[GRLUG] Samba user management

John Wesorick john at wesorick.com
Wed Feb 25 11:22:31 EST 2015


I was able to get Samba4 working without too much trouble. The biggest
issue I ran into was that they don't support subdomains (or at least didn't
a year ago), and any help is confusing, since Samba 3 and Samba 4 are two
entirely different beasts, and most references are just about "Samba". Like
in this case. Lee hasn't even stated whether we are talking about Samba 3
or Samba 4.

On Wed Feb 25 2015 at 11:12:23 AM Michael Mol <mikemol at gmail.com> wrote:

> On Wed, Feb 25, 2015 at 9:51 AM, Adam Tauno Williams
> <awilliam at whitemice.org> wrote:
> > On Tue, 2015-02-24 at 12:56 -0500, Mark Farver wrote:
> >> On Feb 24, 2015 12:34 PM, "L. V. Lammert" <lvl at omnitec.net> wrote:
> >> > On Tue, 24 Feb 2015, Mark Farver wrote:
> >> The industry has long outgrown the "MS is crap" attitude.
> >
> > +1
> >
> >> > Never used AD and don't plan to, just looking for a simple way to
> >> >allow clients to admin Samba usres.
> >> I'm not a MS fan, having been deploying Linux into production since
> >> 1994, but I can assure you that AD really has no parallel.  It's
> >> replication and support for both Windows and Unix clients is
> >> excellent, and the tools to administer it have a long and well tested
> >> history.  It is dense and opaque at times, but for most situations it
> >> is better than the alternatives.
> >
> > +1  Refusing to use Active Directory [which, BTW, Samba4 provides
> > effortlessly] is really choosing a route of pain.  You can be Open and
> > use Active Directory.  Active Directory *finally* provides a
> > just-do-it-this-way solution for identity and authentication, and it
> > uses standard protocols to do it [LDAP and Kerberos].
>
> You know, I have no complaints about AD, or even about Samba
> integration to AD as a client.
>
> But I was one of the early people to try to get Samba4 functioning as
> an AD controller. And I tried again last year. And throughout the
> period, I was gung-ho about Samba and AD integration, and really,
> *really* wanted to get everything working.
>
> In both cases, my experience can be summed up this way: Samba4 in an
> AD context is horrifically underdocumented, the Samba bugtrackers are
> lackadaisically-pursued, at best, and their mailing list leaves much
> to be desired. I personally found it to be rude and condescending,
> beyond what one is normally accustomed to as a newbie in a forum of
> experts.
>
> Oh, and don't buy any of the books on the subject if they're more than
> a couple years old. Meaning any of them. And last I looked, their
> online documentation was a hodge-podge of fairly version-specific
> tutorials, all obsolete. I bought All The Books. I read them cover to
> cover. I read all of the pages on all of the official websites. I
> tried to follow all of the rules for all of the official channels,
> tried to use the formal processes for everything, from mailing lists
> to bugtrackers.
>
> I could not make it work, the documentation to make it work was not
> there, and the support to make it work was generally not there.
>
> I will. Not. Touch. Samba. Not in a controller scenario, in any case.
> And with things like sssd available, I'll very happily move in that
> direction.
>
> If they manage to get their act together and release an updated book,
> or at least get their documentation cleaned up, maybe I'll look again.
> But I have not gotten the impression that they are still a healthy
> open-source project, and I don't have high hopes for their continued
> relevance.
>
> --
> :wq
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20150225/917682fc/attachment.html>


More information about the grlug mailing list