(update at end of post)
Last night, I decided to take a stab at setting up a SAMBA4-based Active Directory Domain Controller. I first tried this on the newly released Debian 7.0, but quickly noticed it was still shipping a pre-4.0 beta.
Realizing I was probably going to have trouble finding a current version, I took off the training wheels and pulled a basic Arch Linux appliance into VirtualBox. To my surprise, almost all the content on the Arch wiki for SAMBA still relates to 3.x versions, or is limited to just “how to set up CIFS shares”.
Provisioning a SAMBA-based domain controller is simple enough, but Arch’s packagers have removed the startup scripts, preventing you from running the software (this doesn’t affect file shares, of course; that would have been noticed immediately). After voting on the bug, I manually worked around the issue by pulling the original configuration files from SAMBA’s tarball. I now appear to have the software running, but hit another roadblock in the final stretch.
AD or Kerberos or whatever (I don’t even have it installed yet, give me a break) requires signed time responses from the local NTP daemon, but Arch’s NTP package is compiled without that feature. I quickly stole the package’s build file and add the option and compiled the daemon for myself. The wiki says I shouldn’t submit it to the AUR, instead, that I should file a bug against the already existing package. So, I’ve done that.
Update: The bugs were resolved overnight. Let me restate that — I encountered two small bugs. One had already been reported, so I simply left a comment on it. The other, I had to file myself. While I slept, all necessary changes were committed, new packages were published, and the things I couldn’t do last night are now no longer problems. Even though these were “small” things, I wonder how long it would have taken to resolve the same issue in Debian or Ubuntu. Many thanks to the Arch Linux package maintainers!