[Samba] Samba as DC member UDP ports used
Andrea Cucciarre'
acucciarre at cloudian.com
Thu Mar 5 09:57:03 UTC 2020
Hello,
I have a customer that complains that Samba (as DC member) uses UDP
during AD authentication when clients mount a share.
I have run a test and traced network packet and it seems UDP is used by
the CLDAP (Samba server is 10.50.50.35, AD is 10.50.50.85)
Frame 1: 133 bytes on wire (1064 bits), 133 bytes captured (1064 bits)
on interface vmxnet3s0, id 0
Ethernet II, Src: 00:0c:29:92:02:dd, Dst: 00:0c:29:b0:43:a7
Internet Protocol Version 4, *Src: 10.50.50.35, Dst: 10.50.50.85*
*User Datagram Protocol*,*Src Port: 60549, Dst Port: 389*
Source Port: 60549
Destination Port: 389
Length: 99
Checksum: 0x7950 [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
[Timestamps]
*Connectionless Lightweight Directory Access Protocol*
LDAPMessage searchRequest(10556) "<ROOT>" baseObject
messageID: 10556
protocolOp: searchRequest (3)
searchRequest
baseObject:
scope: baseObject (0)
derefAliases: neverDerefAliases (0)
sizeLimit: 0
timeLimit: 0
typesOnly: False
Filter:
(&(&(NtVer=0x00000006)(DnsDomain=HF3.LOCAL))(AAC=00:00:00:00))
filter: and (0)
and:
(&(&(NtVer=0x00000006)(DnsDomain=HF3.LOCAL))(AAC=00:00:00:00))
attributes: 1 item
AttributeDescription: NetLogon
I searched in the smb.conf man page and I can change the CLDAP port used
but it seems I can't force to use TCP.
Is there a way to force Samba to use TCP instead of UDP?
If it's not possible could you please shortly explain why Samba is using
UDP port.
Regards
Andrea
More information about the samba
mailing list