this set up on Linux. > > Rowland > >Hi, From what I have read on this mailing list, using the DC as a file server would use CPU a lot for signing and slow down transfers, see https://lists.samba.org/archive/samba/2017-December/212580.html I would still appreciate any thoughts on this :) Yvan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 874 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20180528/36ae6a44/signature.sig>
On Sat, May 26, 2018 at 02:47:24PM +0100, Rowland Penny via samba wrote:> On Sat, 26 May 2018 09:21:01 -0400 > Marco Shmerykowsky via samba <samba at lists.samba.org> wrote: > > > > > In lieu of virtualization, I wouldn't be opposed to some > > small, inexpensive appliance type device (sort of like > > the Netgate firewalls that run pfsense). > > > > I came across the MintBox Mini Pro > > (http://www.fit-pc.com/web/products/mintbox/mintbox-mini-pro/) > > > > Any experience or alternate suggestions? > > > > Yes, just about any 64bit computer on the planet. > > I know the wikipage says it isn't recommended to use a DC as > fileserver, but I have never understood why. Every DC is used as a > fileserver, what do you think 'sysvol' & 'netlogon' are ? Yes, they > are shares serving files aka 'fileserver', anybody want to argue this ?No, it's certainly being a fileserver there. The key here is 'recommended' :-). Doing a DC + fileserver on a box just uses more resources that could be more productively :-) :-) used in just serving files (Jeremy, who loves the file serving part of Samba, the DC part less so :-) :-).