status of rpc servers in s3, and which process should handle ncalcrpc and ncacn_ip_tcp?

Andrew Bartlett abartlet at
Fri Mar 2 19:41:36 MST 2012

I've been looking more closely at the rpc server setup, and I remain
quite confused by the current state.

In particular: Which process should handle ncaclrpc and ncacn_ip_tcp
connections for embedded RPC services?

Currently it looks like it would be a race between the parent smbd,
spoolssd, lsasd and any forked SMB-handling child, because the events
are added to the main event loop. 

Moving the initialisation of embedded services below the forked deamons
is easy, but should we fork off a child to handle these?

Also, if I may, can I get a bit of background on the status and overall
architecture here?  There has clearly been a lot of work done here to
build a system that can allow lsa, netlogon, samr and spoolss
interactions to occour out-of-process, and likewise an end point mapper
has been built.

But all this seems to be disabled by default, and I couldn't find any
other relevant patches after this commit:

commit da2347379e04caf5b7bbd3a6704b03e03c8bf30a
Author: Andreas Schneider <asn at>
Date:   Wed Aug 31 14:53:52 2011 +0200

    s3-rpc_server: Disable epmapper by default.
    We need more testing in the real world. We need to be sure that if a
    Windows client can access port 135 it doesn't require that a service
    available via ncacn_ip_tcp. If possible please enable it using the
    following smb.conf options for testing:
      rpc_daemon:epmd = fork
      rpc_server:epmapper = external
Was there a major problem that was found that I should know about?

What is the use case for ncaclrpc and ncacn_ip_tcp access (particularly
for the embedded services)?


Andrew Bartlett
Andrew Bartlett                      
Authentication Developer, Samba Team 

More information about the samba-technical mailing list