[Samba] samber server in openvz container - venet oder veth0?

Birgit Berger (UV Wien) birgit.berger at oeh.univie.ac.at
Tue Aug 14 07:12:01 MDT 2012 

Nico Kadel-Garcia <nkadel at gmail.com> schreibt:
>On Fri, Aug 10, 2012 at 2:44 PM, Birgit Berger (UV Wien)
><birgit.berger at oeh.univie.ac.at> wrote:
>> sorry, to bother you again.
>>
>> I cannot join win7 or winXP clients to my samba domain sever located on
>a
>> debian server in a VE (openvz) unless I set up the server and clients to
>> use WINS. But the recommendation is not to use WINS. openvz natively
>uses
>> venet. venet makes broadcasting impossible.
>>
>> I guess DNS is sufficient for name<->IP resolution but not for NetBios
>> name<->IP resolution (it doesn' know name types and maybe that's why it
>> cannot find DMB and logon server?) and that's why my win7 and winXP
>> clients cannot join the domain.
>
>Why don't the netbios names match the DNS names? Is your VPN not
>setting your default domain names?

the computer names are exactly the same as the names registered in DNS.
e.g.
>hostname
PC5

the entry in DNS ist PC5.oeh.univie.ac.at

so it should work. but it doesn't. windows 7 and windows xp computers
cannot join the domain. (unless i set a WINS server in the tcp/ip settings
on each client. Then they can join the domain and machine accounts are
created.) Without WINS server set in the tcp/ip settings on each client I
get the error message (see below), when I try to join the domain in
Computer->Eigenschaften->Einstellungen ändern->Ändern->Domäne (where I
type the domain name)->OK

(The error message in win XP is exactly the same as the one in windows 7)

Why does it necessarily ask for a WINS server? it should be possible
without WINS server, shouldn't it? Or do I have to use WINS server when I
user samba in a VE (openvz) with venet? And why DNS isn't enough for
joining client machines to the domain?

================================
dcdiag.txt:

Der Domänenname "OEH" ist möglicherweise ein NetBIOS-Domänenname.
Sollte dies der Fall sein, stellen Sie sicher, dass der Name bei WINS
registriert ist.

Wenn Sie sicher sind, dass es sich nicht um einen NetBIOS-Domänennamen
handelt, können folgende Informationen bei der Behandlung von Problemen
mit der DNS-Konfiguration behilflich sein:

Der folgende Fehler ist beim Abfragen von DNS über den Ressourceneintrag
der Dienstidentifizierung (SRV) aufgetreten, der zur Suche eines Active
Directory-Domänencontrollers für die Domäne "OEH" verwendet wird:

Fehler: "Der DNS-Name ist nicht vorhanden."
(Fehlercode 0x0000232B RCODE_NAME_ERROR)

Es handelt sich um die Abfrage des Dienstidentifizierungseintrags (SRV)
für _ldap._tcp.dc._msdcs.OEH.

Häufigste Fehlerursachen:

- Die zum Ermitteln eines Active Directory-Domänencontrollers (AD DC)
erforderlichen DNS-SRV-Einträge wurden nicht in DNS registriert. Diese
Einträge werden automatisch bei einem DNS-Server registriert, wenn ein
Active Directory-Domänencontroller einer Domäne hinzugefügt wird. Die
Einträge werden vom Active Directory-Domänencontroller zu festgelegten
Intervallen aktualisiert. Dieser Computer wurde zum Verwenden von
DNS-Servern mit den folgenden IP-Adressen konfiguriert:

131.130.1.12
131.130.1.11

- Mindestens eine der folgenden Zonen enthalten keine Delegierung zu
dieser untergeordneten Zone:

OEH
. (die Stammzone)
==================================


>
>
>
>> So given my virtual server setup with openvz, do you rather suggest to
>use
>> WINS or to set up veth so I can use normal broadcasting?
>> Or are there other ways to do name resolution with a samba server
>> installed in a VE container which I oversaw.
>>
>> I'm a newbie and netbios name resolution is hard to understand. so I
>would
>> be very happy to get any suggestions from people already using samba
>> server in an open vz container.... do you guys use venet or veth or do
>you
>> just activate WINS?
>>
>> birgit
>>
>>
>>
>>
>>
>> ===========================
>>
>> thank you Johannes. no, I don't really need WINS but it was the only
>way I
>> could join clients to the domain so far. so I activated it. DNS should
>be
>> available and working too.
>>
>> /etc/nsswitch.conf looks like this:
>> hosts: files dns
>>
>> Can I use venet with samba or should I change to veth?
>>
>> regards, birgit
>>
>>
>>
>> Johannes Truschnigg <johannes at truschnigg.info> schreibt:
>>>Hi Birgit,
>>>
>>>On Tue, Aug 07, 2012 at 01:38:32PM +0200, Birgit Berger (UV Wien) wrote:
>>>> I'm new to the list. hopefully my question is correctly placed here...
>>>>
>>>> I'd installed my samba server 3.5.6 on debian squeeze in a openvz
>>>> container that uses venet. I'd love to keep it that way but I'm not
>sure
>>>> if that is ok. Do you use samba server with venet or do I have to
>change
>>>> to veth?
>>>>
>>>> I already read
>http://wiki.openvz.org/Differences_between_venet_and_veth
>>>> and I don't want to intall shorewall in every container (VE). Also
>venet
>>>> seems easier to administrate and is faster.
>>>>
>>>> I read
>>>>
>>>http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html
>>>> and nmblookup (chapters 4,5,6 and 10) doesn't work. This is because of
>>>> venet, I suppose. Because with venet broadcasting doesn't work. But
>do I
>>>> really need it for the Samba server or can I just use DNS (on other
>>>> servers than the samba server) and WINS server (on the samba server)?
>>>Can
>>>> I stick to venet or should I use veth?
>>>
>>>Do you have clients on the network that you know absolutely require WINS
>>>for
>>>resolving names? (I'd actually have a hard time believing that, but who
>>>knows...) Other than that, not having WINS but DNS as its modern and
>>>sensible
>>>replacement in working condition should be perfectly sufficient for your
>>>day
>>>to day Samba (and other networking) needs. I've been running Samba
>without
>>>nmbd enabled for a few years now (with Windows XP, Windows 7 and
>>>GNU/Linux as
>>>clients) and did not run into any problems becasue of that.
>>>
>>>Grüße aus und nach Wien ;)
>>>
>>>--
>>>with best regards:
>>>- Johannes Truschnigg ( johannes at truschnigg.info )
>>>
>>>www:   http://johannes.truschnigg.info/
>>>phone: +43 650 2 133337
>>>xmpp:  johannes at truschnigg.info
>>>
>>>Please do not bother me with HTML-email or attachments. Thank you.
>>
>>
>>
>> Johannes Truschnigg <johannes at truschnigg.info> schreibt:
>>>Hello again,
>>>
>>>On Tue, Aug 07, 2012 at 02:28:24PM +0200, Birgit Berger (UV Wien) wrote:
>>>> thank you Johannes. no, I don't really need WINS but it was the only
>>>way I
>>>> could join clients to the domain so far. so I activated it. DNS should
>>>be
>>>> available and working too.
>>>>
>>>> /etc/nsswitch.conf looks like this:
>>>> hosts: files dns
>>>
>>>That's fine - you don't want anything reagrding winbind or WINS in
>there,
>>>since you don't have proper name resolution set up over that kind of
>>>protocol/service.
>>>
>>>> Can I use venet with samba or should I change to veth?
>>>
>>>Just stick with what you got - vnet will be fine.
>>>
>>>Have a nice day!
>>>
>>>--
>>>with best regards:
>>>- Johannes Truschnigg ( johannes at truschnigg.info )
>>>
>>>www:   http://johannes.truschnigg.info/
>>>phone: +43 650 2 133337
>>>xmpp:  johannes at truschnigg.info
>>>
>>>Please do not bother me with HTML-email or attachments. Thank you.
>>
>>
>>
>> Birgit Berger
>>
>> EDV-Administratorin an der ÖH Uni Wien
>>
>> http://www.oeh.univie.ac.at/arbeitsbereiche/edv.html
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>



Birgit Berger

EDV-Administratorin an der ÖH Uni Wien

http://www.oeh.univie.ac.at/arbeitsbereiche/edv.html

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dcdiag.txt
URL: <http://lists.samba.org/pipermail/samba/attachments/20120814/245f200c/attachment.txt>

More information about the samba mailing list