4.2rc2 and winbindd

David Mansfield samba at dm.cobite.com
Mon Oct 20 07:45:38 MDT 2014 

On 10/20/2014 08:46 AM, Rowland Penny wrote:
> On 20/10/14 13:34, Michael Adam wrote:
>> Hi Rowland,
>>
>> On 2014-10-20 at 13:07 +0100, Rowland Penny wrote:
>>> On 20/10/14 12:44, Michael Adam wrote:
>>>> Ok. I think the DC-with-winbindd scenario is special here,
>>>> just need to understand, how so.
>>> I thought that the whole idea of changing 'winbind' to 'winbindd'
>>> was to get all the benefits of the established winbind without
>>> having to do anything special, you are now saying that 'Something
>>> special' may be required, if this is the case, just what is required
>>> ????
>> There are several points for using winbindd.
>> Here are the two (imho) most important ones:
>>
>> - Make use of winbindd's ability to speak to other domains
>>    (the winbind internal samba component can't), hence enabling
>>    support for trusts!
>>
>> - Don't maintain two winbind implementations but just one.
>>
>> That being said, winbindd is avery versatile, flexible tool
>> that can be configured in various ways. So similar to the
>> mode of samba starting smbd for file serving, which also
>> enforces several parameters for the running smbd (which reflects
>> the special purpose for which smbd is run, namely to serve
>> SMB in a DC setup), I could imagine that samba enforces
>> several parameters to reflect the special situation.
>> That's what I meant with special.
>> I have not found anything special though with a brief look at
>> the code.
>>
>> But that being said, of course things should work in the DC
>> setup, and you have most certainly found a problem.
>> Since I did not have the time yet to dig deeper, I don't know
>> the answer yet. So we'll need to do more testing / digging until
>> we find it or possibly Andrew can shed some light.
>>
>> We should have some nss-level test also in our selftest.
>> (If this is not the case, then it needs to be added...)
>> The samba-setup for this test (from the selftest provisioning
>> code) would tell us how to proceed.
>> (Just trying to give a few hints as to where I would look next
>> if I had the time right now..)
>>
>> Cheers - Michael
>>
> Hi Michael, I have the feeling that you would like me to compile samba 
> again, this is not a problem except I haven't a clue just how to 
> configure the build and then how do I carry out any tests. ?
>
> Rowland
>
Hi Rowland,

Just a stab in the dark: with the "old" winbind-on-DC approach (4.0, 
4.1) you had to use the libnss_winbind.so that was built during compile, 
which in my case involved symlinking the shared objects into the /lib64 
directory (on centos6). This was not done by "make install".  Is it 
possible you are using the "old" libraries still?

-- 
Thanks,
David Mansfield
Cobite, INC.

More information about the samba-technical mailing list