Samba install on pfSense



  • I've tried to extrapolate instructions from this page in order to install samba4 on a test pfsense-nanobsd (2.1.5 RELEASE) box, unfortunately the installation didn't go through well and I ended up with a messed up system.
    https://doc.pfsense.org/index.php/Samba

    Before trying again I wanted to run by the forum with the hope that if someone did the same on the current revs additional guidance might be available.

    The version that I am trying to install is:
    ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9.2-release/Latest/samba4.tbz

    Thanks for any help.
    Halea



  • @haleakalas:

    I've tried to extrapolate instructions from this page in order to install samba4 on a test pfsense-nanobsd (2.1.5 RELEASE) box, unfortunately the installation didn't go through well and I ended up with a messed up system.

    Best advice I have is don't do it.  No reason to have samba on a firewall.

    If you must do it, use a package for FreeBSD 8.3, which is what 2.1.5 is based upon.  The 9.2 package you referenced won't work AFAIK.



  • That's kinda what I was afraid of (version 9.x stuff wouldn't run on 8.x).
    Well, first of all I have no intention to run samba on pfsense on a production system (at least for now), I understand the security implications.
    And I actually installed and used samba under pfsense 2.15 in the past and it worked fine, again in a testing environment.
    What I am trying to figure out is how good is the domain controller feature in version 4 of samba, and to the best of my understanding samba 4 is only available in the FreeBSD v9.x package. (I have to admit, if that worked fine and I could harden a pfsense system with wdc then I would try to run both on a router/firewall/dc box)
    Halea



  • Don't risk your firewall by running other things on it.

    If you have absolutely no money at all and need to bring things together on the same hardware, then at least virtualize. Choose whatever vm-platform you feel comfortable with.

    Since I personally don't have the in-depth knowledge to secure my vm-host absolutely, I virtualize almost everything except the firewall.


  • Netgate Administrator

    Yep, virtualise it if you have to.
    That said you're clearly doing this for experimental purposes so the usual warnings don't really apply. On several occasions i've thought there might be a place in pfSense for partial samba package, specifically the WINS component. In a small SOHO network the ability to act as the browsemaster could be very useful where no AD server or other alternative exists. There have been many posts asking about such a feature.

    Steve



  • @haleakalas:

    What I am trying to figure out is how good is the domain controller feature in version 4 of samba, and to the best of my understanding samba 4 is only available in the FreeBSD v9.x package.

    You should try NAS3Free (http://www.nas4free.org/), which is also based on FreeBSD, it's got common roots with pfSense, it even uses the same config system and web engine, moreover it's available in full and NanoBSD versions, just like pfSense.

    There's also FreeNAS and OpenMediaVault, these are samba-optimized things jus like NAS4Free.



  • @robi:

    You should try NAS3Free (http://www.nas4free.org/)…

    Since Samba version 4 is only available as alpha release from NAS4Free, it is probably not the best implementation for evaluating the version 4 capabilities.

    And again, running sensitive things like a dc and/or storage on a firewall (no matter how hardened it is) is a bad idea if security is a consideration.