Create Samba AD Member Server

Linux

Install packages

apt install samba winbind krb5-config krb5-user libnss-winbind

Edit /etc/samba/smb.conf

#======================= Global Settings =======================
[global]
   workgroup = MIFE
   security = ADS
   realm = AD.MIFE.CA

   winbind refresh tickets = Yes
   vfs objects = acl_xattr
   map acl inherit = Yes
   store dos attributes = Yes

# server string is the equivalent of the NT Description field
   server string = %h server (Samba, Ubuntu)

   dedicated keytab file = /etc/krb5.keytab
  kerberos method = secrets and keytab

   winbind enum users = yes
   winbind enum groups = yes
   winbind use default domain = yes

   load printers = no
   printing = bsd
   printcap name = /dev/null
   disable spoolss = yes

   idmap config * : range = 3000-7999
   idmap config * : backend = tdb
   idmap config MIFE:unix_nss_info = no
   idmap config MIFE:backend = ad
#   idmap config MIFE:backend = rid
   idmap config MIFE:schema_mode = rfc2307
   idmap config MIFE:range = 10000-19999

   template shell = /bin/bash
   template homedir = /home/%U
Read more

Join Samba Domain Controller to existing domain

Linux

Quicksteps

systemctl disable --now systemd-resolved.service

apt install acl attr samba winbind krb5-config krb5-user
rm /etc/samba/smb.conf


kinit administrator
samba-tool domain join ad.mife.ca DC -k yes --option='idmap_ldb:use rfc2307 = yes'


systemctl disable nmbd
systemctl disable smbd
systemctl disable winbind
systemctl unmask samba-ad-dc.service
systemctl mask smbd nmbd winbind
systemctl stop smbd
systemctl stop nmbd
systemctl stop winbind
systemctl enable --now samba-ad-dc.service
Read more

Move OSD from one host to another

Ceph

Quicksteps

On the old host

  • Stop OSD
  • Mark it OUT
  • Export VG
lvchange -a n $VG/$LV
vgexport $VG
  • Move the disk to new host
  • On the new host:
lsblk
vgscan
vgimport $VG
vgchange -a y $VG
ceph-volume lvm activate --all
Read more