[ale] Switching from Server 2003 to Samba

Edward Holcroft eholcroft at mkainc.com
Fri Oct 3 14:41:31 EDT 2014 

OK, so here's where this things stands right now.

I have Ubuntu 14.04 running Samba 4.1 as a member server on my AD domain. I
can access Windows shares, including home shares from my Windows clients
using Windows ACL's as if accessing a Windows server.

The Samba wiki, starting here, was very helpful:
https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server

Now, I've encountered a glitch that I hope someone can help me with:

If I do a gentent passwd, I am able to see all the users from my AD, EXCEPT
the ones that I have created since joining this server to the domain. Is
there I command I need to run to update the user list on the Ubuntu box? I
don't recall doing anything special before. Just installed libnss-winbind
and lipam-winbind and bang, getent passwd just worked, fully populated with
AD users.

What is interesting, is that getent group, shows these newly created users
as added to appropriate groups, which makes it all the more perplexing to
me.

If I do a wbinfo -u I get a list of all domain users, including the newly
created ones.

If I do id smbtest1, I get "no such user". Other users (all those created
before today) work fine e.g. id eholcroft
uid=10019(eholcroft) gid=10004(domain users) groups=10004(domain
users),10057(atlanta),10067(accessusers),10047(mkastaff),10078(it),10162,10001(BUILTIN\users)


This seems to be the only issue standing between me and getting my shares
fully functional. All users can access shares as expected, EXCEPT those
that do not show up in getent passwd - for these users, the Windows client
gets stuck on username and password prompt when trying to access a share
(providing the credentials does not help)

cheers
ed


On Thu, Jul 10, 2014 at 3:53 PM, Edward Holcroft <eholcroft at mkainc.com>
wrote:

> All,
>
> The time has finally come to ditch our Micro$haft file servers as another
> increment towards weaning ourselves of our Windows habit. For now, I have
> to keep Active Directory in the picture, although I have managed to reduce
> the AD server footprint from 18 servers down to 4. Corporate mindset issues
> demand small steps.
>
> Question: Is it better to go with an "appliance solution" such as FreeNAS
> vs. distro+Samba?
>
> I played around with FreeNAS a bit and while it has great automation of
> things like AD integration (which I will need to do for now) and a great
> web interface, it seems less flexible when it comes to e.g. backup options.
> It seems a simple Ubuntu/Samba box gives me many options on how to handle
> our daily backups to USB, while FreeNAS can potentially close doors to me,
> or at least make things harder. That's just one example that I ran into.
>
> So, I'd like to hear from you about experiences/pros-cons of
> appliance-type options vs the manual way. I've tried both at a simple test
> level. They both seem viable and I really want to like FreeNAS, but just
> cannot seem to get comfortable with it - little glitches seem to pop up
> that have the potential to be major sticking points. So right now I'm
> leaning towards distro+Samba.
>
> Feel free to suggest other options besides the two mentioned here.
> Whatever solution I deploy I have to be able to use Windows ACL's on the
> shares ... for now.
>
> cheers
> ed
>
> --
> Edward Holcroft | Madsen Kneppers & Associates Inc.
> 11695 Johns Creek Parkway, Suite 250 | Johns Creek, GA 30097
> O (770) 446-9606 | M (770) 630-0949
>



-- 
Edward Holcroft | Madsen Kneppers & Associates Inc.
11695 Johns Creek Parkway, Suite 250 | Johns Creek, GA 30097
O (770) 446-9606 | M (770) 630-0949

-- 
MADSEN, KNEPPERS & ASSOCIATES USA, MKA Canada Inc. WARNING/CONFIDENTIALITY 
NOTICE: This message may be confidential and/or privileged. If you are not 
the intended recipient, please notify the sender immediately then delete it 
- you should not copy or use it for any purpose or disclose its content to 
any other person. Internet communications are not secure. You should scan 
this message and any attachments for viruses. Any unauthorized use or 
interception of this e-mail is illegal.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20141003/8ff2a3a7/attachment.html>

More information about the Ale mailing list