Samba 4.0 AD DC firewall ports

Andrew Bartlett abartlet at
Fri Dec 28 20:14:12 MST 2012

On Sat, 2012-12-29 at 00:29 +0200, Andriy Shinkarchuck wrote:
> 2012/12/29 Andrew Bartlett <abartlet at>:
> > On Fri, 2012-12-28 at 19:59 +0000, Jon Reeves wrote:
> > One warning on trying to pin this down to a static list of ports.
> > Samba, like Windows, supports dynamic RPC services.  The '1024' above is
> > actually a dynamic port, and if something else occupies 1024 for some
> > reason, it will be a different port.
> >
> > We don't just let the kernel allocate it, in the hope that we can grab
> > 1024 (we literally walk up from 1024) but it isn't certain.
> Andrew, tell please, is it possible to use for that dynamic port
> (number 1024) such workaround, that NFS has:
> by default NFS server allocates random ports for RPC services, but
> these ports can be defined statically with daemon's command line
> options (and thus with startup config file)? (see

Patches are welcome, but currently the code doesn't support this.

I agree it would be useful to be able to pin this down.

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 

More information about the samba-technical mailing list