Web lists-archives.com

Re: [Samba] Upgrade 4.8 to 4.9 with Backend-Change to lmdb?




Hi Louis,

At this point i can not recommend to upgrade to 4.9.0 or 4.9.1, a side note on this.
The bug in question why im blocking it for production, does not happen for domain members and AD-DC's but it's still a risk in my opinion.
Because for this bug, your obligated to set the idmap ... : settings or run : net groupmap add sid=S-1-5-32-546 unixgroup=nobody type=builtin

For the member, you need to adjust the install order a bit to get past it without problems.

As temp workaround (for member installation) ADDC should go fine once provisioned.
For a stand-alone server use the same steps, but leave out the idmap domain settings.

I've done extensive stress testing on the DC (compiled version, not packaged one) and I confirm that it works very well.

- Steps
apt-get install samba

- Then stop smbd and nmbd
systemctl stop smbd nmbd

- Option 1: ( my personal choice, because this keeps thing in sight )
- ( Domain Member settings and/or Stand-Alone installs )
- Configure smb.conf  ( make sure you have configured the idmap settings. )
       # - You must set a DOMAIN backend configuration, see below
       idmap config * : backend = tdb
       idmap config * : range = 3000-7999

- Domain Member only setting, choose one of these 2, read and choose.
https://wiki.samba.org/index.php/Idmap_config_ad
https://wiki.samba.org/index.php/Idmap_config_rid

I have always been configuring a tdb backend for builtin users aside from the rfc2307 or rid backend for domain users (like in [1]). In which documentation is it missing this piece of information?

Cheers,

Denis

[1] https://dev.tranquil.it/wiki/SAMBA_-_Installation_d%27un_nouveau_serveur_de_fichiers_Samba4#Configuration_smb.conf


Option 2: net groupmap add sid=S-1-5-32-546 unixgroup=nobody type=builtin
Recommended if you using only a stand-alone setup, dont run this on a member, that not needed and my cause other problems.

- And now your ready to install winbind.
apt-get install winbind

When i'm happy with the status of 4.9.x then im moving it from the test repo to the stretch-samba49 repo.
And I really suggest you wait until that happen, except when your want to test things out.
Just change the repo name to : stretch-experimental

If you want to test ldmb, the preparation for lmdb are done in the 4.9.x. packages.
https://wiki.samba.org/index.php/Samba_4.9_Features_added/changed#New_Experimental_LMDB_LDB_backend
Im not aware of an upgrade possibilty of tdb to lmdb (yet).
At least i did not find any upgrade notes.

I hope this is a bit the answer your are looking for.

Greetz,

Louis


-----Oorspronkelijk bericht-----
Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens
Oliver Rath via samba
Verzonden: woensdag 26 september 2018 13:57
Aan: samba
Onderwerp: [Samba] Upgrade 4.8 to 4.9 with Backend-Change to lmdb?

Hi list,

are there preparations for upgrading a samba 4.8.5 to 4.9.1 via
van-belle-repository to change the backend db? Is there some handwork
necessary?

Regards,
Oliver



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba





--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil.it

Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba