[Samba] Make nmbd bind to interfaces only
Nick Howitt
nick at howitts.co.uk
Tue Feb 12 12:00:33 UTC 2019
On 11/02/2019 18:32, Harry Jede via samba wrote:
> Am 11.02.19 um 18:47 schrieb Nick Howitt via samba:
>> Hi,
>> I would like to have nmbd only bind to the interfaces specified in
>> the interfaces line of smb.conf, in the same way that smbd does. When
>> researching this I did come across a mailing list thread saying there
>> was no use case, but I think I have one.
>>
>> For many years ClearOS has been providing NT4 style domains and
>> unix-style shares. M$ upset the applecart last year with their 1803
>> update when joining NT4 domains got broken (it has since been fixed
>> since September '18, but I would assume the writing is on the wall
>> for NT4 domains).
>>
>> To get round the issue I loaded samba into docker using the
>> https://github.com/Fmstrat/samba-domain container. I wanted to
>> continue to use the ClearOS samba configuration (v4.7.1 and soon to
>> follow Centos to 4.8.3) for its file-sharing as a domain member. One
>> of the problems I had was that if the native ClearOS instance of
>> samba was started, the docker instance would refuse to start because
>> of a port clash.
>
> You should start your container with a real ethernet adapter! Search for:
>
> docker tap
>
> or
>
> docker tuntap
>
Thanks. Not so easy to research but I am trying. I'll also ask at the
docker forums.
I am concerned as to how this will help as nmbd is binding to 0.0.0.0.
If I introduce a new interface, won't nmbd effectively also bind to that?
>> To get round this for smbd was easy. All I had to do was bind to
>> interfaces only, but nmbd would not obey. For nmbd I had to set:
>>
>> nmbd bind explicit broadcast = yes
>> socket address = 192.168.20.1
>>
>> This is sort of OK if I have one LAN interface, but ClearOS is, among
>> other things, a router/firewall and as such can have multiple LAN
>> and/or VLAN interfaces. Socket address can only have one IP address
>> so I can't get all LAN interfaces to bind to it. Is there a way round
>> this or does it make a reasonable use case for a modification request.
>>
>> Thanks,
>>
>> Nick
>>
>>
>
More information about the samba
mailing list