How to test samba LDAP parameters with openldap tools, eg ldapsearch?
Rowland Penny
rpenny at samba.org
Wed Apr 12 12:51:08 UTC 2023
On 12/04/2023 13:37, Jan Andersen wrote:
> Hi Rowland,
>
> I noticed something odd about the logs: it seems smbd generates one both
> for the workstation's name and one for its IP address - I didn't attach
> the latter, so here it is. It seems to have more detail.
>
> Jan
>
> On 12/04/2023 12:06, Rowland Penny via samba-technical wrote:
>>
>>
>> On 12/04/2023 11:39, Jan Andersen wrote:
>>> Hi Rowland,
>>>
>>> Thank you for replying. I wiped the existing logs, changed the smbd
>>> service to include '-d 10' and restarted, so I would have logs
>>> without too much noise - please find them attached along with smb.conf
>>>
>>>
>>
>> You appear to be running Samba as a standalone server with an ldap
>> backend, are you aware that such a setup is two parameters away from
>> being a PDC ? If you comment out 'server role = standalone server' and
>> add 'domain logons = yes', it becomes a PDC and a PDC (from 4.8.0)
>> requires winbind to be running.
>>
>> Rowland
>>
>>
Before Samba 4.8.0 , smbd could directly connect to the domain
controller, from 4.8.0 smbd now needs to go via winbind.
Now I know that you are not strictly running a PDC, but what you are
running is the next thing to it, so I presume that you need to run
winbind, you do not need to configure anything, just run winbind.
Whatever happens, you should be aware that Samba is working to remove
SMBv1 and things like PDC's with it.
One thing I did notice from that last log, you are not using SMBv1, try
adding these lines to the smb.conf:
server min protocol = NT1
client min protocol = NT1
Rowland
More information about the samba-technical
mailing list