inhibit startup of smbd/nmbd/winbindd when an AD DC (was Re: Releasing Samba 4.0 RC1?)

Andrew Bartlett abartlet at samba.org
Sat Aug 18 15:50:57 MDT 2012


On Sat, 2012-08-18 at 19:48 +0200, Michael Wood wrote:
> Hi
> 
> On 17 August 2012 23:52, Andrew Bartlett <abartlet at samba.org> wrote:
> > On Fri, 2012-08-17 at 13:46 -0300, Juan Pablo Lorier wrote:
> >> Hi Andrew,
> >
> >> I deal with a lot of Microsoft lovers that often diminish the power of
> >> open source software and Samba is a keystone for Unix/linux system to
> >> stay strong in server environments and for gaining new desktops everyday
> >> and I defend it as the great product it is, just don't want those guys
> >> something to ground their critics.
> >> Regards,
> >
> > G'day Juan Pablo,
> >
> > I understand your concern, and we may very well ship Samba 4.0 with a
> > general caution on multi-DC use (also because we do not have a file
> > systems replication protocol for sysvol yet).
> >
> > However, as you would have seen elsewhere in this thread, there is a
> > cost to constantly calling this a beta:  network administrators who have
> > tested Samba carefully and do have Samba 4.0 working very well for them
> > are forced to argue why their networks should be trusted the beta
> > software.  We know our code isn't perfect, but our automated testing
> > also shows it is pretty good, and we also need to show some of the same
> > confidence our users are already putting in it.
> >
> > We will not stop working to address the very real issues that do come
> > up, but we should draw a line in the sand and say 'our users can
> > confidently use this'.
> 
> I think it might help to make it extremely clear and explicit that
> Samba 4 can be run as a DC using the samba binary, or it can be run
> like a Samba 3 file/print server using the smbd/nmbd binaries, and any
> other modes it can be used in.  I know the release notes try to do
> this, but I think there's still a lot of confusion from users.

I actually plan to do more than that.  It's a little tricky (which is
why it's not done yet), and I'll allow an override, but being a AD DC
puts 'server role = active directory domain controller' in the smb.conf.
I would like to have smbd/nmbd/winbindd check this value and then simply
fail to start up.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org




More information about the samba-technical mailing list