[Samba] IPV4 Only Environments Kpasswd5 Port 464 Not Showing when ipv6.disable=1 on Kernel CLI
Rowland Penny
rpenny at samba.org
Sat Jan 11 08:37:26 UTC 2025
On Fri, 10 Jan 2025 15:07:34 -0700
Gregory Carter <gjcarter2 at gmail.com> wrote:
> Well, if I eliminate the ipv6.disable-1 from the kernel command line
> everything works fine. So I don't think it is a samba config issue
> per se, unless of course I need something specific for kpasswd5 port
> 464, but in any case.
>
> This AD server is a Fedora 41 box running
I take it you are aware that the Fedora Samba packages are classed as
experimental because they use MIT kerberos ?
>
> root at ad:~# uname -ra
> Linux ad.example.com 6.11.10-300.fc41.x86_64 #1 SMP PREEMPT_DYNAMIC
> Sat Nov 23 00:51:20 UTC 2024 x86_64 GNU/Linux
>
> Here is the join command:
>
> realm join --automatic-id-mapping=no ad.example.com
No, that is the freeipa join command, the Samba one is:
net ads join -U administrator
>
> Here is the smb.conf file of the ad.example.com server:
> # Global parameters
> [global]
> dns forwarder = 10.10.14.27,10.11.12.10
> netbios name = AD
> realm = EXAMPLE.COM
> server role = active directory domain controller
> workgroup = EXAMPLE
> idmap_ldb:use rfc2307 = yes
> ldap server require strong auth = no
> bind interfaces only = yes
> interfaces = 127.0.0.1 192.168.1.40
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [netlogon]
> path = /var/lib/samba/sysvol/example.com/scripts
> read only = No
>
That appears to be from a Samba AD DC, if you are trying to join that
to Samba AD domain, then it shouldn't exist before the join and you
should be using samba-tool to join as a DC.
> like I said I can join fine if I eliminate the ipv6.disable=1 as the
> kpasswd5 port appears:
>
Just exactly what are you doing ?
Rowland
More information about the samba
mailing list