Samba4 nmbd/smbd/winbindd

Sun Aug 26 06:38:00 MDT 2012

On 26/08/12 12:48, Andrew Bartlett wrote:
> On Sun, 2012-08-26 at 09:47 +0100, Rowland Penny wrote:
>> Hello all,
>>
>> On 18/08/12, Andrew Bartlett wrote this:
>>
>> [quote]
>> These different components perform different roles in the Samba system.
>> The AD DC has only one daemon binary you need to interact with, 'samba'.
>> Users wishing to have a file server or a domain member server need to
>> use 'nmbd, smbd and winbindd' as they have done with Samba 3.x
>> [unquote]
>>
>> To which I asked this question:
>>
>> Does this mean that you can use nmbd,smbd and winbindd on the samba4
>> server or not?
>>
>> He replied:
>>
>> [quote]
>> You can, but it will not be an AD domain controller.  Remember that
>> Samba 4.0 is also the next release after Samba 3.6, and so it does
>> everything that release does as well.
>> [unquote]
>>
>> Well based on this, I tried it and can now inform that it does not work!
>>
>> I downloaded and compiled Version 4.0.0beta7-GIT-b05d28e, did not provision.
>> Created /usr/local/samba/etc/smb.conf with contents that I know work on a
>> samba 3.6.3 client.
>>
>> I then ran 'net ads join -U Administrator at HOME.LAN' and got this:
>>
>> 'ADS support not compiled in'
> Recompile on a system with the ldap development headers.

OK, will do.
>
>> so tried:
>> samba-tool domain join HOME MEMBER -U Administrator at HOME.LAN
>>
>> After entering the password I got this:
>>
>> Joined domain HOME (S-1-5-21-1601855890-33271501-835292257)
>>
>> It seemed to join, so started the daemons:
>>
>> /usr/local/samba/sbin/nmbd -D
>> /usr/local/samba/sbin/smbd -D
>> /usr/local/samba/sbin/winbindd -D
>>
>> But winbindd did not start, so tried /usr/local/samba/sbin/winbindd -i
>>
>> winbindd version 4.0.0beta7-GIT-b05d28e started.
>> Copyright Andrew Tridgell and the Samba Team 1992-2012
>> Could not fetch our SID - did we join?
>> unable to initialize domain list
>>
>> I dumped the samba4 database to an ldif and checked for the computer, it
>> is there.
>>
>> So, whilst you can set Samba4 as you would Samba 3.6, it will not work.
> The issue here is that samba-tool isn't a tool you can find in Samba
> 3.6, and it operates on a different database.
>
> However, what you raise here is a very important point.  It remains on
> my todo list to have ./configure fail if you are missing key development
> libraries, such as ldap-devel.  Similarly, it is reasonable to expect
> that 'samba-tool domain join' would do the same as 'net ads join'.  The
> issue here is that while it is joined, the information is written in
> secrets.tdb, while 'winbindd' only looks at 'secrets.tdb'.  We can and
> should fix that as well.
>
> If you file a bug on both of those, I'll try and get it fixed this
> week.

As I have never filed a bug report before, could you tell me how?

> Andrew Bartlett

Thanks

Rowland

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.