[Samba] IPV4 Only Environments Kpasswd5 Port 464 Not Showing when ipv6.disable=1 on Kernel CLI

Gregory Carter gjcarter2 at gmail.com
Sat Jan 11 20:18:23 UTC 2025


I have resolved this issue last night.

The issue wasn't the ipv6.disable=1, it was a separate difference in the
config files.

I was using:

>         bind interfaces only = yes
>         interfaces = 127.0.0.1 192.168.1.40

Mainly due to the fact that I plan on adding more ethernet interfaces later
to the mail server, and I wanted to insure the configuration was explicit
on what interfaces to run SAMBA AD on.

However, kpasswd5 port will not bind to 192.168.1.40 in this configuration,
only to 127.0.0.1 hence it won't show up in the config.

So I removed the above statements from the config file and that seemed to
fix the problem.

Looking more closely at the syntax, maybe I need a subnet after the second
IP address to make that work.

I will be looking at that tonight.

On Sat, Jan 11, 2025 at 1:38 AM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Fri, 10 Jan 2025 15:07:34 -0700
> Gregory Carter <gjcarter2 at gmail.com> wrote:
>
> > Well, if I eliminate the ipv6.disable-1 from the kernel command line
> > everything works fine.  So I don't think it is a samba config issue
> > per se, unless of course I need something specific for kpasswd5 port
> > 464, but in any case.
> >
> > This AD server is a Fedora 41 box running
>
> I take it you are aware that the Fedora Samba packages are classed as
> experimental because they use MIT kerberos ?
>
> >
> > root at ad:~# uname -ra
> > Linux ad.example.com 6.11.10-300.fc41.x86_64 #1 SMP PREEMPT_DYNAMIC
> > Sat Nov 23 00:51:20 UTC 2024 x86_64 GNU/Linux
> >
> > Here is the join command:
> >
> > realm join --automatic-id-mapping=no ad.example.com
>
> No, that is the freeipa join command, the Samba one is:
>
> net ads join -U administrator
>
> >
> > Here is the smb.conf file of the ad.example.com server:
> > # Global parameters
> > [global]
> >         dns forwarder = 10.10.14.27,10.11.12.10
> >         netbios name = AD
> >         realm = EXAMPLE.COM
> >         server role = active directory domain controller
> >         workgroup = EXAMPLE
> >         idmap_ldb:use rfc2307 = yes
> >         ldap server require strong auth = no
> >         bind interfaces only = yes
> >         interfaces = 127.0.0.1 192.168.1.40
> >
> > [sysvol]
> >         path = /var/lib/samba/sysvol
> >         read only = No
> >
> > [netlogon]
> >         path = /var/lib/samba/sysvol/example.com/scripts
> >         read only = No
> >
>
> That appears to be from a Samba AD DC, if you are trying to join that
> to Samba AD domain, then it shouldn't exist before the join and you
> should be using samba-tool to join as a DC.
>
> > like I said I can join fine if I eliminate the ipv6.disable=1 as the
> > kpasswd5 port appears:
> >
>
> Just exactly what are you doing ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list