Craig, Again you assume facts not stated, exchange wasn't a factor. LDAP was chosen because the documentation supported it AND I had used it elsewhere with success, you decided it wasn't necessary and you don't know my network or the facts, that is arrogant on your part. DCPromo wasn't used as it runs on Windows boxes, not the Ubuntu server I was using, again you assumed I'm an idiot and your ignorance is showing. You can't downgrade an SBS server to a legacy mode because of Exchange, conversions are one way and not reversible. Chapter 4 of the Samba manual discusses and clearly explains the use of LDAP and recommends it's use, so where you get your facts from is not clear to me, perhaps the manual is wrong. Since the LDAP configuration occurs in several other chapters I have to wonder why it would be documented if not supported, and since you have no first hand knowledge of my network, you have to be pretty arrogant to tell me when or where I need it. You accused me of not knowing my craft and you don't know the facts, but as you pointed out and I openly admitted I didn't know what I was doing. I read the documentation, and I made my best guess as to it's implementation and it didn't work and there were serious consequences. That YOU can't dispute, I have the proof in the failure, so you will have to accept them as I didn't imagine it. The damage occurred when I was attempting to configure and synchronize the Linux machine to my existing domain using webmin and the information I obtained from the Samba website, again these are the facts and you disputing them is calling me a liar. You keep saying I was building a domain controller, I never said that, I said I was attempting to configure LDAP and Kerberos to work with my existing domain controller, again you have no idea what I was doing, but your sure I am making it up. I was attempting to use the Single Sign On and use LDAP for the AD directory storage and synchronization, which is discussed in the manual. I am familiar with it and I have used it elsewhere. If I knew what I was doing wrong, then I obviously wouldn't have done it a second time to verify my results, which were the same, again facts you can't dispute, unless you want to keep calling me a liar. The existing Microsoft Domain controller stopped working and required a complete restore to function again, not to mention every workstation having to be reset. Whatever Winbind, LDAP and the Kerberos configurations I did (covered in the manual), the minute I synced that Linux server to my domain controller is stopped working, I was there and I have the Microsoft Trouble ticket for them to do a post mortem and tell me what had happened, so again you are being arrogant that you know everything and you know what I did wrong. The fact that I screwed it up is still the fact, you just keep calling me a liar when I explained what I did. I am new to Linux so I started with the UBUNTU server manual reading up on Samba, and then I went to Samba.org to investigate something that was made to sound relatively simple, create a file server to share files on a windows network and use the single sign on capability in Samba. Did I understand everything I read, I thought so, and the documentation seemed reasonable and I followed it, and it contributed to a big problem. Why, probably because I used my Microsoft experience to understanding the Samba manual. Ok, so I screwed it up, you still don't have the right to call me a liar and tell me I don't know my job because I tried something new and attempted to expand my knowledge. As for your tone, I don't appreciate you attacking me and accusing me of lying, when I clearly stated I was in error, it was my fault and that I obviously misunderstood the manual. You accused me of fabricating the facts, they are still true, I attempted to follow the manual relying on my experience and I was wrong, but the manual gave me information and lead me to those conclusions. You continue to attack my experience and you don't know me, you didn't have all the facts, but you spout off that you know everything and I'm a liar, that is just rude and arrogant. I still stand that my explanation is the record of the facts, your assumptions are not based on you knowing what I did, where I went wrong and what my abilities are. They are your opinions being defended by your experience and nothing more. You can have the last word and post your response, but I am done and I have nothing more to say. Best wishes. Sean Parsons -----Original Message----- From: plug-discuss-bounces@lists.plug.phoenix.az.us [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Craig White Sent: Sunday, January 31, 2010 9:26 PM To: Main PLUG discussion list Subject: RE: Looking for a mentor/adviser On Sun, 2010-01-31 at 20:55 -0700, Sean Parsons wrote: > Craig, > You are the master, and I'm just an idiot with 20 years of Microsoft > experience..... so you win, I'm totally wrong. > > I got nothing more to add, and no desire for this to continue to escalate. > Thanks for your time, and best wishes for the future. ---- I suspect that what you actually did was to run dcpromo on your Windows SBS server and set it to 'legacy domain controller' in order to have your Samba server join the domain as a 'controller'. That of course, immediately broke Exchange. Of course, this is just a guess. The only reason you would need LDAP on Linux was if it was to be a domain controller which the documentation clearly states that it cannot be a domain controller on an AD domain. I am not escalating anything nor am I all that invested in your setup because I am only left to guess what you did. I am pretty confident that you were groping and eager to try anything without understanding the reasons and the ramifications. I have seen many people who think that they understand Windows networking but can't function beyond the wizards and GUI provided by Microsoft, can not query LDAP from CLI, don't actually understand how LDAP actually works, how to access it, how to extend it, etc. I can appreciate the extreme difficulty of trying to configure LDAP when you don't actually understand it because I learned it simultaneously with Samba 3 right when Samba 3 was released and it made me pull my hair out trying to learn them simultaneously and all the while I was thinking that Samba 3 was pretty much like Samba 2 (it wasn't - it's just that the commands looked the same). My advice... if you don't fully understand Linux, learn that first. At the point you are comfortable with Linux, learn Samba. At the point that you are fully comfortable with Samba, learn LDAP (if you actually need it or want to use Samba as a domain controller). Recognize that until Samba 4 is actually usable (and it will still be quite some time to reach that stage), you cannot use Samba as a domain controller in any domain that uses 'Exchange Server' 2003 or newer simply because Exchange Server 2003/2007 absolutely require current AD structure. But you can have a separate domain and set up trusts between your Samba domain and your AD. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss