[Samba] winbind with ports 445/139 blocked

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Jun 8 21:20:04 GMT 2009

On Mon, Jun 08, 2009 at 11:31:05AM -0700, Nick Bartos wrote:
> I have an annoying problem I'm hoping to get some guidance on.
> I am able to use winbind with our local domain, however it does not work
> with a remote trusted domain (it works fine for a local trusted domain).
> >From the looks of things, winbind requires port 445 or 139 to be open to the
> remote domain controllers, which it is not.
> Apparently these ports are not required for the MS Windows clients to
> authenticate to the remote domain, as they work fine.  Getting the ports
> opened would either take an act of God, or some other deity.  So I was
> hoping that there was a way to make winbind use other services like windows
> does (rpc/ldap/whatever).
> Thoughts?

This is a known deficiency right now, and I'm not 100% sure
that we can fix it properly in the short term. Windows
internally will never look at something like /etc/passwd and
/etc/group for normal operations. Unix programs regularly
do, and we can't really get all the info to also fill in
/etc/passwd and /etc/group for the trusted domains.

What I'd like to ask you is to file a bug in
bugzilla.samba.org. This way it pops up regularly when I
look over it, but I can't promise any deadline at all. I
would just not like to lose this reminder :-)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20090608/6014c530/attachment.bin

More information about the samba mailing list