First though I am not a Linux or Samba expert; I consider myself maybe intermediate. The attendance for this post is for Microsoft IT’s pros that who might be searching for Linux/Samba versions for Active Directory or a person using Samba who wants to check other Samba AD servers.
I’m placed several posts for Samba Active Directory server, Zentyal DE 5.0 and NethServer 7 over specific services in the past few months, and it’s time to compare Zentyal DE 5.0 and NethServer 7 in regards for a use of Samba Active Directory server.
Note: I am not comparing ClearOS 7 because Samba Active Directory (Beta) just does not work on ClearOS http://wp.me/p5qHcj-Im.
Samba Active Directory
Samba released the 4.6.0 version on March 7, 2017 and version 4.6.0 is fully compatible with Microsoft Windows 10, allowing Windows 10 to see the netlogon and sysvol folder in a Samba Active Directory server http://wp.me/p5qHcj-TK.
You can also join another(s) Samba Active Directory with 4.6.0 and have a duplicating, read/write AD in case one of the servers goes down http://wp.me/p5qHcj-Uh. And one of the server is dead and won’t come back to life, or you decide do you don’t need another DC, you can can demote the DC http://wp.me/p5qHcj-Uw.
You can use Shared Folders on the Samba AD, making them public or private to a group or private to only one person http://wp.me/p5qHcj-U9. Also you can set up user home shared folders https://wiki.samba.org/index.php/User_Home_Folders using ADUC but not with Group Policy. Group Policy should work but it doesn’t.
And if the one and only Samba AD goes dead, you can restore it http://wp.me/p5qHcj-Uy by building another same-version of Samba and restoring the Samba bzip2 files. However, the disaster restore of Samba AD does not restore the Shared Folders sharing and security permissions – Everyone has Full Control. But you can easily change the permissions by using the Administrator using Windows and changing the Everyone and add/subtract what you want.
Note: You can add ‘–xattrs’ in the tar lines in the samba_backup file and add ‘–extract’ when you extract the files, and the share permission are kept but not the security permissions.
With NethServer 7, released on January 30, 2017, the Samba Active Directory is version 4.4.5 according to the domain controller profile on ADUC. Version 4.4.5 isn’t fully compatible with Microsoft Windows 10 and Windows 10 can’t see the netlogon and sysvol folder http://wp.me/p5qHcj-Px. You can create/delete/edit users either by the NethServer website or by the ADUC.
You can join another NethServer but it is only Read mode and not read/write mode http://docs.nethserver.org/en/v7/accounts.html. NethServer is more compatible with Microsoft Essential server (formally named Small Business Servers) because Essential server is the only one with Active Directory.
You can use Shared Folders on NethServer 7 and is the same as using Samba 4.6.0 server http://wp.me/p5qHcj-Sd. However, you can’t change the Shared Folder permission using Windows 10; you can only change the permission by using the NS website. NethServer also set up user home folders by default.
However, if your NethServer is dead or is corrupt, the restore is not working including the disaster restore http://wp.me/p5qHcj-QF. The file shares are not working and it seems you are partially joined the domain, and if you will have to rejoin the domain more than once.
Zentyal Development Edition 5.0
With Zentyal DE 5.0, what date it was released I don’t know, the Samba version is 4.5.6 according to the domain controller profile using ADUC. Version 4.5.6 isn’t fully compatible with Microsoft Windows 10 and Windows 10 can’t see the netlogon but can read the sysvol folder http://wp.me/p5qHcj-Ew. You can create/delete/edit users either by the Zentyal website or by the ADUC.
I setup a replication Zentyal AD server that duplicates. However, with no 5.0 documentation from https://wiki.zentyal.org/wiki/Official_Zentyal_doc I am not sure I setup it right.
With Zentyal 5.07 Core version adding a Shared Folder works but you have to change the share and security permissions using Microsoft Windows to make them work that you want them to work http://wp.me/p5qHcj-Ew. Zentyal also set up user home folders by default.
And if your Zentyal is dead the disaster restore is not working http://wp.me/p5qHcj-GU in regard to File Sharing and the home share, and both File Sharing and the home share is missing the security permissions.
As of today, March 19, 2017, I would go with Samba Active Directory server and not with NethServer 7 or Zentyal DE 5.0. Even though they are trying to be a complete Samba AD server and a competition with Microsoft server, but they are not quite ready just as yet. The biggest con with both of them in disaster recovery; they don’t work and I can’t figure how to finagle them to work.
Nethserver places their documentation on their website http://docs.nethserver.org/en/v7/release_notes.html and has a big community that does support, bugs, features and other categories http://community.nethserver.org. They also post their beta and RC’s for download and feedback.
In the opposite corner is Zentyal, who has a limited community https://forum.zentyal.org/ and who won’t place the 5.0 documentation on this website https://wiki.zentyal.org/wiki/Official_Zentyal_doc. For that reason I am not sure I would use Zentyal even if it works. Also I am not sure that’s the way to make people buy or trial the commercial version is by blocking the current documentation.
I check again in with NS and Zentyal when they release the next version, just like some of the IT pros that wait until the first Service Pack to try a new OS.
For now, cheers 🙂