inhibit startup of smbd/nmbd/winbindd when an AD DC (was Re: Releasing Samba 4.0 RC1?)
Gémes Géza
geza at kzsdabas.hu
Mon Aug 20 02:20:54 MDT 2012
2012-08-19 09:12 keltezéssel, steve írta:
> On 18/08/12 23:50, Andrew Bartlett wrote:
>> On Sat, 2012-08-18 at 19:48 +0200, Michael Wood wrote:
>>> Hi
>>>
>>> On 17 August 2012 23:52, Andrew Bartlett <abartlet at samba.org> wrote:
>>>> On Fri, 2012-08-17 at 13:46 -0300, Juan Pablo Lorier wrote:
>>
>>> I think it might help to make it extremely clear and explicit that
>>> Samba 4 can be run as a DC using the samba binary, or it can be run
>>> like a Samba 3 file/print server using the smbd/nmbd binaries, and any
>>> other modes it can be used in. I know the release notes try to do
>>> this, but I think there's still a lot of confusion from users.
>>
>> I actually plan to do more than that. It's a little tricky (which is
>> why it's not done yet), and I'll allow an override, but being a AD DC
>> puts 'server role = active directory domain controller' in the smb.conf.
>> I would like to have smbd/nmbd/winbindd check this value and then simply
>> fail to start up.
>>
>> Andrew Bartlett
>>
> Hi
> Oh dear. That sounds bad. Does that mean that we will no longer be
> able to use AD, s3fs and winbind on the same box as we can do
> (reliably) at the moment?
> Cheers,
> Steve
>
No, that would mean you won't be able to run conflicting binaries
simultaneously.
For clarity, samba4 (with s3fs) consist of two (server function
providing) binaries: samba and smbd. smbd listens on ports 139 and 445
providing file services (s3fs), samba listens on a plenty of ports
providing lots of services like a kerberos kdc, etc. It also provides
its internal nmbd and winbind services. On the other hand a samba3 lets
call it classic installation consist of three (server function
providing) binaries: smbd, nmbd and winbind. If you would start any of
those that would cause unpredictable conflicts.
In conclusion disallowing the start of smbd, nmbd and winbind daemons if
the samba binary is running would save the users from shooting
themselves on foot.
Regards
Geza Gemes
More information about the samba-technical
mailing list