On Sat, 2012-08-11 at 11:21 +0200, Helmut Hullen wrote: > Hallo, Andrew, > > Du meintest am 11.08.12: > > >> In Samba3, I have full rfc2307 compliance via winbind where all > >> attributes can be obtained from AD. > >> > >> In Samba4 I only have partial rfc2307 compatibility with: > >> idmap_ldb:use rfc2307 = yes > >> uidNumber and gidNumber can be obtained from AD but > >> uinxHomeDirectory and loginShell are missing. > > [...] > > > At this stage, we still don't recommend combining file server and DC > > functions. By separating these functions onto different (virtual) > > servers, you can avoid this issue. > > Sorry - that sounds ugly. > I prefer using samba as a combined system for SOHO (especially for > schools). And working with several servers (especially virtual servers) > is not attractive for someone who looks for the server as a second or > third job, beneath his/her main job.
I would rather advertise a narrower, known to work set of functionality than to promise broader features than we know works well in production experience. In particular, we know about the limitations that Steve mentions, and we know the workaround: don't mix the file server and AD DC. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
