I have samba4 (installed from package 4.0.0~alpha8+git20090912-1) running on my Ubunut 10.0.4 Lucid server. For anyone to replicate this, install samba4, import the DisplaySpecifiers from source and edit /usr/lib/python2.6/dist-packages/samba/provision.py to contain the right setup path;
$ vi /usr/lib/python2.6/dist-packages/samba/provision.py # In source tree # ret = os.path.join(dirname, "../../../setup") <----- change this ret = os.path.join(dirname, "/usr/share/samba/setup") <--- to this or equiv this will generate the initial setup as described in the howto. According to the reported bugs in the package there are some complains about operational.so missing but this does not seem to be trival in the functioning. Also the setup option "server role = 'domain controller'" seems to report errors (also when running testparm) but it needs this option for the krb server to run. According to the howto you'll now have to setup bind9, when including files in the bind config files make sure to update the apparmor profile of named with the right files. Also make sure the created files contain your Lan address and not localhost. For some reason the bind9 refuses to start with the tkey-gssapi-credential and apparomor running so for now the profile needs to be disabled unless anyone can tell me what external files named needs to access when it runs with this option. When this is done you should be able to log on to the domain and administer it trough the AD snap in. Adding user trough the snap in won't work as it is complaining about the password policy, also adding users trough the 'net ads user add' command won't work. The correct way of adding a user is done like this; $ cd /usr/share/samba/setup $ sudo ./newuser USERNAME You will be prompted to enter a password for the user, by issuing the command; $ sudo net ads user list -UAdministrator You'll be able to list the domain users, managing these users can be done trough the AD snap in including the group policy configuration. When using folders for user content such as roaming profiles it seems the group of the linux folder should be set to 'users' and given write permissions or else it won't be possible to create the folders when logging in for the first time. The problem with this is that users are able to see each others profile folders and access them. Perhaps anyone can help me with this? Keep up the good work! Felix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
