On Tue, 2021-10-05 at 08:54 -0400, Rob Campbell wrote:> I did not build samba so according to the document, it's using
> Heimdal KDC not MIT KDC.
If you are using the standard fedora packages as a DC, then you are
using MIT, they are compiled with MIT. > 
> You cannot run samba-tool dns zonecreate 10.0.0.10 0.0.10.in-
> addr.arpa if samba isn't running
Good catch, I have updated the wiki page
> Immediately after starting samba, the instructions say to test the
> File Server.
> Verifying the File Server
> To list all shares provided by the DC:
> 
> Using the Domain Controller as a File Server
> Whilst the Samba AD DC is able to provide file shares, just like all
> other installation modes, the Samba team does not recommend using a
> DC as a file server for the following reasons:
> 
> For anything but the smallest organisations, having more than one DC
> is a really good backup measure, and makes upgrades safer
> 
> There are only 3 people in this organization so I think that
> qualifies as small.
You probably couldn't get smaller, but you need to be aware of the
problems.
> 
> Join a domain
> https://www.redhat.com/sysadmin/linux-active-directory
>
https://cloud.google.com/managed-microsoft-ad/docs/quickstart-domain-join-linux
>
https://www.techrepublic.com/article/how-to-join-a-linux-computer-to-an-active-directory-domain/
> 
> You keep saying you can't use realm join a domain but you haven't
> said the correct way to join a domain.
You have been reading our wiki, did you miss this:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
realmd is really meant to join a Linux computer to IPA or AD as member
server.
Rowland