Updating Winbindd Privileged Socket Path

Matthew Newton mcn at freeradius.org
Mon Jun 21 18:07:42 CEST 2021

On 21/06/2021 15:57, Alan DeKok wrote:
>    It might work.  https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html
> 	... Client tools must then be advised of the altered path with the WINBINDD_SOCKET_DIR environment variable.

I wasn't aware of that one - the code seems to have something slightly 
different, "SELFTEST_WINBINDD_SOCKET_DIR", so maybe try that, too (but 
from its name it sounds like its intended for internal use only):


But the documentation seems to indicate that it's not safe to use as not 
everything will honour it. If ntlm_auth doesn't, then the wbclient code 
should do as it uses the wb_common library stuff above. I'd be surprised 
if ntlm_auth doesn't use the same client code though.

The only time I've done it before I build Samba twice with two different 
paths, and called each one separately. That will work with ntlm_auth, 
but not wbclient as you can't link FreeRADIUS against both versions.

The answer is pretty much "don't move the privileged socket location, or 
if you do, rebuild Samba with a different location".


More information about the Freeradius-Users mailing list