Wednesday, July 25, 2012

Create a roaming profile user from the command line

Use this to create a roaming profile user named potato with password potatopass

samba-tool user create potato potatopass --profile-path='\\testdc\profiles\potato'

Tuesday, July 24, 2012

Update....

I am currently working on a new version of the script that does the directory setup for roaming profiles and folder redirection, but it's not yet ready to share.

Saturday, July 21, 2012

BTRFS mirroring on root

If you have set up your system with btrfs mirroring for the root drive (ie by booting into the rescue environment on the installer, making the FS, then booting the installer, telling it to use one of the btrfs partitions as btrfs but not format... then when done doing a grub-install onto the other drives)...

If you lose a drive (on purpose or otherwise)...

When you reboot the first time if you have not replaced the drive you need to edit the kernel command line so that it says "rootflags=degraded,subvolid=@", not "rootflags=subvolid=@,degraded"...

Also, if you're testing by yanking the sata cables, re-adding, rebalanceing, removing the failed drive-id, etc over and over without rebooting, it will get to a point where all the data lives on only one drive without a mirror. If you reboot and rebalance again and remove any missing drive it should fix it.

(meta blog post) What is Cultek.com?

I see a few people (possibly from Russia) have been visiting by following a link from Cultek.com , which appears to be a members-only site... What is Cultek.com? Are you discussing this project internally?

Thursday, July 19, 2012

Updated Quick and Dirty Samba4 DC instructions

Made apparmor allow the specific libraries that bind9 needs, rather than any libraries under the samba heirarchy.


Monday, July 16, 2012

First version of the quick and dirty Samba4 Domain Controller Setup


Note that this requires the router to be configured to handle DHCP, passing the domain controller as primary DNS and WINS (see my earlier entry on router config).

For some reason it took doing an nslookup of testdc.testdomain.local at the command line on  the win7 box before the domain join worked... I will investigate why...

Sunday, July 15, 2012

Router Config

In order to work on the network, each device must find it's own numeric address, and the numeric address of any computer it wants to talk to. To work on the domain, it must know find the numeric address of local computers; the domain controller handles this. To work on the internet it must find the Ip of internet computers. With windows small network servers DHCP (handing each workstation it's own address) and DNS are often done only by the domain controller. This is simple, but if the server goes down all of the computers go down... If we let the router do DHCP, and point the first DNS to the server and the second DNS to the ISPs server or public DNS then local networking goes through the server, and if the server has a problem the workstations can still surf the web and/or remote in to the server.


You'll want to change a few settings to make your network clients use the Samba server for DNS -  without breaking DNS on the server.... Here my Samba Domain Controller will be on 192.168.1.2, and I have set it as the primary DNS and WINS servers. Also note that I am using google DNS just because it is much faster than my ISP.






Under services management I have set a static reservation for the DC. This means if you re-install the OS you don't have to manually reset it to static IP nor configure the secondary DNS. Note that when you enter the MAC address it must have any letters capitalized, and have the colons. If you replace the server motherboard you will need to update this.


On services tab, domain controller gets a reserved DHCP entry

































Here's a few more changes to note, all of them somewhat self-explanatory.
 
 
Router gets time from your local official time source

For testing purposes it's handy to enable wake on LAN on your test network machines.

You'll want to port forward ssh to your domain controller if you administer it from outside the LAN