[Samba] Browsing in AD networks
Denis Cardon
dcardon at tranquil.it
Mon Jan 15 17:20:52 UTC 2018
Hi Andreas,
> sorry to bother you with probably another stupid question, but googl'ing
> didn't help here. Can someone give me an overview of how network
> browsing from windows workstations is supposed to work in AD networks?
>
> I have recently upgraded a samba server running an NT4-style domain with
> classicupgrade. The workstations are Windows 7 (with the registry fix
> applied to be able to join an NT4 domain, if that matters).
you should revert the registry hack after having upgraded your network
to AD authentication. It is not necessary anymore and may have some
side-effects.
> After the
> classicupgrade, the network neighbourhood on the windows workstations
> was empty, with a yellow bar prompting me to enable network discovery. I
> learned that this is the default, but I should still be able to see file
> servers in AD. The problem is, I don't. I can click on "Browse Active
> Directory", search for computers and then I can see them, but I don't
> think this is how it should be.
Network neighborhood is not implemented in Samba-AD. It is not very
efficient and is usually disabled on large network. One should
definitely learn to do without it (sorry, no choice here).
> Even after enabling network discovery, I only get an incomplete list of
> 4 workstations on the network, which does not include the server. I
> could see with nbstat that one of the shown workstations has now
> registered the __msbrowse__ name. But I also learned that samba doesn't
> support browsing/nmbd on a DC. How do I get the list back?
The desktop is probably doing some broadcasting to find its neighbors,
which is not very reliable. Anyway, from a security point of view you
should aim at completely remove NetBIOS from your network. NetBIOS has
been designed 30 years ago without much security or scalability in mind!
Cheers,
Denis
>
> Thanks,
> Andreas
>
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr
More information about the samba
mailing list