[Samba] samber server in openvz container - venet oder veth0?

Daniel Müller mueller at tropenklinik.de
Tue Aug 14 07:54:43 MDT 2012 

Did you set in your registry:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters] 
"DomainCompatibilityMode"=dword:00000001 
"DNSNameResolutionRequired"=dword:00000000

Which version of samba do you use?
With samba4 you do not use any wins anymore.



-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------

-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von Birgit Berger (UV Wien)
Gesendet: Dienstag, 14. August 2012 15:12
An: nkadel at gmail.com
Cc: samba at lists.samba.org
Betreff: Re: [Samba] samber server in openvz container - venet oder veth0?

Nico Kadel-Garcia <nkadel at gmail.com> schreibt:
>On Fri, Aug 10, 2012 at 2:44 PM, Birgit Berger (UV Wien) 
><birgit.berger at oeh.univie.ac.at> wrote:
>> sorry, to bother you again.
>>
>> I cannot join win7 or winXP clients to my samba domain sever located 
>> on
>a
>> debian server in a VE (openvz) unless I set up the server and clients 
>> to use WINS. But the recommendation is not to use WINS. openvz 
>> natively
>uses
>> venet. venet makes broadcasting impossible.
>>
>> I guess DNS is sufficient for name<->IP resolution but not for 
>> NetBios name<->IP resolution (it doesn' know name types and maybe 
>> that's why it cannot find DMB and logon server?) and that's why my 
>> win7 and winXP clients cannot join the domain.
>
>Why don't the netbios names match the DNS names? Is your VPN not 
>setting your default domain names?

the computer names are exactly the same as the names registered in DNS.
e.g.
>hostname
PC5

the entry in DNS ist PC5.oeh.univie.ac.at

so it should work. but it doesn't. windows 7 and windows xp computers cannot join the domain. (unless i set a WINS server in the tcp/ip settings on each client. Then they can join the domain and machine accounts are
created.) Without WINS server set in the tcp/ip settings on each client I get the error message (see below), when I try to join the domain in
Computer->Eigenschaften->Einstellungen ändern->Ändern->Domäne (where I
type the domain name)->OK

(The error message in win XP is exactly the same as the one in windows 7)

Why does it necessarily ask for a WINS server? it should be possible without WINS server, shouldn't it? Or do I have to use WINS server when I user samba in a VE (openvz) with venet? And why DNS isn't enough for joining client machines to the domain?

================================
dcdiag.txt:

Der Domänenname "OEH" ist möglicherweise ein NetBIOS-Domänenname.
Sollte dies der Fall sein, stellen Sie sicher, dass der Name bei WINS registriert ist.

Wenn Sie sicher sind, dass es sich nicht um einen NetBIOS-Domänennamen handelt, können folgende Informationen bei der Behandlung von Problemen mit der DNS-Konfiguration behilflich sein:

Der folgende Fehler ist beim Abfragen von DNS über den Ressourceneintrag der Dienstidentifizierung (SRV) aufgetreten, der zur Suche eines Active Directory-Domänencontrollers für die Domäne "OEH" verwendet wird:

Fehler: "Der DNS-Name ist nicht vorhanden."
(Fehlercode 0x0000232B RCODE_NAME_ERROR)

Es handelt sich um die Abfrage des Dienstidentifizierungseintrags (SRV) für _ldap._tcp.dc._msdcs.OEH.

Häufigste Fehlerursachen:

- Die zum Ermitteln eines Active Directory-Domänencontrollers (AD DC) erforderlichen DNS-SRV-Einträge wurden nicht in DNS registriert. Diese Einträge werden automatisch bei einem DNS-Server registriert, wenn ein Active Directory-Domänencontroller einer Domäne hinzugefügt wird. Die Einträge werden vom Active Directory-Domänencontroller zu festgelegten Intervallen aktualisiert. Dieser Computer wurde zum Verwenden von DNS-Servern mit den folgenden IP-Adressen konfiguriert:

131.130.1.12
131.130.1.11

- Mindestens eine der folgenden Zonen enthalten keine Delegierung zu dieser untergeordneten Zone:

OEH
. (die Stammzone)
==================================



>
>
>
>> So given my virtual server setup with openvz, do you rather suggest 
>> to
>use
>> WINS or to set up veth so I can use normal broadcasting?
>> Or are there other ways to do name resolution with a samba server 
>> installed in a VE container which I oversaw.
>>
>> I'm a newbie and netbios name resolution is hard to understand. so I
>would
>> be very happy to get any suggestions from people already using samba 
>> server in an open vz container.... do you guys use venet or veth or 
>> do
>you
>> just activate WINS?
>>
>> birgit
>>
>>
>>
>>
>>
>> ===========================
>>
>> thank you Johannes. no, I don't really need WINS but it was the only
>way I
>> could join clients to the domain so far. so I activated it. DNS 
>> should
>be
>> available and working too.
>>
>> /etc/nsswitch.conf looks like this:
>> hosts: files dns
>>
>> Can I use venet with samba or should I change to veth?
>>
>> regards, birgit
>>
>>
>>
>> Johannes Truschnigg <johannes at truschnigg.info> schreibt:
>>>Hi Birgit,
>>>
>>>On Tue, Aug 07, 2012 at 01:38:32PM +0200, Birgit Berger (UV Wien) wrote:
>>>> I'm new to the list. hopefully my question is correctly placed here...
>>>>
>>>> I'd installed my samba server 3.5.6 on debian squeeze in a openvz 
>>>> container that uses venet. I'd love to keep it that way but I'm not
>sure
>>>> if that is ok. Do you use samba server with venet or do I have to
>change
>>>> to veth?
>>>>
>>>> I already read
>http://wiki.openvz.org/Differences_between_venet_and_veth
>>>> and I don't want to intall shorewall in every container (VE). Also
>venet
>>>> seems easier to administrate and is faster.
>>>>
>>>> I read
>>>>
>>>http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.
>>>html
>>>> and nmblookup (chapters 4,5,6 and 10) doesn't work. This is because 
>>>> of venet, I suppose. Because with venet broadcasting doesn't work. 
>>>> But
>do I
>>>> really need it for the Samba server or can I just use DNS (on other 
>>>> servers than the samba server) and WINS server (on the samba server)?
>>>Can
>>>> I stick to venet or should I use veth?
>>>
>>>Do you have clients on the network that you know absolutely require 
>>>WINS for resolving names? (I'd actually have a hard time believing 
>>>that, but who
>>>knows...) Other than that, not having WINS but DNS as its modern and 
>>>sensible replacement in working condition should be perfectly 
>>>sufficient for your day to day Samba (and other networking) needs. 
>>>I've been running Samba
>without
>>>nmbd enabled for a few years now (with Windows XP, Windows 7 and 
>>>GNU/Linux as
>>>clients) and did not run into any problems becasue of that.
>>>
>>>Grüße aus und nach Wien ;)
>>>
>>>--
>>>with best regards:
>>>- Johannes Truschnigg ( johannes at truschnigg.info )
>>>
>>>www:   http://johannes.truschnigg.info/
>>>phone: +43 650 2 133337
>>>xmpp:  johannes at truschnigg.info
>>>
>>>Please do not bother me with HTML-email or attachments. Thank you.
>>
>>
>>
>> Johannes Truschnigg <johannes at truschnigg.info> schreibt:
>>>Hello again,
>>>
>>>On Tue, Aug 07, 2012 at 02:28:24PM +0200, Birgit Berger (UV Wien) wrote:
>>>> thank you Johannes. no, I don't really need WINS but it was the 
>>>> only
>>>way I
>>>> could join clients to the domain so far. so I activated it. DNS 
>>>> should
>>>be
>>>> available and working too.
>>>>
>>>> /etc/nsswitch.conf looks like this:
>>>> hosts: files dns
>>>
>>>That's fine - you don't want anything reagrding winbind or WINS in
>there,
>>>since you don't have proper name resolution set up over that kind of 
>>>protocol/service.
>>>
>>>> Can I use venet with samba or should I change to veth?
>>>
>>>Just stick with what you got - vnet will be fine.
>>>
>>>Have a nice day!
>>>
>>>--
>>>with best regards:
>>>- Johannes Truschnigg ( johannes at truschnigg.info )
>>>
>>>www:   http://johannes.truschnigg.info/
>>>phone: +43 650 2 133337
>>>xmpp:  johannes at truschnigg.info
>>>
>>>Please do not bother me with HTML-email or attachments. Thank you.
>>
>>
>>
>> Birgit Berger
>>
>> EDV-Administratorin an der ÖH Uni Wien
>>
>> http://www.oeh.univie.ac.at/arbeitsbereiche/edv.html
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>



Birgit Berger

EDV-Administratorin an der ÖH Uni Wien

http://www.oeh.univie.ac.at/arbeitsbereiche/edv.html

More information about the samba mailing list