* Jim Pingle ([email protected]) wrote: > On 2/26/2013 10:26 AM, Vick Khera wrote: > > > > On Tue, Feb 26, 2013 at 7:49 AM, Luiz Gustavo Costa > > <[email protected] <mailto:[email protected]>> > > wrote: > > > > I have worked in the Samba4 package for pfsense, not only act as a > > domain member, but also act as a domain controller and i see this as an > > opportunity to extend the pfsense to be more than a firewall and act as > > a new service on the network in a new installation in another hardware > > to act as a domain controller in Active Directory with power tools > > native firewall. > > > > > > This just seems like a really bad idea to add such non-core > > functionality to the firewall. If your intent is to use a separate > > appliance as your SMB file server/controller and disable the firewall > > features on it, then I would suggest looking at something like FreeNAS. > > Really bad idea for a firewall and file serving, yes, but pfSense can > also be used in appliance mode where it is not acting as a firewall in > its main capacity. So not something on the edge of your network, but > perhaps in a VM tucked away in a DMZ with just one interface. > > I wouldn't be interested in it for file serving, but perhaps for its > AD/auth/etc type roles. > > FreeNAS is likely a better choice overall for that, but it's not > entirely without merit/use, especially for people who like using pfSense > as a platform for more than just firewalls. >
The Samba4 not only offers a small file sharing service, it is a full-service Active Directory, with features similar to Windows 2008 R2. Really not a good idea, puts it as Domain Controller in the same function firewall at the network edge. So I said to use it as an internal server (within the network) and firewall rules for LAN. Do not remember the FreeNAS or NasFree offer such a service (yet). I see this scenario to pfSense (I use without a gui). Think also in smaller networks, where typically uses a simple router and LAN. We can offer not only the firewall service, as well as the services that Active Directory has (without the licenses that a customer small no buy from Microsoft) Due to the limited physical or structural (UPS, hardware, etc.), you can have it all in a single environment. > Jim --- Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: [email protected] Tel: 55 (21) 4063-7110 / 8194-1905 / (11) 4063-0407 Blog: http://www.luizgustavo.pro.br _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
