Samba4 Alpha 8 Status

Sassy Natan sassyn at
Mon May 4 15:11:32 GMT 2009

Samba 4 Alpha 8

Dear Group Member

I was wonder if anyone can tell when Samba4 Alpha 8 will be release.

I have being playing with it for quite a while and it seems to work very
good on my Linux Debian Lenny Version.

This version which includes Microsoft Full Active Directory Schema allows me
now to have a centralized database for my windows and UNIX user, so now all
my users authenticated via the Active Directory even if they are using Unix,
Linux or MacOX. (To achieve this I have used Kerberos, libnss_ldap and

The fact you have RFC2307 attributes and classes in the schema really makes
life easier when we are talking about SID-UID mapping.

But I still have some questions in mind:

1. What is the use of using OpenLDAP as backend with Samba4? Is it better to
have it as a stand alone, without OpenLDAP? Or this will increase

At the moment I am using it with openldap backend but I was wonder maybe I
can left it out in a production environment?

2. I notice that the slapd 2.4.15 crashed while using ADUC. This happened
like 5 times but I can’t really tell at the moment what the cause of the
problem is.

3. When Creating Users in the domain – they aren’t being added automatically
to the Domain Users Group. This was working in the Alpha 6.

4. I can’t change a user password from the command line anymore. This was
working in the Alpha 6. Here is was I’m getting

Dev:/var/log#  net password set -UAdministrator%password user

Enter new password for account [HOME\users] :

net_password_set: Connection to SAMR pipe of PDC of domain 'Home' failed:
return code = -1

5. I was wonder if anyone can provide some help how to use samba3 with
windows active directory rc2. I have a configure my opensolaris machine
with NTP, Kerberos, PAM_KRB5, LIBNSS_LDA  so now when doing "getent passwd"
I get all my users in AD (Windows) and can logging and logout without a
problem. The UID and GID of the users come from the AD since I used the Unix
Services option. My question is how to use the information from the AD with
winbind. I know there is a way to use it with the RID but I think the best
option here is to use the info comes from the AD.
I did some test and this is what i have at the moment - Can someone give me
some feedback:
workgroup = HOME
realm = HOME.LOCAL
server string = %h Main Share Server (Samba %v)

log file = /var/log/samba/log.%m
max log size = 50
log level = 9
debug level = 10
syslog = 0

security = ADS
allow trusted domains = no
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root

idmap backend = ad
*winbind nss info = sfu
*winbind nested groups = yes
winbind use default domain = yes

comment = Home Directories
browseable = no
read only = no
inherit acls = yes
inherit permissions = yes
writable = yes

This seems to do the work, but when using it with samba4 the SID-UID mapping
takes forever.

What do I miss?



More information about the samba-technical mailing list