Ubuntu Servers :: Samba 4 Can Replace 2008 AD?
May 20, 2011
I've done a bit of googling but have not been able to find a definitive answer. Can Samba4 replace the Active Directory on a Windows Server 2008 platform? I want to bring down my DC and replace it with a Samba4 server, but the AD is at 2008 level.
View 3 Replies
ADVERTISEMENT
Aug 3, 2011
Intent is to use samba+winbind to authenticate Ubuntu desktop against a Windows 2008 R2 domain (seems like I was able to get it working temporarily but it stopped working after some time). Quick overview of the issue: winbind is failing to lookup group ID's for a domain user causing the domain user to receive group errors on login and an inability to use domain groups in other configuration (sudoers, etc)
- Very basic install, boot to Ubuntu Desktop 10.04 LTS 64bit install, basic install options, perform software updates
- Following an Ubuntu AD HowTo [URL]
- Install kerberos, samba, winbind packages
- Make changes to krb5.conf, smb.conf, files in pam.d/ (to make the home directory and restrict login based on group membership, which works even in the half-working state but requires SID instead of text name)
After a reboot I can login as a domain account but I get the following error(s):
groups: cannot find name for group ID #####
##### is usually a number that ranges from 10000 to 10020, based on the smb.conf line regarding idmap I will get multiple group errors (one for each group that the user belongs to that winbind can't lookup for whatever reason, some groups can be resolved - see below) If I log-out and then log-in as a local user I can run the following command: id username The output returns something similar to the following:
uid=10002(username) gid=10003(domain users) groups=10003(domain users),10033,10032,10031,10030,10029,10028,10027,1 0026,10025,10024,10023,10022,10021(some group),10020,10019,10018(some other group),10017,10016,10015,10014,10013,10012,10011(s ome other other group),10010,10009,10008,10007
On a working system (Ubuntu 10.10 and when 10.04 decides to work) each group is followed by parenthesis' and the name of the group, this result clearly shows that some groups can be looked up but for some reason other groups are failing An output of /var/log/samba/log.winbind produces the following entries (that are logged when you run the id command)
[2011/08/03 19:04:39, 1] winbindd/winbindd_ads.c:1137(lookup_groupmem)
lsa_lookupsids call failed with NT_STATUS_PIPE_BROKEN - retrying...
[2011/08/03 19:04:39, 1] winbindd/winbindd_ads.c:1137(lookup_groupmem)
lsa_lookupsids call failed with NT_STATUS_PIPE_BROKEN - retrying...
The above repeats for what looks to be each group that fails (based on count of entries)If I use wbinfo I can resolve text group name to SID and SID to GID
wbinfo -n groupname (returns proper SID)
wbinfo -s SID (returns proper text group name)
wbinfo -Y SID (returns proper linux mapped group ID)
Following that process for a group that my user belongs to that is not resolving (via the id username command) will return the group ID (GID) properly (even though id username fails to lookup info for that same GID) Version Information:
uname -a
Linux hostname 2.6.32-33-generic #71-Ubuntu SMP Wed Jul 20 17:27:30 UTC 2011 x86_64 GNU/Linux
lsb_release -a
No LSB modules are available.
[code]....
View 3 Replies
View Related
Nov 26, 2010
First of all I am new user on fedora forum and I love Linux (special Redhat flavours) and want to replace windows into Linux Everywhere. I am having some issue in configuring PDC on Fedora,I want to replace my company Windows Domain controller and file server into fedora file and PDC, I tried from web and through 389-directory server but didn't succeed even once, how to configure PDC with Samba 4 + 389-directory Server, I have heard samba 4 is having awesome support and its better then windows DC, configuring Complete PDC. (Whatever need to configure PDC i.e. DNS, SAMBA 4, SWAT, WEBMIN, 389-Directory Server, Windows sync,).
View 4 Replies
View Related
Jul 22, 2010
We have a couple of Windows file servers that just share files. It is all they do. We'd like to use Ubuntu on two replacement servers allowing Windows XP and Windows 7 clients to access the files. Our network is active directory based due to Exchange and homegrown .NET apps, so it is important that active directory is used to authenticate the clients. Samba doesn't need to be a pdc or bdc, but provide pass through authentication.I understand that Samba can communicate with active directory through security-ads and security-domain.
Here are my questions to see if I should proceed:1) Folder permissions:If we move all our files to the Ubuntu server how do we set folder permissions and will we see the active directory accounts when we do this?2) Skipping ubuntu accounts: I know the domain and ads allow you to skip creating ubuntu accounts, right? If not, how do you keep the passwords synchronized?3) Easiest way? Is there a very easy way to pull this off that I've missed? My goal is to eliminate the Windows based file servers while ensuring the admin part of it is as easy as possible.To date I've been able to get the sharing to work with an ubuntu account mirroring the active directory account. I've been able to get Samba to talk to the pdc, but not successfully through domain security. ADS security was a complete cluster with winbindd
View 3 Replies
View Related
Apr 13, 2009
if there are any repositories with the newest samba version? I'm having a hard time installing it with my W2k8 Server.
View 1 Replies
View Related
Oct 21, 2010
I have Windows 2008R2 Server acting as Domain Controller for Windows7/XP clients. and CentOS 5.3 Installed configured as Samba Server, I want to make it as ADS member server so any user to login to any machine, and be able to access their Samba share.
View 3 Replies
View Related
May 18, 2011
I need to connect a Server CentOS 5.6 with DB MySQL with a DB SQL Server 2008 on Windows Server 2008 R2 64bit, but i don't know how to do this.
So that MySQL DB has to import data from SQL Server on Windows Server.
View 1 Replies
View Related
Feb 14, 2011
I want to replace Windows AD with SAMBA I want to know what policies restrictions I can get in SAMBA as compared to windows AD - whether it is possible to restrict clients not to change IP, access cdrom or control panel.
View 1 Replies
View Related
Mar 18, 2010
I wish to prevent the samba messages (mainly nmbd and winbindd) from appearing in the system log (/var/log/messages). I want to allow samba logging to the standard samba logfiles, but prevent the syslog getting clogged up by samba. I added syslog = 0 to smb.conf and reloaded the config but the messages were still appearing. I also tried the following (and restarted the syslog via /sbin/service syslog restart) # Suppress messages from samba.
nmbd.* /dev/null
smbd.* /dev/null
winbindd.* /dev/null
For interests sake the messages I'm getting are below (I'm not concerned about the messages themselves, I can chase them up at my leisure via the samba logs) Mar 18 09:58:29 SERVER nmbd[3808]: query_name_response: Multiple (2) responses received for a query on subnet xx.yy.z.zz for name DOMAIN<1d>. Mar 18 09:58:29 SERVER nmbd[3808]: This response was from IP xx.yy.z.zz, reporting an IP address of xx.yy.z.zz.
View 1 Replies
View Related
Nov 26, 2010
this is my output when I try to compile samba 4.0.0 alpha 7 in Ubuntu using the spec file provided in the samba packages:
bin/mergedobj/samba-util.o: In function `file_lines_parse':
(.text+0x595c): undefined reference to `_talloc_steal'
bin/mergedobj/samba-util.o: In function `data_blob_talloc_named':[code]....
View 1 Replies
View Related
Jan 26, 2011
Our company just bought faster hard drives for our webserver. A lot of the software and services set up on this machine have had config files set up, etc.. It would take a while to rebuild it from scratch, which i may have to do. I know most config files are in /etc and i can use apt to spit out a list of installed packages.
Any tips that i may want to know to avoid any gotchas here? We need to minimize downtime, of course, and get everything up like it is now.
View 4 Replies
View Related
May 18, 2011
I have been searching for a few hours now trying to figure out the best way to have Ubuntu Server 8.10 copy and replace a file every week.
So for example:
File A (original file)
File B (replacement file)
I would want to copy File B from its location and replace File A each week automatically with out removing or destroying File B.
I've thought of doing a cron since I already have a job set for email piping. but I'm unsure of the best way to complete this task.
View 5 Replies
View Related
Feb 9, 2011
I'm trying to replace an office file server. I would like to avoid just another samba share.
I'm looking for a document repository, a bit more functionality than a plain samba share and very cross-platform.
I've looked a couple minutes at dspace, but that seems like a lot of work just configuring it. Dropbox would be fine except that they only have up to 100g, and it's off-site.
This is NOT for unauthenticated public use.
Here are some features I have in mind:
1. Web front end.
2. Any file format from a one-line text document to a Microsoft Word document to an ISO of a blu-ray disk to a very large database backup, binary or text.
3. Cross-platform clients, mostly Mac.
4. Authenticated via centralized one-login server or maybe by a key such as an SSH public key.
5. Searchable by terms, name or content if the type is appropriate.
6. Pass in the URL for an object and have the server download it.
7. Stores files in native format so if the app breaks I can just get the files.
View 6 Replies
View Related
Aug 5, 2011
I am running a server in Dell which has RAID1 and hot plug 2 disks. It's been running for a while, but I was thinking it may crash anytime. So got a spare one, and wanted to test it how it works.I have never done this before. Can I simply, on a running machine, unplug the Disk 2 and connect the new Disk there? (Without interrupting the service as a silent mode?) Or does it have to be shutdown first, and unplugged, reinstalling all software/centos/etc etc? How do you do this update? Also how do you know when you replaced the disk? Do you have anything special to monitor that disk 1 or disk 2 is end of life?
View 1 Replies
View Related
Apr 23, 2011
Can the Replace function replace more than one word with the same character(s)?
Also, do you know how to access the plugins provided by the gedit-plugins package?
View 3 Replies
View Related
Feb 4, 2010
I recently got myself a new hard drive and I want to use it as my Samba share. I just want the hard drive itself to store the files.I know once I get it set up it should be easy to tell Samba that's where I want it to store and look for files.Problem is I need to make it so the computer can use the hard drive first. I have already installed the drive. I just don't know how to get Ubuntu to recognize the drive.I also need to create a partition that uses the whole drive and format it to ext3, then I need to mount it somewhere for Samba to use.This would be easy to do with Ubuntu desktop, but I am using Ubuntu server and I don't know how to do it. I have read that I will need to use fdisk, but the post wasn't to clear on what to do.
View 2 Replies
View Related
Feb 16, 2010
i have ubuntu server 8.04 witch preinstalled samba 3.0.28. I like to install from repositories samba 3.4.5.
View 3 Replies
View Related
Mar 16, 2010
this is my first post ever, so sorry if i'm not very descriptive. I just installed Ubuntu Server 9.10 x86 and I cannot use the net command that comes with Samba
View 8 Replies
View Related
Jun 24, 2010
When i set up a samba server, with no users in it, i can access from any pc, except the W7 ones.
I go to start, execute, type "\servershared" and a window pop ups asking for credentials... but i hava none!!!
i found out that user anonymous / no password works out, but its annoying
is there any way to overpass this autenthication??
View 2 Replies
View Related
Jul 23, 2010
I'm having problems with Ubuntu 10.04 samba PDC and windows7. I have a test network that I'm using to evauate 10.04 before I use it in production and have come across an intriguing problem with Windows 7. I have a clean brand-new installed Windows 7 ultimate and I have no problems joining the domain. (Standard registry modifications made). I can logon the window 7 box locally without a problem however when I try to logon using the domain the Windows 7 box accepts my password and start to load the user profile, at the point where the desktop would appear message is displayed to say "logging off" and returns me to logon screen.
What I have done to date: --
wiped Windows 7 box and reinstalled
Wiped user profiles both local and on PDC (including all user information)
Performed a complete uninstall of Samba (including TDB's) and
reinstalled a fresh copy of Samba and manually edited the smb.conf is a minimum basic PDC
I have no problems with Windows XP (SP3) box at any stage
View 3 Replies
View Related
Jan 11, 2010
I'm using ubuntu 9.10 x86 server edition and I switched to Ubuntu from Debian. The only problem I have now relates my Samba server. I installed Samba v 3.4.0 and suddently my network connection (eth0) goes down. I have never seen that before. This issue only happens when samba is running.
View 3 Replies
View Related
Feb 24, 2010
My setup:
Ubuntu Karmic Server Edition 64 bit
Dell PowerEdge T610
4 internal NIC RJ45
1 add-on NIC Fibre 1 Gb
Samba 3.4.0
two shares intended for WIN clients
Connections: eth0 (the first internal NIC) is part of a private network of 4 servers connected to a Gb switch. this connections serves as a fast link among these servers to regularly transfer (backup) large quantities of data. Only I can utilise it from within the server room (among those servers, obviously).
eth0: 192.168.0.AA1 eth4 is the Intel add-on NIC with 1 GB fibre connections to the public network of our institution. This is the link/IP my WIN clints have to use to access their shares. eth4: 134.XXX.YYY.ZZ1
My Problem: Despite having including both interfaces in my smb.conf only the internal connection via eth0 lives up to my expectation and delivers up to 50 MB/s. All clients trying to connect via eth4 will be able to see and access the shares, but file transfers commence with speeds severely below 0,5 MB/s with lots of aborts and warnings from the WIN file explorer.
So I experimented with the setting "interfaces" in the global section of smb.conf --- to no avail. I even set samba only to eth4: same problem. Only way to get flawless & fast transfers is the way through eth0. The samba log files of the clients I tried do show some errors, but I fear I am unable to interpret them properly.
/etc/network/interfaces
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface Intel Gb link via fibre
auto eth4
[Code]...
View 5 Replies
View Related
Feb 24, 2010
I am using ubuntu with samba. I have a windows 2003 server and i want to log in from the w2003 to the samba server. But when i do this (i have samba set up and made the shares) i get a pop up asking for my username and password.
when i fill in administrator (i am logged in at the w2003 with administrator) the username changes to samba/administrator, but i cannot log in.
View 2 Replies
View Related
Feb 25, 2010
I am running Ubuntu 8.04 LTS as my Samba/LDAP PDC on my network. Unfortunately, I need to get a newer version of samba than the current repositories for 8.04 provide. I need the Samba 3.4.0 that has been updated for Ubuntu 8.10 to allow Windows 7 to join domain as outlined here (I am currently running 3.0.28a I think). Is there a way to set 8.04 to use the 9.10 repositories and use apt-get to install samba 3.4.0 from them?
View 3 Replies
View Related
Mar 22, 2010
My problem is that the samba daemon does not start on boot-up anymore on my file-sharing server.Samba starts flawlessly if start it manually.If I run:
Code:
/etc/init.d/samba status
I get :
[code].....
View 9 Replies
View Related
Apr 16, 2010
For some reason SAMBA is not showing up
[default-www]
writeable = yes
read only = no
path = /var/www
force group = nogroup
force user = nobody
guest only = yes
public = yes
create mode = 777
directory mode = 777
I can see Ubuntu on the LAN, but nothing being seen under it. What is wrong with it? /var/www has been chmod already, and set to 777
View 3 Replies
View Related
Apr 22, 2010
I have an Ubuntu Server 8.04 that is operating fairly high CPU loads - Samba appears the culprit. I have 5 main shares with 17 users. Other packages include Apache (2 Wordpress sites for intranet only), YaCy (minimal indexing 10 pages/minute), and a MySQL business database with no more than 10 concurrent users. This only started in the last 2 weeks - updates are not the culprit.
View 1 Replies
View Related
May 4, 2010
I am unable to join a W2K or XP machine to a Samba PDC. I have tried to make this work on both 8.04 LTS and 10.04 LTS without success. Everything else works but I cannot add machine accounts "on the fly" using the "add machine script" as provided in the server guide. I have been able to make it work by enabling the root user but not as a user with admin privileges and sudo in the script. Despite multiple attempts including a new 10.04 install and following the instructions (in the 9.10 server guide) to the letter. Does anyone out there have a samba PDC actually running on Ubuntu and able to add machines on the fly without enabling the root account (i.e using SUDO in the script and a user from the admin group)?
View 1 Replies
View Related
May 19, 2010
I just installed ubuntu 10.04 on a pc... the server edition. i went to restart samba and it is not in the init.d directory. is there a different folder for server plateforms? cause im use to my 9.10 desktop edition.
also one more question, when i "ls" the /ect/ directory of course i cant see the whole thing because my monitor only shows the bottom of the file, is there a way to list it like the "more" commands, or possibly scroll up?
View 9 Replies
View Related
May 20, 2010
i am trying the set up a simple home server and I can see it on windows computers, also i cannot accesses it with its name only its ip
[Code]....
View 9 Replies
View Related