Currently have a PDC and BDC on Server 2008R2, I'd like to add a Samba DC into the current system then demote and eventually get rid of the Server 2008R2 instances all together.
Has anyone used ClearOS and the AD connector to perform something similar? If so what issues or roadblocks did you find? It is a small network of about 30 clients where AD is really only used for sign in and some group policy enforcement...
Has anyone used ClearOS and the AD connector to perform something similar? If so what issues or roadblocks did you find? It is a small network of about 30 clients where AD is really only used for sign in and some group policy enforcement...
Share this post:
Responses (4)
-
Accepted Answer
On the docker/samba github page the author has a couple of configuration examples, including joining another domain. -
Accepted Answer
In terms of trialling, you probably don't have to bother about the bit where you join the ClearOS Samba to the docker/samba as that is almost a given (if winbind plays ball). The main thing to trial is if you can get the docker/samba to join the AD DC and then can you get Windows to join the docker/samba. In my notes I said docker/samba probably does not need an external DNS resolver (I didn't use one), but I think you will as you'll need to point it to your AD DC.
Also when I did it, I had ClearOS in gateway mode. Looking at the firewall, I pushed a fix through in app-docker yesterday so it should hopefully work properly in standalone mode. I've just edited the instructions to make sure you pull app-docker from clearos-updates as it has updated firewalling compared to the version in the Business repos. -
Accepted Answer
Well that sounds exciting, I've read through your method on Samba AD in a docker container and that should be very helpful as will the Samba wiki.
Considering I'm going into relatively uncharted territory I'll tread lightly and spin up a few VMs in a sandbox to get this working before I bring it into a production environment.
I'll keep this thread updated in the coming days / weeks with anything useful or interesting.
Thanks again -
Accepted Answer
You'll be at the bleedin' edge if you do this. ClearOS natively only runs as an NT4 domain controller so no group policy. I have been working on a method of running Samba Active Directory in a docker container in ClearOS, then joining ClearOS to it, and I believe I have it working. Winbind can be a bit of a pain to start but I had a problem with my set up.
I have ClearOS in a VM and samba/docker within ClearOS. ClearOS is joined to the samba/docker instance with the AD Connector. I then have Win 10 in another VM connected to the ClearOS VM LAN. Win10 is domain joined to ClearOS and is running RSAT for Users and Groups. I have not gone any further. It should be possible to join the docker/samba instance to your Win2k8 server as a domain controller using native samba commands. There is plenty of information on the Samba Wiki such as here.
I will have to say that until about a year ago I knew nothing about domains - NT4 or AD so I am relatively recent to them and my only experience is playing around like this.
If you try it out, please post back with anything you find?
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »