On 11/03/2021 21:17, Lou via samba wrote:> Hi! > > I'm a long time Samba user, but I soon started to administer a machine > with smbd > daemon that provides file sharing using SMB1 (!). > > One of the things we would like to do is to is to stop using SMB1 and > start > using recent versions of the SMB protocol.? Unfortunatelly we are > running, in > another machine, an old version of nmbd that talks an old protocol > (NT4? - how > can I verify that?).? The latest version of samba3 supports SMB2 only > experimentally.Not quite, the last versions of Samba .3 supported SMBv2 but Samba 3.x.x? is EOL and has been for a number of years.> > The ideal situation would be to upgrade everything to Samba 4 and use AD > protocols.? I'd like to make it in phases, though.? Because of Windows 10 > requirements and security reasons, the first thing I'd like to do is > to upgrade > smbd to the latest version (>4), provide SMB2 or later to clients, but > for now > it would be necessary to work with the old nmbd daemon.What do you mean by 'the old nmbd daemon' ? samba 4 still has the nmbd daemon and is capable of running just like Samba 3> > I have looked for some information about some hybrid environment , but > found > nothing.? Must of the documentation assumes you are running the same > version for > smbd and nmbd so I start wondering if this is really possible.? Is it?No, you must use the nmbd that comes with Samba 4, the problem is that you will have to use SMBv1 at both ends. This is not really a problem, it is just a bit insecure and you might not need to run nmbd. It might help if you can describe your setup in more detail and if you have anything that must use SMBv1 (something that will not work without SMBv1). Rowland
On Thu, Mar 11, 2021 at 09:56:39PM +0000, Rowland penny via samba wrote:>No, you must use the nmbd that comes with Samba 4, the problem is that >you will have to use SMBv1 at both ends. This is not really a problem, >it is just a bit insecure and you might not need to run nmbd. It might >help if you can describe your setup in more detail and if you have >anything that must use SMBv1 (something that will not work without >SMBv1).Thanks for the reply. I have two servers: smbd-server -> provides file sharing and runs smbd 3.6.25 nmbd-server -> it is the PDC and runs nmbd < 3.6.25 At smbd-server, smb.conf has the following line: wins server = openldap.ufabc.int.br So, nmbd that runs in nmbd-server, so nmbd-server runs as a wins server. It uses LDAP as a backend. I need to enable latest protocols (SMB3+) for smbd-server Alternatives I thought about: 1. Upgrade everything to Samba 4 as an AD DC. This is not a good choice for now, because I'd have to change the whole organization structure. 2. Upgrade everything to Samba 4, but do not "enable AD". Make it use our LDAP backend, so the change would be invisible to the clients. 3. Upgrade only smbd to Samba 4 and make it use the old nmbd at nmbd-server as a wins server. I tried it but I had no success. I'd prefer go for 3, and then 2, and then 1, if it is possible. Any recommendations? Thanks.