samba - Nov 2024 - Working through the PAM Offline Authentication Wiki page, but...

On 11/25/24 10:56, Rowland Penny via samba wrote:
> On a DC it doesn't, you cannot take winbind offline on a DC. When it
> comes to a DC 'smbcontrol' does nothing, you can only stop the
'samba'
> deamon (which turns off smbd & winbindd), start it (which starts smbd
&
> winbindd) or restart it (which stops, then starts smbd & winbindd).
>
> If you stop and think about it, I feel it will come to you why you
> cannot take a major part of a DC offline ;-)
>
> This, along with numerous other reasons, is why it is not recommended to
> use a Samba AD DC as a fileserver.
>
> Rowland
This isn't on a DC. This is on a Linux machine I have joined to the domain.

- John

On Mon, 25 Nov 2024 11:09:38 -0500
"John R. Graham via samba" <samba at lists.samba.org> wrote:
> On 11/25/24 10:56, Rowland Penny via samba wrote:
> > On a DC it doesn't, you cannot take winbind offline on a DC. When
it
> > comes to a DC 'smbcontrol' does nothing, you can only stop the
> > 'samba' deamon (which turns off smbd & winbindd), start it
(which
> > starts smbd & winbindd) or restart it (which stops, then starts
> > smbd & winbindd).
> >
> > If you stop and think about it, I feel it will come to you why you
> > cannot take a major part of a DC offline ;-)
> >
> > This, along with numerous other reasons, is why it is not
> > recommended to use a Samba AD DC as a fileserver.
> >
> > Rowland
> 
> This isn't on a DC. This is on a Linux machine I have joined to the
> domain.
> 
D, I must go to specsavers, I appear to be going blind ;-)

you wrote 'smbcontrol winbind offline' and I missed it, the extra
'd'
that is, it should have been:

smbcontrol winbindd offline

Rowland