Winbind and domain logons = yes

Raphaël Berghmans rberghmans at
Wed Nov 19 10:54:36 GMT 2003

On Tue, 2003-11-18 at 16:50, Gerald (Jerry) Carter wrote:
> Hash: SHA1
> Raphaël Berghmans wrote:
> |
> | To make a migration from NT4 to samba I've configured
> | a samba server with domain logons = yes (to be BDC for
> | the NT4 PDC) and with Winbind (to emulate add user script
> | as explained in WHATNEWS.txt).
> |
> | "wbinfo -u" works fine but "getent passwd" doens't
> | work (nsswitch is correctly configured). When I set up
> | domain logons = no : "getent passwd" works fine !
> |
> | Is this a normal behaviour ?
> Yes.  We can't be a BDC for an NT PDC.  Where did you read
> this in the docs?

Yes I agree with you but to make a "net rcp vampire" the samba must be 
recognize by NT as BDC, otherwise the access is DENIED by NT.

In WHATNEWS.txt I found this :

New functions have been added to winbindd to emulate the 'add user 
script' family of smbd functions without requiring that external
scripts be defined.  This functionality is controlled by the 'winbind 
enable local accounts' smb.conf parameter (enabled by default).

Then with this functionality which steps have to be done to migrate SAM from NT4 to Samba/LDAP ?

- Does winbind have to be started ?
- nsswitch.conf configure with winbind ?

See you



More information about the samba-technical mailing list