[Samba] access to share with dns alias hostname

Rowland penny rpenny at samba.org
Fri Sep 27 09:47:50 UTC 2019

On 27/09/2019 05:47, banda bassotti wrote:
> ciao,  adding the lines below
>   kerberos method = dedicated keytab
>   dedicated keytab file = /etc/samba/fs.keytab
> and the spn for the old machine authentication works correctly.
> thanks for support.

OK, I was interested in how UCS server worked, so I downloaded it and 
installed it in a VM.

First, the reason why <ps ax | grep '[n]mdb'>  didn't show any 'nmbd' 
processes is because it was a typo :-(

Using the correct commands:

ps ax | grep '[n]mbd'

Results in:

1053 ?        Ss     0:00 /usr/sbin/nmbd -D
1057 ?        S      0:00 /usr/sbin/nmbd -D

It gets worse, Samba is running as a DC, so is using ldap, but openldap 
is also running on port 999 and seems to hold the same data as AD.

It looks to me that Univention has taken something that is already 
complex and piled even more complexity on top, for (to me) no apparent 

OK, Univention, why are you running 'nmbd' on a Samba active directory 
domain controller ???

You know it isn't supported by Samba, so why are you doing it.


More information about the samba mailing list