winbindd on PDC

[simo]

On Sun, 2008-05-25 at 20:46 +0400, Alexander Bokovoy wrote:
> I'm reading through winbindd code. When we are PDC and want to run
> winbindd on the same machine to be able, for example, to run Squid
> with ntlm_auth helper, how to setup winbindd so that it actually
> works?
> 
> >From the code in winbindd_misc.c and winbindd_cm.c I see that we
> intentionally mark our own (internal) domain as offline so that
> winbind's child wouldn't get into loop with main winbindd. However,
> this means that it is unable to serve any requests that rely to this
> child's domain (our own domain)  that require connection to netlogon
> share and  wbinfo -t, wbinfo -a don't work, reporting
> NT_STATUS_NO_LOGON_SERVERS from init_dc_connection() (because
> domain->online is false there).
> 
> What am I missing here? Is it at all possible to have samba/squid on
> one box that serves as PDC?

Alexander,
what samba version is this ?

We did quite some work to fix exactly this problem after 3.0.28

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>