Raees Khan
2020-Apr-07 21:24 UTC
[Samba] How to force Winbind to use port 445 to talk to Windows Active Directory
I will but changing that would block samba from listening for connections on port 139. However, in my case I don't see any incoming traffic on port 139 rather the winbind daemon on my samba server tries to connect to the Active Directory Domain Controller on port 139. On Monday, April 6, 2020, 03:55:56 PM PDT, miguel medalha via samba <samba at lists.samba.org> wrote: In the [global] section of smb.conf try: smb ports = 445 The default is: smb ports = smb ports = 445 139 -- To unsubscribe from this list go to the following URL and read the instructions:? https://lists.samba.org/mailman/options/samba
Andrew Bartlett
2020-Apr-07 22:01 UTC
[Samba] How to force Winbind to use port 445 to talk to Windows Active Directory
All Samba binaries have a --option parameter, so you could just add to your winbindd startup script/unit '--option=smb ports=445'. This would only change winbindd, and not smbd or other client tools. Andrew Bartlett On Tue, 2020-04-07 at 21:24 +0000, Raees Khan via samba wrote:> > > I will but changing that would block samba from listening for > connections on port 139. However, in my case I don't see any incoming > traffic on port 139 rather the winbind daemon on my samba server > tries to connect to the Active Directory Domain Controller on port > 139. > > > On Monday, April 6, 2020, 03:55:56 PM PDT, miguel medalha via > samba <samba at lists.samba.org> wrote: > > In the [global] section of smb.conf try: > > smb ports = 445 > > The default is: > > smb ports = smb ports = 445 139 > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba
Raees Khan
2020-Apr-08 21:34 UTC
[Samba] How to force Winbind to use port 445 to talk to Windows Active Directory
Hi Andrew, I added '--option=smb ports=445' to the unit file but the problem is still reproducible. In face, I added 'smb ports = 445' in the global section of smb.conf but I still see winbind making connection to AD DC on port 139. Following is the log extracted output of `winbind -i -d 3`. connection_ok: Connection to dc.domain.com for domain XXX is not connectedConnecting to xxx.xx.xx.xx at port 445Connecting to xxx.xx.xx.xx at port 139 On Tuesday, April 7, 2020, 03:01:50 PM PDT, Andrew Bartlett via samba <samba at lists.samba.org> wrote: All Samba binaries have a --option parameter, so you could just add to your winbindd startup script/unit '--option=smb ports=445'. This would only change winbindd, and not smbd or other client tools. Andrew Bartlett On Tue, 2020-04-07 at 21:24 +0000, Raees Khan via samba wrote:>? > > I will but changing that would block samba from listening for > connections on port 139. However, in my case I don't see any incoming > traffic on port 139 rather the winbind daemon on my samba server > tries to connect to the Active Directory Domain Controller on port > 139. > > >? ? ? On Monday, April 6, 2020, 03:55:56 PM PDT, miguel medalha via > samba <samba at lists.samba.org> wrote:? >? >? In the [global] section of smb.conf try: > > smb ports = 445 > > The default is: > > smb ports = smb ports = 445 139 > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions:? https://lists.samba.org/mailman/options/samba >?-- Andrew Bartlett? ? ? ? ? ? ? ? ? ? ? https://samba.org/~abartlet/ Authentication Developer, Samba Team? https://samba.org Samba Developer, Catalyst IT? ? ? ? ? https://catalyst.net.nz/services/samba -- To unsubscribe from this list go to the following URL and read the instructions:? https://lists.samba.org/mailman/options/samba
Reasonably Related Threads
- How to force Winbind to use port 445 to talk to Windows Active Directory
- How to force Winbind to use port 445 to talk to Windows Active Directory
- Unable to join domain when DC firewall is active
- lmdb requirement for AD DC
- [WIP][PATCH] 'fix' smbspool_krb5_wrapper, libexecdir and ctdb helper binary locations for 4.4