[Samba] RFC2307 attributes not being read by DC2 in 4.2.1

Rowland Penny rowlandpenny at googlemail.com
Thu Apr 23 13:54:34 MDT 2015


On 23/04/15 20:40, Miguel Medalha wrote:
>> in his smb.conf because he is using bind9, replacing 'winbindd' in that
>> line, should be the same as 'server services = -winbindd +winbind' on a
>> DC that uses the internal DNS server. If you run 'samba-tool testparm
>> -v' on a DC that uses the internal DNS, even though there is no 'server
>> services' line shown in smb.conf, you will get the default one
>> displayed, that is why you need to add 'server services = -winbindd
>> +winbind', it turns off the first because it is the default and adds the
>> second to replace it, but changing one for the other on a line set in
>> smb.conf should do the same, and as you said 'If you don't see the
>> difference I don't know what more to say...'
>>
> Of course you are correct, but I am not talking about that. His line is:
>
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
> ntp_signd, kcc, dnsupdate
>
> What I am proposing is:
>
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
> ntp_signd, kcc, dnsupdate, -WINBIND (upper case for emphasis only)
>
> I was proposing the same line he already has but with the ADDITION of
> explicitly disabling the internal service instead of doing it implicitly.
>   I know that winbindd is the new default but what if the internal service
> is NOT being correctly disabled and it conflicts with winbindd? Are you
> certain the eventual bug is not here?

Yes, because the OP on the samba technical list wasn't using bind9, he 
added 'server services -winbindd +winbind' and his problem was cured, 
this took samba back to what it was before 4.2.0. I use bind9 on 4.1.17 
and changing the line as I suggested makes it like the line on my DCs.

Rowland



More information about the samba mailing list