[PATCH] Allow winbindd to be run in the AD DC

Andrew Bartlett abartlet at samba.org
Tue Apr 8 21:37:22 MDT 2014


My testing is going surprisingly well, and the full branch can be seen
here:

http://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/ad-dc-winbindd

Attached is a patch to allow winbindd to be launched just as smbd is, by
the samba process.  As well as matching my proposed deployment pattern,
it allows testing by simply changing the smb.conf configuration or
defaults.

More broadly with this and the other patches I've sent or in the link
above, the passdb_samba_dsdb module is doing the hard work in the merged
winbindd, providing access to the users and groups, and most critically
to the idmap database. 

Currently we run the source3 RPC servers, not the source4 servers as the
code to use the RPC pipes does not appear to be being invoked from
winbindd. 

Even so, while we don't have a lot of tests for winbind, much of what we
do have does pass, and I would be very interested in seeing how this
works for others. 

Thanks,

Andrew Bartlett
-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba



-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-winbind-Allow-winbindd-to-be-run-from-inside-samba.patch
Type: text/x-patch
Size: 4894 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140409/26560467/attachment.bin>


More information about the samba-technical mailing list