I’ve been running two Samba 4 Domain Controllers for my lab environment for a few months now, and aside from an occasional quirk such as having to use RSAT on Windows 7/Server 2008 R2 and editing an .ini file when creating a new Group Policy object it has been a good setup for my lab.
Group Policy Modeling doesn’t work, so I do have to be careful on what is configured in Group Policy, but I can live with that.
Last night I was working on getting pfSense configured to use LDAP authentication. Again this just worked as expected, connect to 389 on the Samba Domain Controllers and go. I took it a step further, cut a SSL certificate for my lab’s Active Directory domain from StartSSL and configured Samba to use that certificate for LDAPS. Again, everything just worked as expected.
I even got Samba member servers working, really not sure why it wasn’t working on my previous attempt. I’ll be switching out my Windows file server for a Linux one soon.
One of my goals with the lab is to have a nice stable “infrastructure” for learning new things. Using Windows Server evaluation licensing to build the base infrastructure seemed incompatible with that, which is why Limix servers are being slotted into those places where possible. If I want to test or learn a new product, I want to set it up on a VM and get to it, not build up Active Directory and all that then get around to testing.
As a side benifit I have a nice working Active Directory, file servers, VPN, etc. for media servers and other services I want to use.