[Samba] Samba 4.1.14 Domain Controller as file server and internal winbind

Bruno Andrade bma at eurotux.com
Tue Dec 30 09:07:14 MST 2014


Is there any site/blog/post/mail where I can find a more completed list
of issues/reasons?

Bruno Andrade.

On 12/30/2014 12:59 PM, Rowland Penny wrote:
> On 30/12/14 12:27, Bruno Andrade wrote:
>> Hi,
>> Im running a domain controller (AD DC) and file server, on the same
>> machine, with sernet-samba 4.1.14.
>> Right now, I have a process using almost 100% CPU all the time. After
>> 'samba-tool processes' I found that the process is winbind_server.
>> On samba wiki page, they don't recommend using domain controller as file
>> server because winbind issues.
>> I already have other domain controller and file server, running without
>> problem.
>> Why is not recommended using domain controller as file server?
>> What issues exists in winbind in this kind of environment?
>> Regards,
>> Bruno Andrade.
> OK, winbind built into the samba daemon on the AD DC, is not the same
> as the separate winbind daemon you would use on a member server It
> does not have the same capabilities and is not setup in the same way,
> it cannot pull the Unix attributes from AD and these have to be set in
> smb.conf via templates. These templates mean that you cannot have
> different home directories based on the user. The UID & GID numbers on
> the AD DC are all in the 3000000 range, these numbers only exist on
> the DC, they will be different on any member server (and any other DC's).
> There are other reasons why you should not use an AD DC as a
> fileserver, but the above reasons are the most obvious.
> Rowland 

More information about the samba mailing list