Re: [Samba] winbindd crashing -- how to auto-heal?
- Date: Mon, 3 Sep 2018 16:05:37 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] winbindd crashing -- how to auto-heal?
On Mon, 3 Sep 2018 10:35:38 -0400
Jamie Jackson <jamiejaxon@xxxxxxxxx> wrote:
> On Mon, Sep 3, 2018 at 5:17 AM Rowland Penny via samba <
> samba@xxxxxxxxxxxxxxx> wrote:
> > Why isn't 'smbd' running ?
> I didn't set this up, but I assume the sysadmins didn't run it because
> they, like Luca, probably assumed that smbd was for server
> functionality (to provide services to clients), whereas, AFAIK, our
> hosts only act as clients. Could you explain how smbd fits into this
> when the hosts are consuming remote services (but presumably not
> providing any)?
I take it the 'sysadmins' are more used to administrating Windows, if
so, just ask them if they would turn SMB off on a Windows PC.
> > Is 'nmbd' running ?
> Doesn't look like it:
> [jamie.jackson@rwhudxdkrdev ~]$ systemctl -a | grep
> ● nmb.service
> not-found inactive dead
> loaded active running
> Samba Winbind Daemon
As I said earlier, you only need nmbd if you need network browsing.
> > Why aren't you running 'winbind' as a daemon ?
> No clue, but here's what I found in systemd:
> [jamie.jackson@rwhudxdkrdev ~]$
> cat /usr/lib/systemd/system/winbind.service [Unit]
> Description=Samba Winbind Daemon
> After=syslog.target network.target nmb.service
> ExecStart=/usr/sbin/winbindd --foreground --no-process-group
> ExecReload=/usr/bin/kill -HUP $MAINPID
Not really up to date with systemd (I do not use it), but I would
remove '--foreground --no-process-group', this would allow winbind to
run normally. I would also check the smbd service file, you need to
the Samba binaries as deamons.
> > Why do feel you don't need a process group for winbind ?
> I'm not the implementor (but I can pass your questions on to that
> group). However, if I were to guess: The implementors probably aren't
> trying to be creative or contrary. I figure they probably found a
> solution that seemed to (mostly) work--maybe many years ago--and they
> might not know exactly how to implement AD integration in RHEL
> according to best practice.
It shouldn't really matter what the OS is, you just need to run it in
an accepted way, yours isn't.
> At this point, it might make more sense to throw out the current
> configuration (since I'm gleaning from your questions that it's
> unorthodox) and start fresh, but let's see what your impressions are
> after the latest bits of info above.
I personally do not use the autorid backend, the 'ad' & 'rid' backends
have always been enough for me and I think they may be sufficient for
you, the only problem would be the Unix IDs.
To unsubscribe from this list go to the following URL and read the