Thanks Tom, I want to set my Samba server up to emulate a domain controller and also have roaming profiles. I have the Samba 2 book by O'Reilly, which explains how to do this with NT, but it really doesn't cover the new AD stuff. I'm going to get the new Samba 3 book now! Thanks, James > Tom, > > Great information to have. Where do set the 'OS level' in samba. I don't > have my Samba book on hand. Do I just put it in the global settings in > the > smb.conf? > > I want the Samba server to be my master browser. One of my next todo's > is > having the Samba server emulate a domain controller. I'm going to have > to > get the new Samba 3.0 material too! > > Thanks, > > James > >> Okay, please don't rip my head off here for asking a MS question, but > I >> figured I would get a slightly less biased answer here. That being >> said.... >> We are upgrading our Exchange 5.5 server to Exchange 2003. We are a >> mixed shop with Linux and Windows. (There are numerous other systems, >> mostly of the *nix variety) While I tried to edge them to use >> Communitgate Pro, Contact, or OpenExchange, they decided there would > be >> less impact on users if we stayed with Exchange. >> Now comes my issues, I feel like Alice falling down the rabbit hole >> here. In reading the docs for Exchange 2003, it says it needs Active >> Directory. Great, so now I have to learn Active Directory and futz > with >> that. Now I am setting up Active Directory, flying by the seat of my >> pants, and it says that it wants its own DNS server in order to work >> properly. All my DNS servers are Linux based. >> Can Active Directory work with Linux based DNS? I thought I recalled a >> few of you saying you had Exchange 2000/2003 running, just wanted to >> know how you did it. >> Any help would be appreciated. >> >> -- >> Edward M. Croft >> Sr. Systems Engineer >> Open Ratings, Inc. >> 200 West Street >> Waltham, MA 02451-1121 >> >> Hi Edward, >> >> Actually the answer is both yes and no. Yes, you can make Bind 9 work >> with Active Directory, but it will not resolve NetBIOS names, which >> Active Directory requires for file/print sharing. When you set up an >> Active Directory domain controller, it requires an Active Directory >> enabled DNS server, something Bind cannot do. Active Directory has >> hidden objects in the DNS records that don't appear in the zone files >> because they are embedded in the registry. Also, to find a domain >> controller to authenticate Windows clients, you must have SRV resource >> records in the zone, something Bind 9 supports but I've never tried it >> so I can't say how well it works. >> >> Another issue you will face is the matter of broadcast storms from >> browse master elections. Domain controllers win those elections when >> they exist, but every new client starting up forces a new browse > master >> election. You can limit this by using Samba and set the "OS level" > value >> to 65 or greater and the Samba server will win all the elections, and >> then you can use Samba's WINS server to handle your workstation browse >> requests. >> >> I would try to make the Exchange Server a domain controller and a DNS >> server. This would reduce the amount of traffic created by the > Exchange >> server and its clients since they use DNS and not WINS. For file and >> Print sharing I would use Samba, and make the Samba server use the >> Active Directory server to authenticate the Windows clients. You > didn't >> say whether you have Win9x or NT4 or < clients, but these require > mixed >> mode for Active Directory to work with them as they don't support > Active >> Directory in native mode. >> >> Microsoft's approach to open standards is called "embrace and extend," >> which is another way to make an open standard a Microsoft proprietary >> architecture. This makes cross platform networking a series of > stubborn >> obstacles and causes network engineers to loose their hair. I've been >> doing this stuff for 13 years, so if you have any other questions, >> please feel free to email me directly and we can continue this without >> filling the group with Microsoft protocol issues. >> >> Tom > > The OS Level statement goes in the global section of smb.conf. > > BTW, I'm still running Samba 2.2 that came with Red Hat 9 and this > machine is a Windows PDC, a DNS, WINS and DHCP server, and my Windows > clients have no idea it is running Linux. I seem to remember that Samba > 3.0 allows you to provide full Active Directory emulation for Win2K and > later clients, something that 2.2 can't do. The point I am making is > that if you want to use the Samba installation that comes with Red Hat > 9, Windows is OK with that. Since Windows isn't secure anyway, the > version of Samba you use is not of great consequence unless you already > have an Active Directory environment. > > Tom > > Thomas S. Fortner > Burleson, Texas > thomas.fortner@xxxxxxxxxxxxx > "but we preach Christ crucified..." 1 Corinthians 1:23 > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
