[Samba] Is it a good idea/required to run winbind

Daniel Müller mueller at tropenklinik.de
Thu Feb 24 00:03:13 MST 2011

Im no friend of winbind. But you need the idmap-thing with winbind. And I
agree with you that there is NO!!! realy good howto
about using winbind in the newer versions of samba, no step by step.
But as far as I used it, winbind mapped the user of an windows domain or ads
to the samba machine as if they where local users there.
Then you can grant rights on shares, use domain-groups....
As you are using ads you should have a look at samba4.


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de

-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Robert Cohen
Gesendet: Donnerstag, 24. Februar 2011 07:26
An: samba at lists.samba.org
Betreff: [Samba] Is it a good idea/required to run winbind

We've been running a samba service for many years but have stuck  using
3.0.24. Every version I tried after 3.0.24 seemed to have reliability

But if every version since 3.0.24 was broken I assume someone would have
noticed by now :-). So I'm guessing we're doing somethng idiosyncratic
and/or stupid..

The config we have is that our samba server (solaris) is getting uid/gid
info using NSS from ldap.

But all the users are also in an ADS domain which is synchronised with the
ldap servers by an identity management system.

So we do authentication from ADS.

The relevant parts of the config are

  netbios name = xxx
  security = ADS
  realm = yyy.domain

  password level = 0
  local master = no
  domain master = no
  encrypt passwords = yes

The samba server was joined to the domain using "net ads join".

We were running smbd and nmbd but not winbind (since  we werent using samba
for NSS).
And that worked fine up through 3.0.24
After 3.0.24, it stopped  working reliably.

More information about the samba mailing list