[Samba] samba 4.1.17 on raspberry pi as ad dc - winbind breaks it again

Fri Mar 13 03:34:26 MDT 2015

okay, I started to look into winbind and the /etc/nsswitch.conf (and 
smb.conf)... and it wreaked havoc...

I was using the guide at 
https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server

- right guide?
the guide is talking about "samba member server that is part of an 
active directory"
Is that correct? I mean, THE ad domain controller is member of the ad, 
but it sounds like this guide is about samba being added to AD, not 
samba being the AD

- added the idmap and winbind lines to smb.conf

- net [rpc|ads] join -u administrator
I do not exactly get what this does and if rpc or ads is the "right one"

which made me think. when I setup samba4 as ad controller (samba-tool 
domain provision ...) does it not become member of the its own domain? 
do I need to add it by hand? I always assumed not do...

- ln -s ... + ldconfig
here I ran into trouble. I saw the notice about needing to subsitute 
lib64 with lib if running x86
Well, the pi is definately not x64. but neither is it x86. i chose to 
use lib, betting it should fit.
x86_64-linux-gnu I replaced with i386-linux-gnu

- nsswitch.conf
I added the winbind as stated

- samba start
now samba wont start anymore. I guess samba will be replaced by smbd, 
nmbd and winbindd (error message in daemon.log hints at that)
for which I have no startscripts. any quick solutions or do I have to 
manually fix it?

the link for start script under starting the daemons will lead to the 
site I got my script from though...

- testing
wbinfo -u and wbinfo -g show nothing and no error

- configure wrong?
I did not use --with-ads --with-shared-modules=idmap_ad
According to the guide I should have... Guess Ill have to start again
If only configure, make and make install wouldnt take ages...

- why winbind?
I dont exactly get the benefit of dealing with winbind. a quick test 
yesterday let me add a pc to the domain and access the domain via 
windows 7 server tools. I have not further tested the capabilities of 
the samba ad. What wont work without winbind, what does it accomplish.