cm_prepare_connection() & SMBSERVER Netbios query
Volker.Lendecke at SerNet.DE
Tue Dec 14 01:16:49 MST 2010
On Tue, Dec 14, 2010 at 07:24:44AM +0000, Dina_Fine at Dell.com wrote:
> > > Sure, sounds perfectly reasonable. The simplest way would be to just
> > > skip 139 if winbind knows that a domain is AD.
> What do you mean if winbind knows that a domain is AD - what else can it be?
Well, there are Samba domain controllers around, and I bet
there are still NT4 domains in production.
> Why winbind needs 139 at all? Is it used for some real
> netbios purpose? Can it try to open only port 445?
For Samba upstream I fear that we break installations with
broken firewall setups where port 445 is blocked and port
139 is allowed. We used to attempt a connection to 139, and
just dropping that might break sites unnecessarily.
> I ask those questions because we also have a product with
> samba 3.0.37 and I want to make a very small change there.
> Your patch is relevant to 3.5.x which I will test later on
> our other product branch.
For your 3.0.37 build I would just delete the code that
connects to port 139. Probably you have a sufficient path to
your customers to explain this change and the implications
required for the firewall setups. With upstream Samba we
don't have a real path to all our customers.
More information about the samba-technical