Juan's picture

Domain controller V 16.0 works with windows 8 or windows 10 ???

I'm doing tests and with Xp it works but I try to make it work with windows 10 and windows 8 and it does not work.

 

 

Forum: 
Jeremy Davis's picture

I'm currently working on the (not yet released) v16.1 Domain Controller. I just tried connecting to that on a Win 10 Pro machine I had handy. It worked fine?!

It does have all the latest Debian packages though. If you do an 'apt update && apt upgrade' then you'll be 99.99% the same.

I have tweaked our firstboot script a bit, but mostly that has been the "join" functionality (i.e. joining to an existing AD domain). Once I'm done with it, I'm happy to share if you want to try re-running the initial setup with the newer script? Regardless, I doubt that has anything to do with it.

Also my Win machine hasn't had updates since late last year, so perhaps a newer Windows update has changed something (and broken joining a Samba domain)? I removed my Win machine from the domain again and the updates are installing as we speak. So once they've installed, I'll try again and report back.

The only thing that initially tripped me up was that it couldn't find the domain from Windows. But then I remembered that I hadn't configured it to use the DC for DNS. After setting Windows DNS to be the IP of the Domain Controller, it worked fine.

So perhaps you could explain in a bit more detail exactly what "does not work" means? I.e. exact error messages you are getting, steps you've taken, etc.

Also if you aren't using a US-International keyboard, there may be issues with special characters (e.g. in passwords).

Juan's picture

Indeed, when configuring the DNS of the windows 8 and 10 machines with the turnkey Domain, it worked correctly. Thanks a lot

Jeremy Davis's picture

Awesome. I wish all issues were that simple to fix! :)

Good luck with it all!

Juan's picture

 I keep testing DC, as user control works perfectly, what I can't make it work is restarting the samba services through webmin, I have to restart the system every time I make a change.

I have started the tests with the folder sharing and I can see the folders but I cannot create or delete anything within them, neither does the access and control of the home (linux system user folders) work, the users see and access the folder but they cannot write or delete anything from the domain access.

I have also not been able to change the keyboard language from confconsole.

I hope I have explained well.

 

smb.conf made from webmin:

# Global parameters
[global]
    dns forwarder = 8.8.8.8
    interfaces = 127.0.0.1 192.168.0.7
    netbios name = dc1
    realm = VERSALLES.LAN
    server role = active directory domain controller
    workgroup = VERSALLES
    idmap_ldb:use rfc2307 = yes

[netlogon]
    path = /var/lib/samba/sysvol/versalles.lan/scripts
    read only = No

[sysvol]
    path = /var/lib/samba/sysvol
    read only = No

[homes]
    valid users = %S
    path = /home
    writeable = yes

[comun]
    comment = comun
    writeable = yes
    path = /media/compart

 

Jeremy Davis's picture

As noted on the Domain Controller doc page (in the Administer your AD section), when using Samba as a AD Domain Controller, management is best done using Windows own RSAT (Remote Server Administration Tool) - installed on an AD member Windows machine. By my understanding, everything should "just work" in that scenario.

As also noted on that doc page, in the General best practice recommendations section (under the sub heading "File storage/fileserver") it is not recommended to use a DC as a file server (a separate Samba Fileserver AD member should be used instead). It should probably work, but Samba themselves recommend against it. Our separate Fileserver appliance might be useful in that situation? However, unfortunately, it doesn't yet have an easy way to be added as a Domain member (it uses the legacy Samba config by default). Alternatively, you could add an additional DC member and just reconfigure it as a Fileserver. FWIW the "Join existing AD domain" functionality on firstboot is broken in v16.0. It's been fixed in the new v16.1 release, but that is not yet available from the Domain Controller appliance page, but it will be soon - in the meantime, you could download the v16.1 iso here).

Apologies that I didn't highlight that doc page in my previous post. I hope this post helps get you going in the right direction...

Please continue to share further feedback on pain points as it really useful for us! Also, whilst it is/was a known issue, it wasn't actually being tracked... So I have opened an issue with Webmin upstream, plus an issue on our own issue tracker so it doesn't get forgotten and/or hopefully new users will find it easier.

Juan's picture

Hello! Jeremy.

 I should read the documents about distros before writing, sorry for that, it´s a shame that sharing is not implemented, I hope that this feature will add soon. I will continue with my tests and tell my experiences in this forum. Thank you very much for the quick response.

We will speak soon.

 

Jeremy Davis's picture

Just to clarify, it's not that "sharing is not implemented". It's that the Samba developers recommend not using the same server for Domain Controller and Fileserver functionality. It may well be possible, but it's just not something that I've never tried (because of the Samba dev's notes).

It turns out though, that the link in the docs to the Samba wiki on how to set up a Samba Domain Member was dead (they must have reorganised their docs?). I've found the right page (in the link above) and updated it in the docs too.

I hope that helps. Please post back with any more issues you hit, questions you have, and/or any suggestions you have on how we might make it better...

Juan's picture

Thank you, I am reviewing the Samba Wiki docs, I will report my progress or setbacks.

Jeremy Davis's picture

Following your bug report re Webmin, I passed the report upstream (to Webmin devs) that the Samba server start/stop/restart buttons didn't work, and it turns out that the commands that run when the buttons are clicked, can be changed.

So as noted by the lead Webmin developer, if you want to make the adjustment, you can do it from the Webmin Samaba server page. Click the cog icon in the top left of the main window/area and change the commands that are run (i.e. remove all of the default) to:

service samba-ad-dc COMMAND

Where COMMAND is the relevant of start, stop or restart.

Alternatively, as I noted on the issue, from the commandline:

conf=/etc/webmin/samba/config
for command in start restart stop; do
    sed -i "\|^${command}_cmd=| s|=.*|=service samba-ad-dc ${command}|" $conf
done

Add new comment