[Samba] samba 4 in AD 2008R2 without winbind

Rowland Penny rpenny at samba.org
Wed May 24 07:04:33 UTC 2017


On Wed, 24 May 2017 08:25:57 +0200 (CEST)
Daniele Bernazzi via samba <samba at lists.samba.org> wrote:

> Hi all, my goal is to have samba (ubuntu 16.04 samba 4.3.11)
> validating internal user (just the user presents on /etc/passwd) on
> an existing AD 2008R2. I am making a fresh install and I did it using
> winbind, but this component puzzle me with id mapping, so I am trying
> to avoid the use of winbind. Unfortunately, when I stop winbind I got
> always NT_STATUS_NO_LOGON_SERVERS; it seems like samba is not able to
> reach the PDC; digging with tcpdump shows the usage of only port 445
> by samba, while winbind use also 135 and 88 ... Any clue? thank you.
> 
> Daniele Bernazzi
> 

Not sure I understand what you are saying, but you seem to be saying
you have a Windows 2008R2 server running as an AD DC, is this correct ?

If this is correct, your plan to validate users that are in /etc/passwd
isn't going to work. You cannot have users in /etc/passwd and AD, if
they are in /etc/passwd they are local users and have nothing to do
with AD and if they are in AD, they are AD users but can also be local
users.

If your computer is joined to the domain, you need to use winbind, so
just what problems did you have ?

Rowland



More information about the samba mailing list