Single binary to rule them all!

Christopher Chan christopher.chan at
Mon Feb 18 19:23:06 MST 2013

On Tuesday, February 19, 2013 10:13 AM, Ricky Nance wrote:
> Not exactly, however I suppose a role could define what services are used.
> I was thinking more along the lines of older style configs, member servers,
> NT4 Style PDC's, and similar other setups. I am not opposed to
> samba_upgradeprovision or samba-tool testparm (and some option) determining
> what role should be used based on what config options. Then when a user
> runs 'samba' it can tell quickly what to use based on the role.

samba and the smbd/nmbd/winbindd combination are not "compatible".

 From what I gather, samba daemon's internal winbind is different from 
the winbindd daemon. I am not sure that having both running is supported 
unless they have separate sockets and they would definitely have 
different backends.

In short, it is a case of either samba or the smbd/nmbd/winbindd 
combination. So this one binary to rule them all is a misunderstanding 
of how things work in samba4.

> Ricky
> On Mon, Feb 18, 2013 at 7:49 PM, Dewayne Geraghty <
> dewayne.geraghty at> wrote:
>>> -----Original Message-----
>>> From: samba-technical-bounces at
>>> [mailto:samba-technical-bounces at] On Behalf Of
>>> Ricky Nance
>>> Sent: Tuesday, 19 February 2013 11:49 AM
>>> To: Samba Technical
>>> Subject: Single binary to rule them all!
>>> As the subject says, I (along with a few others that I have
>>> spoken with) think that it would make sense that the 'samba'
>>> binary would take the lead and start the other binaries as
>>> needed (smbd, nmbd, and winbindd). So what I am looking for
>>> is possibly starting on something in writing about the
>>> 'server role' directive. I know there are a few supported
>>> right now, but would like to have a list that says, if
>>> directive A, directive B, and directive C exist in a config,
>>> then it MUST be server role A. I think this would be the
>>> first essential step in a single binary startup, and that ,I
>>> feel, would make package maintainers much happier.
>>> Thanks for your feedback,
>>> Ricky
>>> --
>> Ricky,
>> Doesn't the samba executable already perform this functionality.  I'm able
>> to turn on/off most AD DC functionality through the
>> smb.conf "server services = " parameter.
>> For example a kerberos/ldap authentication engine with
>> smb.conf
>>    server services = rpc, ldap, kdc
>> I believe the full suite of services is:
>>    server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
>> winbind, ntp_signd, kcc, dnsupdate
>> A problem occurs when I only need a samba4 fileserver, so I add to
>> configure:
>> --without-ad-dc
>> Of course the samba-tool must then be told the --server-role.
>> I haven't tried building an Samba4 AD-DC, and only turning on the services
>> for a member.
>> So, are you proposing that the full AD-DC be built and through
>> manipulating smb.conf, the character of the machine is defined by
>> moving some of the functionality from samba-tool into what processes
>> smb.conf?
>> Regards, Dewayne.
> --

More information about the samba-technical mailing list