[Samba] Samba as DC member UDP ports used

Andrew Bartlett abartlet at samba.org
Sat Mar 7 04:44:12 UTC 2020

On Thu, 2020-03-05 at 10:12 +0000, Rowland penny via samba wrote:
> On 05/03/2020 09:57, Andrea Cucciarre' via samba wrote:
> > Hello,
> > 
> > I have a customer that complains that Samba (as DC member) uses
> > UDP 
> > during  AD authentication when clients mount a share.
> > I have run a test and traced network packet and it seems UDP is
> > used 
> > by the CLDAP (Samba server is, AD is
> > 
> > Is there a way to force Samba to use TCP instead of UDP?
> Not that I am aware of.
> > If it's not possible could you please shortly explain why Samba is 
> > using UDP port.
> Probably because this is what Microsoft uses.

Correct, this is for Domain Controller discovery.  UDP is used to find
close, responsive directories to make further connections to.

It is not recommended, but forcing a particular DC with 
'password server = ' might by bypass this location step.

Andrew Bartlett
Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          

More information about the samba mailing list