Le 22/04/2014 22:14, Reindl Harald a écrit :
not perhaps, for sure
samba-4.1.0-3.el7.x86_64 samba-client-4.1.0-3.el7.x86_64 samba-common-4.1.0-3.el7.x86_64 samba-libs-4.1.0-3.el7.x86_64
I notice it is "samba-common-4....", so samba 4 will be the default in RHEL 7, not samba 3.6.x?
samba 3.x is dead Fedora did the swicth to 4.x long ago RHEL7 is based on Fedora 19 / Fedora 20
Thanks for the information. Samba 4 domains are a very different beast than samba 3.x ones (NT4 style). A samba 4 (AD style) includes its own DNS, its own LDAP etc...
Alain
On Tue, Apr 22, 2014 at 3:18 PM, Alain Péan alain.pean@lpn.cnrs.fr wrote:
Thanks for the information. Samba 4 domains are a very different beast than samba 3.x ones (NT4 style). A samba 4 (AD style) includes its own DNS, its own LDAP etc...
A lot of which is irrelevant if you just have one server, serving file shares.
On 4/22/2014 1:31 PM, Les Mikesell wrote:
On Tue, Apr 22, 2014 at 3:18 PM, Alain Péanalain.pean@lpn.cnrs.fr wrote:
Thanks for the information. Samba 4 domains are a very different beast than samba 3.x ones (NT4 style). A samba 4 (AD style) includes its own DNS, its own LDAP etc...
A lot of which is irrelevant if you just have one server, serving file shares.
active directory is relevant if you have more than a couple users, logging into desktop Windows machines, who want to connect to your server.
without that, you get to muck about with smbpasswd on a per user basis on the samba server, and their desktop passwords and smbpasswords are never in sync.
with active directory, you can manage the user access from a central location, and potentially manage desktop policies (security policies, login scripts, etc etc), even push application software installs via GPO's. note I said potentially as I don't know how much GPO support Samba4's AD implementation has.
On Tue, Apr 22, 2014 at 4:10 PM, John R Pierce pierce@hogranch.com wrote:
A lot of which is irrelevant if you just have one server, serving file shares.
active directory is relevant if you have more than a couple users, logging into desktop Windows machines, who want to connect to your server.
without that, you get to muck about with smbpasswd on a per user basis on the samba server, and their desktop passwords and smbpasswords are never in sync.
I never actually used it that way, but I thought that you were supposed to be able to change your password from windows when using samba as a domain (not AD) controller. And there was some support for making that change your linux password to match.
with active directory, you can manage the user access from a central location, and potentially manage desktop policies (security policies, login scripts, etc etc), even push application software installs via GPO's. note I said potentially as I don't know how much GPO support Samba4's AD implementation has.
You could also use samba with LDAP accounts. ClearOS might make that work out of the box but otherwise it is painful to set up. But going forward, finding a packaged samba4 that works is probably the best approach.
On 4/22/2014 2:25 PM, Les Mikesell wrote:
I never actually used it that way, but I thought that you were supposed to be able to change your password from windows when using samba as a domain (not AD) controller. And there was some support for making that change your linux password to match.
yeah, you're right, NT4 domains could do that. been quite a long time since I've used those.
I'm not sure win7/8 professional are happy about joining a NT4 Domain, at least not without a bunch of tinkering with security policies.
On 04/23/2014 12:43 AM, John R Pierce wrote:
I'm not sure win7/8 professional are happy about joining a NT4 Domain, at least not without a bunch of tinkering with security policies.
A registry patch is required, but it's working.
-
Alain Péan -
Chris -
John R Pierce -
Les Mikesell