Second Domain Controller (Windows 2008) alongside Samba 4 AD

Support
,
#1

Hello, everyone,
I have this problem:
1 NS7 migrated from NS6 in turn inserted into a previous linux system as consolidation of several very old servers.
Some machines of the production structure (win98, OS/2, WinXP, RH5) are giving me problems and the supplier suggests me to try with a Windows 2008 AD.
I wanted to insert a second Domain Controlle Windows 2008 alongside Samba 4 AD.
But when I insert it it gives me problems of access to the existing AD structure.
Has anyone tried this configuration and got any suggestions?
Thank you
Mario Zanon

Translated with www.DeepL.com/Translator

#2

That’s not supported in Nethserver. You may add a Windows Server as domain member but not as domain controller.

If you want to try it:

https://wiki.samba.org/index.php/Joining_a_Windows_Server_2008_/_2008_R2_DC_to_a_Samba_AD

For RH5:

For XP it should be possible with some registry hacks.

1 Like
#3

Thanks, Markus, for your answer.
I know that Nethserver does not support more than one domain controller, although I consider it a serious limitation, in SMEs already from 5 servers and 25 clients I always insert a second domain controller to ensure continuity of service.
Today, with virtualization, even small companies tend to have a server for each service (mail, administrative management, production management, etc.). Limiting the structure to a single server means drastically reducing the potential customer base.
Having said that, I need to insert a Microsoft domain controller to see if I can solve the problems created with the insertion of the Nethserver and especially with the passage from Nethserver 6 with Samba 3 to Nethserver 7 with Samba 4 (done directly from the Nethesis).
I have now discovered that probably the problems were created by the fact that the Samba 4 Machine running in a Linux container, was configured for a minimum level of the domain at 2008R2, so not tested with machines using previous security protocols, if so the problem seems unresolvable and I will have to proceed in another way.

#4

You are right that multiple DCs would be nice, here’s another topic about that.

You may use Nethserver in a way to split the services on different servers, that’s already possible but not with DC.

Do you know hotsync? It provides a slave backup that could be made active manually if the master server goes down:
http://docs.nethserver.org/en/v7/hotsync.html

2 Likes
#5

Hi there!

AFAIK it is NOT possible to connect Win98 and OS/2 to anything above Win2003 Server.
This is due to old NTLM requirements, which are (rightfully) discarded nowadays.

I still have OS/2 and ECS around, also a Win98SE. I can’t even connect Win98 to my several NAS, as all use Samba under the hood.

My solution was to use a Win2K server for migration, and left it running as a “gateway” service.
The available Windows 2003 Server didn’t work for me!

Your mileage may vary…

My 2 cents
Andy

3 Likes