RHEL 8 is still lacking a Samba Active Directory package

Maybe it means that NethServer will be the ONE?
(A matrix reference)

Saying that, the target audience can grow more, hopefully.

Sticking to CentOS is anyway a quite good path, even with bad/not shared decision who took.

But we have to face that “shared folders” suits homes, maybe small offices, because it does not scale well, or scale at all.
It don’t scale for outsourcing. And it don’t scale for setup outside premises. Or mobile devices.
Yes, you can make it work (VPN and fast connections) but the current status is that applications (web or not) are the day-to-day use.
Even Microsoft faded to something different (SharePoint has its own success, just like Exchange, which now is quite more reliable and functional as mail/application server), still offering shared folders.
I hope that nethserver will persist with container for let users still have that option. But the LDAP-Centric current structure is the key to evolve without revolution the project.
Because authentication can be delivered via LDAP to any kind of authentication server, currently (better using TLS).
Don’t mind to keep track of the evolution of X500 too…

1 Like

Hi to all,
it looks like CentOS 8 isn’t supporting samba active directory and won’t support it at the future.
I think there are several servers out there which run samba active directory with Nethserver 7.
I created this thread to collect ideas, how to solve this. Here should erase a list of these ideas:

  • a container with debian and samba ad at the Nethserver8 installation (best way choosing it from software-center)
  • a second virtual machine with debian or nethserver 7 (till it’s not supported anymore)
  • another base for Nethserver 8 (I think that’s not so easy, because everything must be “converted” to the new distro and every developer has to do a lot of extra work)

Thanks to all who will spend their ideas here. Perhaps it can be a solution implemented by the @dev_team without loosing the advantage of using upstream-updates.



Hi Michael, the current Samba AD implementation of NS7 is not using an RPM from CentOS: I think it’s possible to continue like we are doing it right now…

We could ask ourselves if going on by this way is enough, or bad or whatever.


Hi @davidep,
thanks for your post. I thought it will be a problem after a conversation at FOSDEM two years ago and reading the following thread:

But perhaps we however could collect some good ideas how to implement it at the future.


Ok, just to clarify: it’s not a techincal issue. It’s a “strategic” choice: whether or not supporting the AD feature in NS8.

AD intended as “AD Domain Controller”.
Not connecting to Windows AD via LDAP.

Yes, AD with all the bells and whistles: LDAP, Kerberos, authoritative DNS, SMB, NTP… All those ancient things that are still very required by SME IT :stuck_out_tongue_winking_eye:

I’ve been using Nethserver as my primary domain for our small office and I do use GPO’s for various rules we need for our domain connected users/computers. I would prefer to use Nethserver as my primary domain if I was to use Nethserver 8. My Webop and Nextcloud access is all based on domain user access.

I’m not clear on my understanding this conversation of RHEL 8 and samba active directory. Is it still be discussed in the building the roadmap for RHEL 8 if Nethserver will be a domain controller like it was in Nethserver 7? Or is there a chance that Nethserver will drop Samba AD from Nethserver 8?

Thank you.

1 Like

It’s a bit early to give an answer IMO. However saying if AD is useful or not is important to design NS8.

Here I see many people that want AD in NethServer and they hope it will be available in the future too. This is a clear direction that conflicts with the complexity of AD. I hope we’ll find a good solution for everyone!




It might be possible to use LDAP - IF NethServer would allow authenticated access!

At the moment any shares are either “Public”, when using LDAP, or Authenticated per User/Group when using AD.

My 2 cents

Thanks for clarifying it and sorry for misunderstanding.

So perhaps we can use my post above to find a good solution together :wink:
If somebody has ideas, I will add it to the list.

1 Like

I agree with @Andy_Wismer.

I think many installations are using authenticated access to shares, at least in a office environment.
To have only public access to shares is not an option IMO.
Nethserver calls itself a “perfect solution for small and medium enterprises”.
If there’s no other way to have authenticated access, the AD is a must have I think.

Even in a privat environment it would be a must have, or do you want to have your kids access to your data? I swear you, you don’t want it, when they are grown up to 15 or 16years! :wink:

Just my opinion!