NethServer 7.2 alpha 3 - "First Blood"

davidep · May 23, 2016, 11:41am

As the message box says, the IP must not be assigned to any other device on your green network, so it must be free.

GG_jr · May 23, 2016, 11:44am

Thank you!

So, I just check the box (Create a bridge interface for the green network) and press “START DC”. Yes?

GG_jr · May 23, 2016, 11:51am

“it must be free” means empty? I think no …

I think I don’t understand well …

mark_nl · May 23, 2016, 11:52am

I think i your case a free IP in edit 192.168.1.x range…

GG_jr · May 23, 2016, 11:53am

My range is 192.168.1.0/24

davidep · May 23, 2016, 11:53am

“Free” meaning “not assigned”

mark_nl · May 23, 2016, 11:55am

Sorry, see edit

GG_jr · May 23, 2016, 11:55am

Thank you @davidep, @mark_nl !

mark_nl · May 23, 2016, 11:59am

@davidep,
As we are on the subject, why do we need a vanilla samba in the nspawn container?

GG_jr · May 23, 2016, 12:00pm

Stupid question: why two IPs for the same server?

mark_nl · May 23, 2016, 12:04pm

SAMBA dc runs in a systemd nspawn container.

giacomo · May 23, 2016, 12:04pm

Good catch! Because Samba 4 runs inside a container which is basically a virtual machine inside the real NS

davidep · May 23, 2016, 12:11pm

Samba upstream package does not provide the DC role, by now.

@giacomo and @mark_nl already answered, I just want to add: Samba itself suggests keeping the file server / domain controller roles on separate servers.

They say:

Whilst the Domain Controller seems capable of running as a full file server, it is suggested that organisations run a distinct file server to allow upgrades of each without disrupting the other

Moreover, I must admit it simplified a lot the configuration both on the file server side (the “host” machine) and the domain controller side (the “guest” machine/container).

So I’m sure an additional IP address is a small price to pay for having them both on NS7

GG_jr · May 23, 2016, 12:16pm

Thank you all for enlighten me! I really didn’t know!

Of course doesn’t matter. I just want to understand some things which are new for me.

davidep · May 23, 2016, 12:21pm

Your question was not stupid at all. I want to say thank you @GG_jr for sharing your experience: your feedback is very important for developers and I’m sure it will be very useful to those who endeavor NS7 testing

GG_jr · May 23, 2016, 12:27pm

I think is the first NS 7a3 AD configured! Isn’t?

Thank you all!

davidep · May 23, 2016, 12:42pm

AFAIK the first outside Pesaro

You were asking about accounts from multiple domains… like john@dom1.com patricia@dom2.net

You know this is not supported on ns6 neither it is planned on ns7. However I hope it can be implemented easily with SSSD, with OpenLDAP backend. I tried it with AD, but realmd seems supporting the join to a single domain only.

fasttech · May 23, 2016, 5:28pm

I probably would have tripped up on this too, so I’m glad you talked this out here for us to understand it too.

fasttech · May 23, 2016, 6:30pm

Ahhh, I thought you guys were going to get rid of that 90 sec shutdown hold timeout.

GG_jr · May 23, 2016, 6:37pm

Yeah… But power on is fast.