Web lists-archives.com

Re: [Samba] Minimal AD DC server for dev/test setup




On Tue, 19 Dec 2017 12:50:03 -0500
Martin Langhoff <martin.langhoff@xxxxxxxxx> wrote:

> On Tue, Dec 19, 2017 at 11:20 AM, Rowland Penny <rpenny@xxxxxxxxx>
> wrote:
> > There is a term for running a Samba AD DC without dns, it is called
> > 'broken' ;-)
> 
> Fair enough.
> 
> > AD isn't ldap, it contains its own version of ldap, if you want to
> > use it for authentication by external tools, read up on using AD
> > with the relevant tool.
> 
> We are in fully agreement in that "AD isn't ldap, it contains its own
> version of ldap", and by implication it has quite a few more things
> than "Just LDAP".
> 
> I have implemented, debugged, maintained and supported LDAP
> authentication plugins for web-based software (most notably Moodle),
> for some years. Developed and tested against OpenLDAP, then debugged
> it a bit against actual AD servers because the Samba DC didn't exist.
> 
> Now it exists! Woohoo!
> 
> "What's the simplest Samba DC I could reasonably use? to dev/test
> against? All I want is to throw a dozen users and three groups in
> there". For example, I would love a simple enough setup that I can run
> in a throwaway VM/container for unit+e2e tests in integration.
> 
> cheers,
> 
> 
> m

If you want to create your own DC, follow the info on the Samba wiki:

https://wiki.samba.org/index.php/Main_Page

Use the internal dns server when you provision, this will get you the
simplest DC ;-)

You could also download a Karoshi iso and install it, it seems to do
what you are talking about, see here:

http://www.linuxschools.com/forum/index-main.php

There is a a minor problem with it though, they insist on calling
the first DC a PDC, this is misleading because a PDC is something else
entirely.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba