<div dir="ltr">I was able to get Samba4 working without too much trouble. The biggest issue I ran into was that they don't support subdomains (or at least didn't a year ago), and any help is confusing, since Samba 3 and Samba 4 are two entirely different beasts, and most references are just about "Samba". Like in this case. Lee hasn't even stated whether we are talking about Samba 3 or Samba 4.<br><br><div class="gmail_quote">On Wed Feb 25 2015 at 11:12:23 AM Michael Mol <<a href="mailto:mikemol@gmail.com">mikemol@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Wed, Feb 25, 2015 at 9:51 AM, Adam Tauno Williams<br>
<<a href="mailto:awilliam@whitemice.org" target="_blank">awilliam@whitemice.org</a>> wrote:<br>
> On Tue, 2015-02-24 at 12:56 -0500, Mark Farver wrote:<br>
>> On Feb 24, 2015 12:34 PM, "L. V. Lammert" <<a href="mailto:lvl@omnitec.net" target="_blank">lvl@omnitec.net</a>> wrote:<br>
>> > On Tue, 24 Feb 2015, Mark Farver wrote:<br>
>> The industry has long outgrown the "MS is crap" attitude.<br>
><br>
> +1<br>
><br>
>> > Never used AD and don't plan to, just looking for a simple way to<br>
>> >allow clients to admin Samba usres.<br>
>> I'm not a MS fan, having been deploying Linux into production since<br>
>> 1994, but I can assure you that AD really has no parallel. It's<br>
>> replication and support for both Windows and Unix clients is<br>
>> excellent, and the tools to administer it have a long and well tested<br>
>> history. It is dense and opaque at times, but for most situations it<br>
>> is better than the alternatives.<br>
><br>
> +1 Refusing to use Active Directory [which, BTW, Samba4 provides<br>
> effortlessly] is really choosing a route of pain. You can be Open and<br>
> use Active Directory. Active Directory *finally* provides a<br>
> just-do-it-this-way solution for identity and authentication, and it<br>
> uses standard protocols to do it [LDAP and Kerberos].<br>
<br>
You know, I have no complaints about AD, or even about Samba<br>
integration to AD as a client.<br>
<br>
But I was one of the early people to try to get Samba4 functioning as<br>
an AD controller. And I tried again last year. And throughout the<br>
period, I was gung-ho about Samba and AD integration, and really,<br>
*really* wanted to get everything working.<br>
<br>
In both cases, my experience can be summed up this way: Samba4 in an<br>
AD context is horrifically underdocumented, the Samba bugtrackers are<br>
lackadaisically-pursued, at best, and their mailing list leaves much<br>
to be desired. I personally found it to be rude and condescending,<br>
beyond what one is normally accustomed to as a newbie in a forum of<br>
experts.<br>
<br>
Oh, and don't buy any of the books on the subject if they're more than<br>
a couple years old. Meaning any of them. And last I looked, their<br>
online documentation was a hodge-podge of fairly version-specific<br>
tutorials, all obsolete. I bought All The Books. I read them cover to<br>
cover. I read all of the pages on all of the official websites. I<br>
tried to follow all of the rules for all of the official channels,<br>
tried to use the formal processes for everything, from mailing lists<br>
to bugtrackers.<br>
<br>
I could not make it work, the documentation to make it work was not<br>
there, and the support to make it work was generally not there.<br>
<br>
I will. Not. Touch. Samba. Not in a controller scenario, in any case.<br>
And with things like sssd available, I'll very happily move in that<br>
direction.<br>
<br>
If they manage to get their act together and release an updated book,<br>
or at least get their documentation cleaned up, maybe I'll look again.<br>
But I have not gotten the impression that they are still a healthy<br>
open-source project, and I don't have high hopes for their continued<br>
relevance.<br>
<br>
--<br>
:wq<br>
______________________________<u></u>_________________<br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a><br>
<a href="http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug" target="_blank">http://shinobu.grlug.org/cgi-<u></u>bin/mailman/listinfo/grlug</a><br>
</blockquote></div></div>