samba - Apr 2020 - Any advice for installing Samba as an AD server on Raspbian Buster with BIND9 and ISC DHCP?

On 05/04/2020 17:34, Rick Hollinbeck via samba wrote:
> Yes, I am setting up a new Samba-based AD DC.
If you are joining? to an existing domain, then you cannot be setting up 
a new domain ;-)
> The goal is to eventually transfer the FSMO roles to the Pi and remove my
current Windows
> 2008 servers.
Shouldn't be a problem.
>
> Should I install BIND9 and DHCP first, then install Samba and do the join?
I personally would do it in stages, set up the Rpi, add Louis's repo and 
then join the AD domain.

Install Bind9 and upgrade to bind9_dlz, finally install and configure dhcp.
>
> Is Louis's 'how-to' for Ubuntu still the best guide, even for
Raspbian?
There is a lot of difference between Raspbian and Ubuntu, Raspbian uses 
dhcpcd and Ubuntu uses netplan for instance.

If I was doing this (I use my Rpi4 as a Unix domain member), I would 
remove dhcpcd and then set a fixed ip the old-school way with 
/etc/network/interfaces.
> (The Samba wiki seems out of date.)
Can you point to examples of 'out-of-dateness' ??

If there are any, I will update them.
> I was hoping there was somethiing more specific to Raspbian.
Bit of a niche market (yes, I know just how many of them there are) and 
the wiki is meant as general info on Samba and not committed to any 
particular distro.

If you get stuck or are unsure, just ask ;-)

Rowland

> > I'm looking for some general advice.
> >
> > I'm beginning to set up a Raspberry Pi 4 as a SOHO server with
Samba on Raspbian Buster.
> >
> > I will be running as a member of an existing Windows AD (JOIN), then
allow logging in from
> > Windows and Linux clients.
> 
> Do you mean as a Unix domain member or as an AD DC ?
> 
> This is a little unclear and you can only run Bind9 & dhcp on a DC.
> 
> As far as I am aware, the only place to get a Samba supported version is 
> from Louis's repo.
> 
> Rowland
Yes, I am setting up a new Samba-based AD DC.
The goal is to eventually transfer the FSMO roles to the Pi and remove my
current Windows
2008 servers.

Should I install BIND9 and DHCP first, then install Samba and do the join?

Is Louis's 'how-to' for Ubuntu still the best guide, even for
Raspbian?
(The Samba wiki seems out of date.)
I was hoping there was somethiing more specific to Raspbian.

Thanks, Rick

Thanks for your advice, Rowland
> > Yes, I am setting up a new Samba-based AD DC.
> If you are joining? to an existing domain, then you cannot be setting up 
> a new domain ;-)
Yes - joining a new DC to an existing domain.
> > Should I install BIND9 and DHCP first, then install Samba and do the
join?
> 
> I personally would do it in stages, set up the Rpi, add Louis's repo
and
> then join the AD domain.
> 
> Install Bind9 and upgrade to bind9_dlz, finally install and configure dhcp.
That's what I was wondering... I'll do the join first with the internal
Samba dns server
then upgrade it to bind9_dlz.
> There is a lot of difference between Raspbian and Ubuntu, Raspbian uses 
> dhcpcd and Ubuntu uses netplan for instance.
> 
> If I was doing this (I use my Rpi4 as a Unix domain member), I would 
> remove dhcpcd and then set a fixed ip the old-school way with 
> /etc/network/interfaces.
My dhcpcd.conf specifies a fixed ip for eth0, but I don't really know how
well it will play with
bind9 and samba.
I think I'll take your advice here.

I'm also worried the resolv.conf is getting rewritten and I think I'll
want to edit that one manually as well for bind9 and samba, correct?
> 
> > (The Samba wiki seems out of date.)
> 
> Can you point to examples of 'out-of-dateness' ??
> 
> If there are any, I will update them.
If I remember right from the last time I set up Samba (a few months ago) some of
the folder
locations didn't reflect the newer locations that Samba now uses to simplify
file premissions
for the bind9 user account, but this might be fixed now.
(BTW, https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server refers to
this user
as both 'bind' and 'named'. I think named is the one I saw bind9
using when installed.)

I'll try to note specific things in the wiki that seem out of date or
confusing as I proceed and
let you know.
> > I was hoping there was somethiing more specific to Raspbian.
> Bit of a niche market (yes, I know just how many of them there are) and 
> the wiki is meant as general info on Samba and not committed to any 
> particular distro.
Louis's how-to really helped me out when I installed samba on Ubuntu.
I'll try to write up my own notes for Raspbian as I go...

These are the packages Louis installs on Ubuntu - are they best for Raspbian,
also?

# The Samba 4.11 package for Raspbian on Louis's site....
apt install samba winbind krb5-user
#(optional must often used so install it. )
apt install libnss-winbind  libpam-winbind
#for the time sync in samba we need ntp or chrony. 
#Prepare time ( I preffer ntp.) 
apt install ntp
#Prepare DNS ( I preffer bind9 )
apt install bind9
# and add some tools you might need.
apt install binutils ldb-tools smbclient 
apt install libpam-krb5

Anything missing here?
> If you get stuck or are unsure, just ask ;-)
> 
> Rowland
Thanks for your help!
(Stay safe,,,)

-Rick