[Samba] Multiple samba instances on same machine in v4.8 and beyond
Samuel Taylor Liston
sam.liston at utah.edu
Wed May 20 18:59:27 UTC 2020
This is a long shot as it look as though this may not be supported anymore. Since moving to CentOS 7 we have been using the instantiation feature of systemd to run multiple winbind and smb instances on a single server as part of an HA setup (pacemaker/corosync). In testing samba version 4.8 and beyond we have found that this doesn’t work anymore, or rather the client tools are unable to authenticate. What it looks to stem from is client tools appear to be looking for the winbind socket file in the default location only (/run/samba/winbindd). In order to have multiple smb instances we have been starting a winbind per smb and have been redirecting the winbind socket dir to a specific location per instance, and though the man page says otherwise this was work up until v4.8. Right now we are version locked at 4.7, but can’t stay there forever.
We have been searching and experimenting (unsuccessfully) to find a way around this. Has anyone else encountered this and found a working solution? And ideas of insights would be much appreciated.
Here are my global and one individual instance config file to give a flavor of what we are doing:
[root at xxxxxxxxxxxx ~]# cat /etc/samba/global.smb.conf
[global]
workgroup = AD
server string = xxxxxxxxxxxxx (%L) Server
security = ADS
passdb backend = tdbsam
allow trusted domains = no
encrypt passwords = yes
realm = XX.XXXXX.EDU
local master = no
preferred master = no
wins support = no
wins proxy = no
dns proxy = no
load printers = no
printcap name = /dev/null
disable spoolss = yes
lanman auth = yes
client plaintext auth = yes
client lanman auth = yes
restrict anonymous = 2
[root at xxxxxxxxxxxxxx ~]# cat /etc/samba/smb.conf.xxxxxxxxxxxxx-vg3-0-lv1
[global]
log file = /var/log/samba/%m-xxxxxxxxxxxxx-vg3-0-lv1.log
encrypt passwords = yes
include = /etc/samba/global.smb.conf
pid directory = /var/run/samba/xxvg3-0-lv1-smb
interfaces = 155.101.11.101
bind interfaces only = yes
netbios name = xxvg3-0-lv1-smb
lock directory = /var/lib/samba/xx301/lock
cache directory = /var/lib/samba/xx301/cache
state directory = /var/lib/samba/xx301/state
private dir = /var/lib/samba/xx301/priv
winbindd socket directory = /var/lib/samba/xx301/sock
[hpc-home]
comment = hpc-home xxxxxxxxxxxxx-vg3-0-lv1 share
# Hide the secret cluster files
veto files = /.clumanager/.rgmanager/
browsable = yes
writable = yes
path = /uufs/xxxxxxxxxxxxx/common/xxxxxxxxxxxxx-vg3-0-lv1/hpc
create mask = 0644
directory mask = 0755
guest ok = no
nt acl support = yes
valid users = @hpc
==========================================
Center for High Performance Computing - Univ. of Utah
155 S. 1452 E. Rm 405
Salt Lake City, Utah 84112 (801)232-6932
==========================================
More information about the samba
mailing list