Samba 4 and winbind

Rowland Penny repenny at
Mon Apr 15 11:47:32 MDT 2013

On 15/04/13 18:23, Alexander Bokovoy wrote:
> On Mon, Apr 15, 2013 at 7:12 PM, Rowland Penny <repenny at 
> <mailto:repenny at>> wrote:
>     On 15/04/13 16:47, Jeremy Allison wrote:
>         On Mon, Apr 15, 2013 at 04:42:50PM +0100, Rowland Penny wrote:
>             Again, this I understand, but if Winbind was a stand alone
>             daemon,
>             like it is with S3, then you could choose to use it or not. I
>             actually think that if there was a choice then most people
>             would
>             choose not to use winbind due to its complexity  and
>             inconsistency.
>         Oh, bitching on winbindd again. Very popular on this list it
>         seems :-).
>         If you have specific problems, please log bugs. Don't just
>         try and make some specific code into the boogyman, we've
>         had enough of proprietarty vendors doing that against the
>         whole of Samba thanks very much, we don't need our own users
>         to join in.
>         Jeremy.
>     OK, do you really want me to log a bug that basically says that
>     because S3 & S4 winbinds are different and the fact that you
>     cannot get the same uidNumber on the server as on the clients that
>     winbind is broken!!
> Yes, I do want you to log this bug. There is no reason why winbind 
> implementation in Samba AD DC should use unpredictable and dependent 
> on the order of allocations high watermark algorithm.

Could you please write this again in English, specifically the last part.

>     You didn't answer the question either, why is winbind built into
>     the samba4 samba daemon.
> Design decision which has nothing to do with functionality exposed. 
> Whether it is built in or separate is irrelevant here, what is 
> relevant is its ID mapping algorithm being different from all already 
> deployed in the wild by means of previous Samba versions.
> Please try to keep technical discussion to the point rather than 
> driving it off-road.

Firstly I started this post, so I should probably be the one to say 
which way it goes, also I wasn't the one that posted the first snide 
post, that honour belongs to Jeremy Allinson, I just posted in the same 
way that he did.

Secondly, ok it was a design decision but as someone keeps saying on 
here, Samba 4 should work exactly the same as Windows AD and with that 
design decision it doesn't. There is nothing like winbind in Windows 
server, so there should be nothing like winbind built into samba 4. 
There should be no ID mapping built into any part of Samba 4 because 
there isn't any built into a windows server and just in case you haven't 
noticed samba 4 in AD mode is absolutely nothing like any previous samba 


> -- 
> / Alexander Bokovoy
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <>, and is
> believed to be clean. 

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba-technical mailing list