OK, If you are reading this I obviously have your attention, so please tune in very carefully!
Samba4 RPMS have been built for ClearOS 5.1 RC2. This package has NOT been tested - it took a long time to get it to build cleanly.
If you are interested in testing Samba4 - the Active Director Server, please respond to this message. Before you do though, please note the following caveats:
1. Samba-3.x must be completely uninstalled BEFORE installation of Samba4.
2. Samba4 is NOT a replacement for Samba3's file and print services
3. Installation will require a LOT of manual tweaking and messing around. We will need to work together (this forum is a good place to do that) to figure out what needs to be changed in the packaging.
4. We will prepare updates soon after future Samba4 alpha releases are issued by the Samba Team. Each one will cause your hair to fall out, your skin to wrinkle up, your clock to cease ticking, your cat to lose its meow, and your bank to over-draw you account.
Now that you have read the caveats, please note that the binary RPM is 350MB and it unpacks to a little over 1.2GB.
So how well does it work? Well, I have a Windows Server 2008 R2 domain member and can use its Active Directory User manager to manage ADS Users. Windows 7 clients can join the domain without any registry changes. Samba3 can be a domain member and is the proposed file server for the new ADS solution framework.
There is a LOT of work ahead, but those who want the bleeding edge on steroids will not be able to resist getting their hands on this code.
OK - now you have full disclosure, tell us if you are interested in helping to test this new code. If the response is great enough the RPMs will be added to the Plus repository - Right Peter?
Samba4 RPMS have been built for ClearOS 5.1 RC2. This package has NOT been tested - it took a long time to get it to build cleanly.
If you are interested in testing Samba4 - the Active Director Server, please respond to this message. Before you do though, please note the following caveats:
1. Samba-3.x must be completely uninstalled BEFORE installation of Samba4.
2. Samba4 is NOT a replacement for Samba3's file and print services
3. Installation will require a LOT of manual tweaking and messing around. We will need to work together (this forum is a good place to do that) to figure out what needs to be changed in the packaging.
4. We will prepare updates soon after future Samba4 alpha releases are issued by the Samba Team. Each one will cause your hair to fall out, your skin to wrinkle up, your clock to cease ticking, your cat to lose its meow, and your bank to over-draw you account.
Now that you have read the caveats, please note that the binary RPM is 350MB and it unpacks to a little over 1.2GB.
So how well does it work? Well, I have a Windows Server 2008 R2 domain member and can use its Active Directory User manager to manage ADS Users. Windows 7 clients can join the domain without any registry changes. Samba3 can be a domain member and is the proposed file server for the new ADS solution framework.
There is a LOT of work ahead, but those who want the bleeding edge on steroids will not be able to resist getting their hands on this code.
OK - now you have full disclosure, tell us if you are interested in helping to test this new code. If the response is great enough the RPMs will be added to the Plus repository - Right Peter?
Share this post:
Responses (35)
-
Accepted Answer
Tim Burgess wrote:
Netatalk 2.2.0 is available in EPEL 6, so should be compatible with ClearOS 6.x when released
http://download.fedora.redhat.com/pub/epel/6/i386/
Marcel, perhaps you could try and test it out with the beta1? (I don't own a mac)
Cool Tim, i did not yet investigate if Netatalk 2.2.1 was available for ClearOS 6.x but it is. I did some quick testing and it runs on my VM. I have to do some more reading how to configure all this but i managed to copy a file to my AFP share.
about the mac... i have a Hackintosh... no budget yet for a iMac or Mac-mini
-
Accepted Answer
Netatalk 2.2.0 is available in EPEL 6, so should be compatible with ClearOS 6.x when released
http://download.fedora.redhat.com/pub/epel/6/i386/
Marcel, perhaps you could try and test it out with the beta1? (I don't own a mac) -
Accepted Answer
Peter Baldwin wrote:
A long time ago, we used to build the netatalk RPMs but it never really took off. It didn't help that we didn't really have a Mac around for testing (we had a G3, but it was a doorstop most of the time). The ClearCenter team in Utah use Macs, so at least there's now a way to eat or own dog food.
I already thought i imagined that i saw a iMac or Apple cinema display on the desk of Michael Proper... I'll hope for AFP support . -
Accepted Answer
herballizard wrote:
I would admit that it would be good to have afp running properly and as a protocol supported by the flexshare ecosystem
At the moment to have afp running stable and also running timemachine I have to run a second server with solairs express 11 and napp-it since getting the newest version of netatalk running on clearos is pretty painful for me at least. Last time I tried I had depenacy issues with berkley DB
I agree. This feature is high ranked on my whish list. I'll hope we get support for AFP in the near future. Samba is real slow on Mac OS Lion and i don't want to run a other machine only for shares (File server) and abandon ClearOS is not a option.
I did some testing this weekend. Netatalk needs berkeley DB version 4.6. The repositories have a older version. We need Netatalk 2.2.1 (Latest) if you want to use it with Lion. -
Accepted Answer
A long time ago, we used to build the netatalk RPMs but it never really took off. It didn't help that we didn't really have a Mac around for testing (we had a G3, but it was a doorstop most of the time). The ClearCenter team in Utah use Macs, so at least there's now a way to eat or own dog food. -
Accepted Answer
I would admit that it would be good to have afp running properly and as a protocol supported by the flexshare ecosystem
At the moment to have afp running stable and also running timemachine I have to run a second server with solairs express 11 and napp-it since getting the newest version of netatalk running on clearos is pretty painful for me at least. Last time I tried I had depenacy issues with berkley DB -
Accepted Answer
-
Accepted Answer
Hi herballizard,
ClearOS 6 is designed for it and we're eager to start the implementation. The whole user/group/accounts system in version 6 was redesigned with a "driver-based" architecture. The two drivers in the first ClearOS 6 release (and available in beta 2) are:
- OpenLDAP
- Active Directory Connector
When we're ready, we just need to create the Samba 4 driver and we're off to the races :-)
Word on the street is that Windows 8 might not support the old PDC/BDC architecture, so there is certainly some time pressure on the Samba Team to get Samba 4 shipped. When Samba 4 reaches beta status, I would like to get it integrated into ClearOS super-quickly (a month?). -
Accepted Answer
-
Accepted Answer
Hi, have anyone get this up and running?
I am strugling with the current samba, regarding joining the domain from user pc's.
I have tried adding poth win XP and Win 7, witout any luck ( witch i didn't have any problems wit the last Clarck Connect 5.0)
Is a straight forward solution or is it a struggle to get up and running?
Kjell -
Accepted Answer
Hi everyone. Some updates:
- For those looking at this thread for the first time, I condensed the installation instructions in this thread into a document @
http://www.clearfoundation.com/docs/developer/features/samba_4/start
- Active Directory and Windows Networks are not something that I have ever used beyond the level of just tinkering. For those of you in a similar boat, there's a video of Andrew Tridgell doing a technical walkthrough -- check this blog post.
- John has been working on building Samba 4 Alpha 11 but ran into some build issues. -
Accepted Answer
Another update, Ok this is very cool....
Have now managed to add other users / groups and login to the domain successfully on Windows 7.
Installed the Remote Server Administration Tools (RAST) for Windows 7 (~200MB) from
http://www.microsoft.com/downloads/details.aspx?FamilyID=7D2F6AD7-656B-4313-A005-4E344E43997D&displaylang=en
Links for other versions of windows are available on the Samba4 wiki
http://wiki.samba.org/index.php/Samba4/HOWTO
Follow instructions for enabling the extra windows features in the help menu that appears after install is finished (Control Panel > Programs > Windows Features) You only need the items that relate to Active Directory
Start > Run > dsa.msc (or Administritive Tools > Active Directory Users and Computers)
Keep the window open for the time being....
Then from your Samba4 machine, run the following as root to add users:-
useradd test
newuser test
This is the samba part that adds it to the active directory, the first step is required to create a linux UID
Now go back to your Active directory snap in, and press refresh - bingo your new user appears under the Users subfolder.
Now logout and login with your new test domain user! and bingo all ok
You can off course use the Active directory snap in to add more user information etc.. those who are famliar with windows environments will find this a breeze. This does of course mean that user creation is outside of the ClearOS LDAP so will be interesting to see how integrate this with the other ClearOS services.
As an aside i've noticed a few errors when using the RSAT about the global catalog not being available yet ...one for the notepad.
I'm very impressed at how solid this alpha is so far albeit with a few minor path glitches....more testing to follow! -
Accepted Answer
-
Accepted Answer
Ok some more info. Following the Samba4 Howto / WIki over here
http://wiki.samba.org/index.php/Samba4/HOWTO
You need to setup / provision the config. but first need to create a folder /etc/samba4/samba or it will fail. Steps I took
at prompts enter your REALM, DOMAIN, Admin password, and Role = dc for domain controllermkdir /etc/samba4/samba
provision
reports that you need to copy /var/lib/samba4/private/phpldapadmin-config.php to /etc/phpldapadmin/... but this folder does not exist. I carried on anyway
Test creating a share that points to an existing directorysamba -i -M single ## to run samba in 'debug' mode, 1st error complains of missing folder, trying to install winbind
mkdir /var/lilb/samba ## package does not create this folder and only creates /var/lib/samb4, install should use this path?
samba -i -M single ## runs ok, browse to PC gives user prompt - promising so far!
smbclient //localhost/netlogon -UAdministrator%ADMINPASS ### login to localhost samba4 gives smb:> prompt also promising!
mkdir test
dir ##shows test directory
vi /etc/samba4/samba/smb.conf ### and add the following
[test]
path = /var/tmp
read only = no
Browse from a client windows PC (Vista in this case), Login in with Administrator and Password, and we have simple functional filesharing! I am able to create and edit files using the admin account
And thats where I run out of steam for the time being, pondering what to do with the phpldapadmin-config.php that was generated and not used, and also the kerberos config
It also appears there are some modifcations required to the /etc/fstab to include "user_xattr", i've not tried this yet. The XATTR and SECURITY options for Ext3 are enabled in the kernel so no problems there. Although the setfatttr and getattr tests run without problems using default fstab parameters, so may not be required.
I've not yet managed to join the domain correclty, but thats down to DNS issues I think for the time being. More on this later
Anyhow - hope thats of use, looks promising, i'm off to look Windows 2003 adminpak and get my head round managing the domain and try and add some users!! -
Accepted Answer
Ok, successfully installed Samba4 on a fresh ClearOS5.1 install with no extra service enabled during install. For information I checked which packages required Samba3 in some form or other and can expand the list above to all (app-* packages):-
Squid
Postfix
Horde
Archive
Ldap (requires samba-schema)
Cyrus Imapd
PPTPD
Proftpd
Flexshare-api (requires samba-schema)
PHP (requires Flexshare-api above)
OpenVPN
Dansguardian
Users
Awstats -
Accepted Answer
Hi Kevin,
Anything that might need the LDAP database will pull in the low-level Samba packages too. That means the following cannot be installed:
- PPTP
- OpenVPN
- Flexshare
- Content Filter
- Web Proxy
- FTP
- Web Server (user permissions for uploads)
- Mail Services
- and probably a few more that I missed!
Just to clarify, the Samba server won't be pulled in, it is just some base level Samba tools that are required. These tools help with managing users/groups in LDAP. The underlying architecture in ClearOS was designed in such a way that it's possible to remove this Samba tools dependency until the are really required. That's for another day though... -
Accepted Answer
Just tried to install is from Peter's Post. Is there something else I have to do?
I can't seem to install anything after I run the install code for Samba4.
I received the following errors.
Transaction Check Errors;
File /usr/bin/ldbadd from install of samba-common-3.4.3-1.1.v5.i386 conflicts with file from package samba4-4.0.0-20.2alpha10.v5.1.i386 and so on.
I was able to install certain modules, but nothing else. -
Accepted Answer
-
Accepted Answer
Hi all,
The samba4 package was updated to remove the conflict with Samba 3. If you want to give it a try, install ClearOS without any extra modules selected at install time. After install, run:
yum --enablerepo=base-plus install samba4
The next steps... I don't really know
hmy:
In a future Samba4 release, I'll try to make the ClearOS LDAP system play nicely with Samba4. Just so you know some of the details, the ClearOS Directory (LDAP) does two things to initialize the data in LDAP:
1) it creates the basic LDAP structure (Users, Groups, Systems, etc)
2) It overlays the Windows/Samba components onto the structure (for example, a User has a new attribute called sambaHomeDrive)
The two steps are quite distinct in the underlying architecture, but it's done in one big step in ClearOS 5.1. Changing this to a two step process will make it possible to have ClearOS installed with all the bells and whistles but with Samba 4 instead of Samba 3. -
Accepted Answer
-
Accepted Answer
Same here! seemed better to leave samba-schema dependancy intact for ldap. Not quite sure to what extent we will have to stop / remove ldap for this to work yet...Yum also wanted to remove app-users due to the app-samba-api dependancy which would also remove most of the webconfig so used the --nodeps option to force the uninstall of samba3.
rpm -e samba-common samba samba-client app-samba samba-winbind libtalloc tdb-tools app-samba-api --nodeps
Oddly all of the above files listed i.e /usr/bin/ldbadd /usr/bin/ldbdel etc have already been deleted in the uninstall process so shouldn't conflict with the samba4 install... -
Accepted Answer
Thanks John Terpstra, did remove the following packages:
samba
samba-common
samba-schema
samba-client
samba-winbind
app-samba
app-samba-api
libtaloc
tdb-tools
libtdb
still got some conflicts when trying to install samba 4.
Transaction Check Error:
file /usr/bin/ldbadd conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbdel conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbedit conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbmodify conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbrename conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbsearch conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/net conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ntlm_auth conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-winbind-3.4.3-1.1.v5.i386
file /usr/bin/testparm conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/wbinfo conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-winbind-3.4.3-1.1.v5.i386
file /usr/lib/libnss_winbind.so conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-winbind-3.4.3-1.1.v5.i386
Error Summary
-------------
-
Accepted Answer
All Samba packages must be completely removed before installation of Samba4.
Here is the list of packages that will conflict with Samba4:
samba-common
samba-schema
samba
samba-client
app-samba-api
app-samba
samba-winbind
libtalloc
tdb-tools
libtdb
Only then will it be possible to install Samba4 without conflic (oops, miinimum conflict). On Monday Dec 21, 2009, I will publish a basic step-by-step guid to getting Samba4 Active Directory Server running. Please note that this will not at all integrate with the LDAP directory on ClearOS - so it too will need to be shut down.
Here are the ports Active Directory must control:
Starting Nmap 5.00 ( http://nmap.org ) at 2009-12-20 08:29 CST
Interesting ports on aligata (172.16.10.25):
Not shown: 986 closed ports
PORT STATE SERVICE
...
53/tcp open domain
88/tcp open kerberos-sec
111/tcp open rpcbind
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
...
Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Active
- John T. -
Accepted Answer
what i did is yum remove samba and then i did yum list | less. There are still packages installed:
samba-common
samba-client
samba-schema
samba-winbind
did yum remove package
but when i do yum --enablerepo=base-plus install samba4 i'll get these error's:
Transaction Check Error:
file /usr/bin/tdbbackup from install of samba4-4.0.0-20.2alpha10.i386 conflicts with file from package tdb-tools-1.1.3-1.1.v5.v5.i386
file /usr/bin/tdbdump from install of samba4-4.0.0-20.2alpha10.i386 conflicts with file from package tdb-tools-1.1.3-1.1.v5.v5.i386
file /usr/bin/tdbtool from install of samba4-4.0.0-20.2alpha10.i386 conflicts with file from package tdb-tools-1.1.3-1.1.v5.v5.i386
file /usr/bin/ldbadd conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbdel conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbedit conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbmodify conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbrename conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ldbsearch conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/net conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/ntlm_auth conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-winbind-3.4.3-1.1.v5.i386
file /usr/bin/testparm conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-common-3.4.3-1.1.v5.i386
file /usr/bin/wbinfo conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-winbind-3.4.3-1.1.v5.i386
file /usr/lib/libnss_winbind.so conflicts between attempted installs of samba4-4.0.0-20.2alpha10.i386 and samba-winbind-3.4.3-1.1.v5.i386
How to solve this? -
Accepted Answer
-
Accepted Answer
Tim Burgess wrote:
Happy to test it out! count me in
Awesome! I just heard from Peter that Samba4 has been added to the repository. Here is his instruction (but don't be surprised if he chimes in with better info):
<quote>
There was a missing dependency -- perl(Parse::Yapp). I built the perl-Parse-Yapp RPM and all is well now. Once the FTP servers sync up at the top of the hour, you will be able to install Samba4 with the following command:
yum --enablerepo=base-plus install samba4
</unquote>
Awesome!
Don't forget - first uninstall all Samba3 packages!
- John T. -
Accepted Answer
Drew Vonada-Smith wrote:
John,
Is v4 of any value to us who are using CC as a PDC with Win 7, but not using AD? More importantly, is it of any value to you to have folks like us test it? I'd be happy to help if so.
Drew
Drew,
Feedback is ALWAYS welcome. Samba4 needs more user feedback to get it accelerated forwards. On the other hand, I would not want to distract you (or anyone else) from income earning activities. Samba4 can be a huge distraction if what you want is a production environment. But it can be a lot of fun too.
- John T. -
Accepted Answer
-
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »