SlideShare a Scribd company logo

Power Your Directory with openSUSE and Samba

Don Vosburg
Don Vosburg

Case study on an implementation of samba/AD at a small K12 school. What we did and what we learned.

Software
1 of 16
Download to read offline
Power your directory with openSUSE and Samba Case study: openSUSE Leap 15 and samba/ AD in K-12 educaton IT Consultant Anderson, IN USA Don Vosburg don.vosburg@libertyonline.org dvosburg@suse.com
Agenda ● Why would anyone do this? ● Samba and openSUSE ● Case study environment ● Implementation ● Live “Look-in”
Why do this at all? ● You have more time than money (CAL avoidance) ● AD is the standard for interoperability ● Simplicity/ubiquity of administration tools ● openSUSE is just cooler than Windows
State of Samba AD in openSUSE ● Samba 4 first arrived in openSUSE 13.1: Release notes (2014-01-08) 5.3. Samba Version 4.1 Samba version 4.1 shipped with openSUSE 13.1 does not include support to operate as an Active Directory style domain controller. This functionality is currently disabled, as it lacks integration with system-wide MIT Kerberos.
State of Samba AD in openSUSE ● openSUSE Leap 15 - samba 4.7, currently 4.7.10 – 15.1/Tumbleweed samba 4.9, currently 4.9.4 ● Several rpm packages are part of this: – samba – samba-client – samba-ceph – samba-doc – samba-dsdb-modules – samba-kdc - /usr/bin/samba-tool (samba-ad-dc in 15.1 and Tumbleweed) – samba-libs – samba-pidl – samba-python – samba-winbind
How Samba4 delivers AD ● Several key services are consolidated into samba-ad-dc service: LDAP, DNS, and Kerberos ● Single configuration tool: samba-tool ● Default kerberos server: Heimdal (MIT added in 4.7) ● Samba recommends a separate domain controller for AD – with shares delivered on member instances ● DNS can be run with bind, but requires extra configuration
Current limitations of Samba AD ● No PowerShell AD module ● No SYSVOL replication ● Directory mode maximum 2008R2 ● Limited application of computer GPO’s
Case study environment
Liberty Christian School ● Two facilities in Anderson, IN ● 550 students K-12, 80 staff ● 150 Windows PC’s ● 575 Chromebooks ● 1 Old sysadmin – Two teenage helpers
LCS IT information ● Each facility has two clustered KVM servers – Storage via iSCSI on Leap 15 ● Windows running as appliances ● SLES was default – Started with 11 ● Windows 10 standard ● Share server in each building
Compelling events ● 9-yr-old Samba 3/LDAP domain getting harder to support ● Windows 10 1803 – breaks domain join ● Need for better standardization, interoperability ● No budget ● Local admins know Windows
Implementation design ● Install Leap 15 DC in each facility ● “Classic Upgrade”, DNS internal (ad.libertyonline.org) ● Retain SLES11 share server names, rebuild on Leap 15 as domain members ● Reconfigure dependent services – PowerSchool (SIS) – Google G Suite (GCDS) ● Replicate in virtual world first to test ● Get Trent and Zack to help
Results – Good, Bad, Ugly ● Good: All users and machines with passwords imported, shares work, Windows admin tools work, accomplished over winter break in January 2019 ● Bad: All users in one OU, groups imported but unpopulated with users, file permission changes needed ● Ugly: MIT kerberos labeled “experimental” – Samba backed away – Bug affected it at deploy time: ● CVE-2018-20217
Live “Look-in”
Have a lot of fun!
License This slide deck is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license. It can be shared and adapted for any purpose (even commercially) as long as Attribution is given and any derivative work is distributed under the same license. Details can be found at https://creativecommons.org/licenses/by-sa/4.0/ General Disclaimer This document is not to be construed as a promise by any participating organisation to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. openSUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for openSUSE products remains at the sole discretion of openSUSE. Further, openSUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All openSUSE marks referenced in this presentation are trademarks or registered trademarks of SUSE LLC, in the United States and other countries. All third-party trademarks are the property of their respective owners. Credits Template Richard Brown rbrown@opensuse.org Design & Inspiration openSUSE Design Team http://opensuse.github.io/branding- guidelines/

Recommended

Introduction to word press
Introduction to word pressIntroduction to word press
Introduction to word pressLucky Ali
 
Building a community of Open Source intranet users
Building a community of Open Source intranet usersBuilding a community of Open Source intranet users
Building a community of Open Source intranet usersLuke Oatham
 
Enabling new client operating systems in Uyuni. AlmaLinux as an example.
Enabling new client operating systems in Uyuni. AlmaLinux as an example.Enabling new client operating systems in Uyuni. AlmaLinux as an example.
Enabling new client operating systems in Uyuni. AlmaLinux as an example.Uyuni Project
 
002. Working with Webpack
002. Working with Webpack002. Working with Webpack
002. Working with WebpackBinh Quan Duc
 
Installing WordPress in 5-Steps
Installing WordPress in 5-StepsInstalling WordPress in 5-Steps
Installing WordPress in 5-Stepsrdcashin
 
SUSE Expert Days Paris 2018 – SLE 15
SUSE Expert Days Paris 2018 – SLE 15SUSE Expert Days Paris 2018 – SLE 15
SUSE Expert Days Paris 2018 – SLE 15SUSE
 
Use build service API in your program
Use build service API in your programUse build service API in your program
Use build service API in your programSUSE Labs Taipei
 
Hands-On with Heat: Service Orchestration in SUSE Cloud
Hands-On with Heat: Service Orchestration in SUSE CloudHands-On with Heat: Service Orchestration in SUSE Cloud
Hands-On with Heat: Service Orchestration in SUSE CloudRick Ashford
 

Recommended

Introduction to word press
Introduction to word pressIntroduction to word press
Introduction to word pressLucky Ali
 
Building a community of Open Source intranet users
Building a community of Open Source intranet usersBuilding a community of Open Source intranet users
Building a community of Open Source intranet usersLuke Oatham
 
Enabling new client operating systems in Uyuni. AlmaLinux as an example.
Enabling new client operating systems in Uyuni. AlmaLinux as an example.Enabling new client operating systems in Uyuni. AlmaLinux as an example.
Enabling new client operating systems in Uyuni. AlmaLinux as an example.Uyuni Project
 
002. Working with Webpack
002. Working with Webpack002. Working with Webpack
002. Working with WebpackBinh Quan Duc
 
Installing WordPress in 5-Steps
Installing WordPress in 5-StepsInstalling WordPress in 5-Steps
Installing WordPress in 5-Stepsrdcashin
 
SUSE Expert Days Paris 2018 – SLE 15
SUSE Expert Days Paris 2018 – SLE 15SUSE Expert Days Paris 2018 – SLE 15
SUSE Expert Days Paris 2018 – SLE 15SUSE
 
Use build service API in your program
Use build service API in your programUse build service API in your program
Use build service API in your programSUSE Labs Taipei
 
Hands-On with Heat: Service Orchestration in SUSE Cloud
Hands-On with Heat: Service Orchestration in SUSE CloudHands-On with Heat: Service Orchestration in SUSE Cloud
Hands-On with Heat: Service Orchestration in SUSE CloudRick Ashford
 
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UKSUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UKhuguk
 
Manage Virtual Machines with WebVirtMgr on openSUSE
Manage Virtual Machines with WebVirtMgr on openSUSEManage Virtual Machines with WebVirtMgr on openSUSE
Manage Virtual Machines with WebVirtMgr on openSUSEDendy P. Delly
 
Getting Started on Packaging Apps with Open Build Service
Getting Started on Packaging Apps with Open Build ServiceGetting Started on Packaging Apps with Open Build Service
Getting Started on Packaging Apps with Open Build ServiceAndi Sugandi
 
Ceph_in_a_Windows_world
Ceph_in_a_Windows_worldCeph_in_a_Windows_world
Ceph_in_a_Windows_worldsuncbing1
 
OBS in numbers
OBS in numbersOBS in numbers
OBS in numbersAna María Martínez Gómez
 
Productos de SUSE basados en CaaSP
Productos de SUSE basados en CaaSPProductos de SUSE basados en CaaSP
Productos de SUSE basados en CaaSPSUSE España
 
Egkatastasis
EgkatastasisEgkatastasis
EgkatastasisPanagiotis Georgiadis
 
Puppet - Configuration Management Made Eas(ier)
Puppet - Configuration Management Made Eas(ier)Puppet - Configuration Management Made Eas(ier)
Puppet - Configuration Management Made Eas(ier)Aaron Bernstein
 
Using Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkUsing Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkDocker, Inc.
 
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)Uyuni Project
 
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...Alen Leit
 
SUSE Enterprise Storage - a Gentle Introduction
SUSE Enterprise Storage - a Gentle IntroductionSUSE Enterprise Storage - a Gentle Introduction
SUSE Enterprise Storage - a Gentle IntroductionGábor Nyers
 
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster Dirk Oppenkowski
 
SUSE Open Stack Cloud.
SUSE Open Stack Cloud.SUSE Open Stack Cloud.
SUSE Open Stack Cloud.briggsy_uk
 
Presentation SUSE workshop Brussel September 24th 2014
Presentation SUSE workshop Brussel September 24th 2014Presentation SUSE workshop Brussel September 24th 2014
Presentation SUSE workshop Brussel September 24th 2014Yenlo
 
[Tel aviv merge world tour] Qwilt P4 Conference
[Tel aviv merge world tour] Qwilt P4 Conference[Tel aviv merge world tour] Qwilt P4 Conference
[Tel aviv merge world tour] Qwilt P4 ConferencePerforce
 
Development of BlankOn packages whit OpenSUSE
Development of BlankOn packages whit OpenSUSEDevelopment of BlankOn packages whit OpenSUSE
Development of BlankOn packages whit OpenSUSERahman Aftian
 
Puppet | Custom Modules & Using the Forge
Puppet | Custom Modules & Using the ForgePuppet | Custom Modules & Using the Forge
Puppet | Custom Modules & Using the ForgeAaron Bernstein
 
Casos de uso para aplicaciones tradicionales en un mundo de contenedores
Casos de uso para aplicaciones tradicionales en un mundo de contenedoresCasos de uso para aplicaciones tradicionales en un mundo de contenedores
Casos de uso para aplicaciones tradicionales en un mundo de contenedoresSUSE España
 
Rock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityRock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityGabriella Davis
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 

More Related Content

Similar to Power Your Directory with openSUSE and Samba

SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UKSUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UKhuguk
 
Manage Virtual Machines with WebVirtMgr on openSUSE
Manage Virtual Machines with WebVirtMgr on openSUSEManage Virtual Machines with WebVirtMgr on openSUSE
Manage Virtual Machines with WebVirtMgr on openSUSEDendy P. Delly
 
Getting Started on Packaging Apps with Open Build Service
Getting Started on Packaging Apps with Open Build ServiceGetting Started on Packaging Apps with Open Build Service
Getting Started on Packaging Apps with Open Build ServiceAndi Sugandi
 
Ceph_in_a_Windows_world
Ceph_in_a_Windows_worldCeph_in_a_Windows_world
Ceph_in_a_Windows_worldsuncbing1
 
Productos de SUSE basados en CaaSP
Productos de SUSE basados en CaaSPProductos de SUSE basados en CaaSP
Productos de SUSE basados en CaaSPSUSE España
 
Puppet - Configuration Management Made Eas(ier)
Puppet - Configuration Management Made Eas(ier)Puppet - Configuration Management Made Eas(ier)
Puppet - Configuration Management Made Eas(ier)Aaron Bernstein
 
Using Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkUsing Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkDocker, Inc.
 
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)Uyuni Project
 
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...Alen Leit
 
SUSE Enterprise Storage - a Gentle Introduction
SUSE Enterprise Storage - a Gentle IntroductionSUSE Enterprise Storage - a Gentle Introduction
SUSE Enterprise Storage - a Gentle IntroductionGábor Nyers
 
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster Dirk Oppenkowski
 
SUSE Open Stack Cloud.
SUSE Open Stack Cloud.SUSE Open Stack Cloud.
SUSE Open Stack Cloud.briggsy_uk
 
Presentation SUSE workshop Brussel September 24th 2014
Presentation SUSE workshop Brussel September 24th 2014Presentation SUSE workshop Brussel September 24th 2014
Presentation SUSE workshop Brussel September 24th 2014Yenlo
 
[Tel aviv merge world tour] Qwilt P4 Conference
[Tel aviv merge world tour] Qwilt P4 Conference[Tel aviv merge world tour] Qwilt P4 Conference
[Tel aviv merge world tour] Qwilt P4 ConferencePerforce
 
Development of BlankOn packages whit OpenSUSE
Development of BlankOn packages whit OpenSUSEDevelopment of BlankOn packages whit OpenSUSE
Development of BlankOn packages whit OpenSUSERahman Aftian
 
Puppet | Custom Modules & Using the Forge
Puppet | Custom Modules & Using the ForgePuppet | Custom Modules & Using the Forge
Puppet | Custom Modules & Using the ForgeAaron Bernstein
 
Casos de uso para aplicaciones tradicionales en un mundo de contenedores
Casos de uso para aplicaciones tradicionales en un mundo de contenedoresCasos de uso para aplicaciones tradicionales en un mundo de contenedores
Casos de uso para aplicaciones tradicionales en un mundo de contenedoresSUSE España
 
Rock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityRock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityGabriella Davis
 

Similar to Power Your Directory with openSUSE and Samba (20)

SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UKSUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
SUSE, Hadoop and Big Data Update. Stephen Mogg, SUSE UK
 
Manage Virtual Machines with WebVirtMgr on openSUSE
Manage Virtual Machines with WebVirtMgr on openSUSEManage Virtual Machines with WebVirtMgr on openSUSE
Manage Virtual Machines with WebVirtMgr on openSUSE
 
Getting Started on Packaging Apps with Open Build Service
Getting Started on Packaging Apps with Open Build ServiceGetting Started on Packaging Apps with Open Build Service
Getting Started on Packaging Apps with Open Build Service
 
Ceph_in_a_Windows_world
Ceph_in_a_Windows_worldCeph_in_a_Windows_world
Ceph_in_a_Windows_world
 
OBS in numbers
OBS in numbersOBS in numbers
OBS in numbers
 
Productos de SUSE basados en CaaSP
Productos de SUSE basados en CaaSPProductos de SUSE basados en CaaSP
Productos de SUSE basados en CaaSP
 
Egkatastasis
EgkatastasisEgkatastasis
Egkatastasis
 
Puppet - Configuration Management Made Eas(ier)
Puppet - Configuration Management Made Eas(ier)Puppet - Configuration Management Made Eas(ier)
Puppet - Configuration Management Made Eas(ier)
 
Using Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkUsing Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at Splunk
 
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
Uyuni: the solution to manage your Linux infrastructure (OpenFest 2020)
 
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
Progress core product group strategy and roadmap - PUG Baltic Annual Conferen...
 
SUSE Enterprise Storage - a Gentle Introduction
SUSE Enterprise Storage - a Gentle IntroductionSUSE Enterprise Storage - a Gentle Introduction
SUSE Enterprise Storage - a Gentle Introduction
 
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
SUSE Linux Enterprise and SAP NetWeaver 7.30 HA Cluster
 
SUSE Open Stack Cloud.
SUSE Open Stack Cloud.SUSE Open Stack Cloud.
SUSE Open Stack Cloud.
 
Presentation SUSE workshop Brussel September 24th 2014
Presentation SUSE workshop Brussel September 24th 2014Presentation SUSE workshop Brussel September 24th 2014
Presentation SUSE workshop Brussel September 24th 2014
 
[Tel aviv merge world tour] Qwilt P4 Conference
[Tel aviv merge world tour] Qwilt P4 Conference[Tel aviv merge world tour] Qwilt P4 Conference
[Tel aviv merge world tour] Qwilt P4 Conference
 
Development of BlankOn packages whit OpenSUSE
Development of BlankOn packages whit OpenSUSEDevelopment of BlankOn packages whit OpenSUSE
Development of BlankOn packages whit OpenSUSE
 
Puppet | Custom Modules & Using the Forge
Puppet | Custom Modules & Using the ForgePuppet | Custom Modules & Using the Forge
Puppet | Custom Modules & Using the Forge
 
Casos de uso para aplicaciones tradicionales en un mundo de contenedores
Casos de uso para aplicaciones tradicionales en un mundo de contenedoresCasos de uso para aplicaciones tradicionales en un mundo de contenedores
Casos de uso para aplicaciones tradicionales en un mundo de contenedores
 
Rock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityRock Solid Sametime for High Availability
Rock Solid Sametime for High Availability
 

Recently uploaded

Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...software pro Development
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfproinshot.com
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024Mind IT Systems
 

Recently uploaded (20)

Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 

Power Your Directory with openSUSE and Samba

  • 1. Power your directory with openSUSE and Samba Case study: openSUSE Leap 15 and samba/ AD in K-12 educaton IT Consultant Anderson, IN USA Don Vosburg don.vosburg@libertyonline.org dvosburg@suse.com
  • 2. Agenda ● Why would anyone do this? ● Samba and openSUSE ● Case study environment ● Implementation ● Live “Look-in”
  • 3. Why do this at all? ● You have more time than money (CAL avoidance) ● AD is the standard for interoperability ● Simplicity/ubiquity of administration tools ● openSUSE is just cooler than Windows
  • 4. State of Samba AD in openSUSE ● Samba 4 first arrived in openSUSE 13.1: Release notes (2014-01-08) 5.3. Samba Version 4.1 Samba version 4.1 shipped with openSUSE 13.1 does not include support to operate as an Active Directory style domain controller. This functionality is currently disabled, as it lacks integration with system-wide MIT Kerberos.
  • 5. State of Samba AD in openSUSE ● openSUSE Leap 15 - samba 4.7, currently 4.7.10 – 15.1/Tumbleweed samba 4.9, currently 4.9.4 ● Several rpm packages are part of this: – samba – samba-client – samba-ceph – samba-doc – samba-dsdb-modules – samba-kdc - /usr/bin/samba-tool (samba-ad-dc in 15.1 and Tumbleweed) – samba-libs – samba-pidl – samba-python – samba-winbind
  • 6. How Samba4 delivers AD ● Several key services are consolidated into samba-ad-dc service: LDAP, DNS, and Kerberos ● Single configuration tool: samba-tool ● Default kerberos server: Heimdal (MIT added in 4.7) ● Samba recommends a separate domain controller for AD – with shares delivered on member instances ● DNS can be run with bind, but requires extra configuration
  • 7. Current limitations of Samba AD ● No PowerShell AD module ● No SYSVOL replication ● Directory mode maximum 2008R2 ● Limited application of computer GPO’s
  • 9. Liberty Christian School ● Two facilities in Anderson, IN ● 550 students K-12, 80 staff ● 150 Windows PC’s ● 575 Chromebooks ● 1 Old sysadmin – Two teenage helpers
  • 10. LCS IT information ● Each facility has two clustered KVM servers – Storage via iSCSI on Leap 15 ● Windows running as appliances ● SLES was default – Started with 11 ● Windows 10 standard ● Share server in each building
  • 11. Compelling events ● 9-yr-old Samba 3/LDAP domain getting harder to support ● Windows 10 1803 – breaks domain join ● Need for better standardization, interoperability ● No budget ● Local admins know Windows
  • 12. Implementation design ● Install Leap 15 DC in each facility ● “Classic Upgrade”, DNS internal (ad.libertyonline.org) ● Retain SLES11 share server names, rebuild on Leap 15 as domain members ● Reconfigure dependent services – PowerSchool (SIS) – Google G Suite (GCDS) ● Replicate in virtual world first to test ● Get Trent and Zack to help
  • 13. Results – Good, Bad, Ugly ● Good: All users and machines with passwords imported, shares work, Windows admin tools work, accomplished over winter break in January 2019 ● Bad: All users in one OU, groups imported but unpopulated with users, file permission changes needed ● Ugly: MIT kerberos labeled “experimental” – Samba backed away – Bug affected it at deploy time: ● CVE-2018-20217
  • 15. Have a lot of fun!
  • 16. License This slide deck is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license. It can be shared and adapted for any purpose (even commercially) as long as Attribution is given and any derivative work is distributed under the same license. Details can be found at https://creativecommons.org/licenses/by-sa/4.0/ General Disclaimer This document is not to be construed as a promise by any participating organisation to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. openSUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for openSUSE products remains at the sole discretion of openSUSE. Further, openSUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All openSUSE marks referenced in this presentation are trademarks or registered trademarks of SUSE LLC, in the United States and other countries. All third-party trademarks are the property of their respective owners. Credits Template Richard Brown rbrown@opensuse.org Design & Inspiration openSUSE Design Team http://opensuse.github.io/branding- guidelines/