[Samba] Samba4 acting as standalone server, smb.conf parameters and run daemons !

Rowland Penny rowlandpenny at googlemail.com
Fri Feb 28 13:27:31 MST 2014

On 28/02/14 20:02, Computer service SPb. wrote:
> I have provisioned Samba4 as the following:
> /usr/local/samba/bin/samba-tool domain provision --host-name=Router 
> --realm=mygroup.net <http://mygroup.net> --domain=MyGroup 
> --host-ip= --adminpass='Admin1234' --server-role=dc 
> --function-level=2008_R2 --use-rfc2307 --use-xattrs=auto 
> --dns-backend=BIND9_DLZ
> I use Bind9, I tested it for setting up of Samba4 for Openchange in 
> previous year and I get it nicely working together (Samba4 and Bind9 
> as dynamic config) .
> There IS network browsing with a Samba4 AD server - either I have 
> access via Netbios names or browsing (except some conditions for 
> pptp/l2tp VPN users, but even for they I have working browsing) . I 
> don' t have any wins in Lan. I had server role as "active directory 
> domain controller" as "dc" .
> So, may be I should not but I start nmbd by myself written script 
> after samba binary start.
> Because if I don' t start nmbd I will not get browsing.

There is no 'may be' about it, do not run nmbd with the samba daemon, if 
you care to follow the link I posted, somewhere along the line of 
postings is the reason why not.

> When I talked with Andrew (in the previous year or year before it) as 
> I remember he said that samba binary controls other daemons (in DC 
> variant) and run it and may be browsing functions will be added later 
> in samba binary for DC opertional. But to this time there is not 
> still code for browsing in samba binary.

The devs are concentrating on other, more valuable things at the moment, 
they will get to network browsing as soon as possible.

> But, there is one value that has to be set up in smb.conf file what 
> Samba4 as DC allow to get nmbd working and allow to have browsing.

I have never heard of this value, what is it???

> To prove it I can to think to provide pptp access to my server (it is 
> as router /vpn with samba4 installed) that you could see by your own 
> eyes that all works fine.

I know that it seems to work, but there are hidden problems with doing it.


> 2014-02-28 23:42 GMT+04:00 Rowland Penny <rowlandpenny at googlemail.com 
> <mailto:rowlandpenny at googlemail.com>>:
>     On 28/02/14 19:20, Computer service SPb. wrote:
>         Ok, for standalone server.
>         What about dcerpc endpoint ?
>         But as I wrote earlier about Nmbd while Samba4 as DC at the
>         moment I have
>         fully working configuration of Samba4 DC (samba binary is run)
>         and nmbd
>         binary is started and run with it.
>         But I start nmbd separatelly by script written by me after
>         samba binary is
>         started (when Samba4 acts as DC) .
>         And more over I have even semi worked configuration of Samba4
>         as DC and
>         nmbd with browsing of Lan / VPN (client-to-server) clients
>         when they could
>         see each other in their neighborhood (but works partly because
>         of VPN
>         clients I don' t know why but could be as master/backup
>         browser at the
>         moment and I didn' t set up Samba4 as Wins) .
>     You seem to be at the same point as I was 18 months ago and I
>     asked a similar question:
>     https://lists.samba.org/archive/samba-technical/2012-August/086041.html
>     It was explained to me that you should not run the samba daemon
>     with the nmbd daemon and I was sure that Andrew Bartlett altered
>     Samba so that this wasn't possible, but you seem to be doing this,
>     just how did you provision samba?
>     There is no network browsing with a Samba4 AD server, but you can
>     navigate via address.
>     Rowland
>         2014-02-28 23:08 GMT+04:00 Andrew Bartlett <abartlet at samba.org
>         <mailto:abartlet at samba.org>>:
>             On Fri, 2014-02-28 at 20:14 +0400, Computer service SPb.
>             wrote:
>                 Rowland, you are not right. I started and start nmbd
>                 daemon with samba
>                 daemon.
>                 But I don' t know requirements for server services as
>                 for started daemons
>                 for standalone server.
>             We have code to assist our administrators to run the right
>             daemons while
>             we have this split mode of operation.  You may well be
>             able to start
>             'samba' as a standalone server, but it will exit on
>             startup.  Likewise,
>             when running 'nmbd' on an AD DC, this will also exit.
>             Please don't be confused by the 'server services' setting,
>             this is not
>             relevant for a standalone server.
>             Andrew Bartlett
>             --
>             Andrew Bartlett http://samba.org/~abartlet/
>             <http://samba.org/%7Eabartlet/>
>             Authentication Developer, Samba Team http://samba.org
>             Samba Developer, Catalyst IT
>             http://catalyst.net.nz/services/samba

More information about the samba mailing list