AW: Using remote announce w/ security=domain

Kuppinger - Martin Kuppinger martin at kuppinger.com
Thu Apr 15 19:03:07 GMT 1999


1) poison their WINS server database (either by using it as _your_ WINS
server or getting its admin to add an entry for your server OR by writing
a small program to register the samba server's ip address in TWO WINS
servers :-) :-)
[>]  Had the same idea (just use their WINS-Server as your WINS-Server). Depends on the bandwidth between the subnets.

2) sneak a samba server onto that subnet with "wins proxy = yes" where
that samba server uses the same WINS server as the rest of _your_ samba
servers+windows clients.
[>]  Won't work, I think. The clients in the other subnet are pointing directly to their WINS Server and, if configured as H-node, won't use NetBIOS Broadcasts. And WINS-Proxy doesn't affect unicasts to a WINS-Server, but only NetBIOS-Broadcasts.

3) rely on the remote clients using dns, plus you using remote announce:
this is one of the _only_ situations under which i would recommend the use
of remote announce

4) hack into all of those machines on the remote network and put your
samba server in their lmhosts files (not recommended :-)

5) _ask_ individual users who wish to access your samba servers to add an
entry in the lmhosts file.

samba servers as PDCs need to have that odd #PRE DOMAIN_NAME system in
clients' lmhosts.
[>]  It's #PRE #DOM DOMAIN_NAME, but only if there's no domain controller (doesn't matter if PDC or BDC) in the local subnet of the client

Some additional points:
1. In this thread some people said that you should usually have several NT WINS Servers when using NT? Why? I never had any problems in smaller environments with using just one WINS-Server and H-Nodes. Usually works fine.

2. Don't believe what Microsoft is telling on WINS configuration (especially replication). In most situations (especially on networks with small bandwidth WAN connections between), there might be better, more effective solutions using combinations of NetBIOS-Broadcasts, LMHOSTS and WINS if you need to use NetBIOS Name Resolution.



More information about the samba-ntdom mailing list