Query regarding samba working as domain controller

Rowland Penny repenny241155 at gmail.com
Thu Sep 10 06:41:20 UTC 2015

On 10/09/15 04:26, Anoop Singh wrote:
> Hi Rowland,
> Thanks a lot for the clarification.
> I just want to summarize what I understood from your mail.
> 1. We can use DHCP obtained IP but fixed IP is recommended due to mentioned reason. I meant only. Sorry for the typo. As per your suggestion this must not be used.

Yes, you really should use a fixed ip with a server.

> 2. When Samba is configured as domain controller using tdbsam backend, smbd and winbind in turn started. So we can use "Samba file sharing".

If you are using 'tdbsam' to store Samba info, you are talking about a 
PDC and you do not start the 'samba' daemon, you start the 'smbd' & 
'nmbd' deamons and optionally the 'winbind' deamon. This setup as always 
been able to act as a fileserver as well. If you run Samba as an AD DC, 
you can (if you must) use the DC as a fileserver, it is just not 
recommended for various reasons.

> 3. When we configure Samba to connect to existing windows domain controller using winbind, smbd is running so we can configure "Samba file sharing" but its not recommended.

No, if you are using Samba as a client, then yes, you can use it as a 

> I have small confusion over summary 2 and 3. In summary 2, I mean the device on which samba is installed will itself act as domain controller and device will use its own users and groups for authentication while in summary 3 the device will just connect to existing windows active directory and device will be able to use windows users and groups for authentication. Am I right? And also smbd and winbindd both will be running in both configurations along with samba.
> Let me know if you see any issue in my understanding.

Well, it is possible you are mixing up an 'NT4-style' PDC and an AD DC, 
they are very different, I would suggest you do some further research on 
the differences.

> Thank you once again for your kind mail and clarification.
> With regards,
> Anoop.

More information about the samba-technical mailing list