On Thu, 2021-12-02 at 09:59 +0100, Remy Zandwijk via samba wrote:> > Lets be honest here, you seem to be doing everything that I > > wouldn't > > recommend: > > I wouldn't recommend using Freebsd in production > > I wouldn't recommend using ZFS in production > > I wouldn't recommend using a separate Bind9 server, unless it > > forwards > > all AD dns to an AD DC. > > Not meaning to hijack this thread, but I am using FreeBSD and ZFS in > production (as domain member file server) and I am surprised by the > first two recommendations. Care to share WHY you recommend against it > Rowland? To be honest, when a Samba team member recommends against > stuff, I expect a clarification along with it. > > -RemyThis is purely my opinion and is probably not the opinion of of any other Samba team member. There have been numerous problems with running an AD DC using ZFS on Freebsd reported on here, mainly caused by ZFS using nfsv4acls, which a Samba AD DC doesn't really understand. I tried (sometime ago) to provision a domain on Freebsd using ZFS and I couldn't get it it work satisfactorily, perhaps it is time to try again. Using Freebsd as a fileserver is a different kettle of fish, it probably will work, but I haven't tried it. Rowland
On 02.12.2021 12:32, Rowland Penny via samba wrote:> There have been numerous problems with running > an AD DC using ZFS on Freebsd reported on here, mainly caused by ZFS > using nfsv4acls, which a Samba AD DC doesn't really understand. I tried > (sometime ago) to provision a domain on Freebsd using ZFS and I > couldn't get it it work satisfactorily, perhaps it is time to try > again. Using Freebsd as a fileserver is a different kettle of fish, it > probably will work, but I haven't tried it.I would rather say it is lack of information about samba on zfs, that is to blame not the OS or FS. I am running couple of domains on FreeBSD for almost 10 years and had no issues, except my misconfigurations or lack of them. Yes the initial domain promotion is not smooth, resulting in bad acls on sysvol. But this issue is minor, I just added linux dc temporary, copied sysvol from there. Had no issues with sysvol since. However I have not tried Bind with samba yet.
On Thu, Dec 02, 2021 at 09:32:47AM +0000, Rowland Penny via samba wrote:>On Thu, 2021-12-02 at 09:59 +0100, Remy Zandwijk via samba wrote: >> > Lets be honest here, you seem to be doing everything that I >> > wouldn't >> > recommend: >> > I wouldn't recommend using Freebsd in production >> > I wouldn't recommend using ZFS in production >> > I wouldn't recommend using a separate Bind9 server, unless it >> > forwards >> > all AD dns to an AD DC. >> >> Not meaning to hijack this thread, but I am using FreeBSD and ZFS in >> production (as domain member file server) and I am surprised by the >> first two recommendations. Care to share WHY you recommend against it >> Rowland? To be honest, when a Samba team member recommends against >> stuff, I expect a clarification along with it. >> >> -Remy > >This is purely my opinion and is probably not the opinion of of any >other Samba team member. There have been numerous problems with running >an AD DC using ZFS on Freebsd reported on here, mainly caused by ZFS >using nfsv4acls, which a Samba AD DC doesn't really understand. I tried >(sometime ago) to provision a domain on Freebsd using ZFS and I >couldn't get it it work satisfactorily, perhaps it is time to try >again. Using Freebsd as a fileserver is a different kettle of fish, it >probably will work, but I haven't tried it.Freebsd as a Samba fileserver *certainly* works well. FreeNAS now known as TrueNAS (one of the most popular Open Source NAS builds) is based on this. Here's a video (for those of you who like this sort of thing, personally I find it a bit too "tech-bro" content :-) showing a Windows server being replaced with TrueNAS. https://www.youtube.com/watch?v=coShLkCriXc