Fixing the Reckless Debian Security Update to Samba 4.2

If you’re like me, and were wanting to get the Samba security fixes in place quickly for Debian Jessie version of SAMBA — you’ll maybe have learned that they decided not to backport the fixes for man-in-the-middle, but instead upgrade the whole thing to SAMBA 4.2.

That’s all well and good — but the security update broke SAMBA on my Debian boxes in the test lab (which run Jessie).

The fix was pretty simple after some fairly serious wasted time Googling for it. By default, it SAMBA will now require the winbind package to be installed, otherwise it will silently fail to start.

The symptom I had was that internal DNS resolution for SAMBA stopped working.  And nothing was bound to port 53.

Of course, that was because Samba wasn’t starting at all.

I hope that helps someone — just make sure winbind is installed and running.

They really should have tested this better, even with such a bad flaw in the Microsoft and Samba stuff.