Samba constantly loosing elections. Weirdness in browsing..

Harald H Hannelius harald at penti.sit.fi
Sun Jan 10 18:15:39 GMT 1999 


I have a network with 2 samba servers, 16 NT-wks (sp3), and some 70 Pc's
running windows95. I experience weirdness in browsing..

The first Samba is a 2.1.0prealpha (pdc, wins, homes, NIS auth server
and such). (smb.conf further down)

The second server (apps and such) is a NIS-client, and runs
security=server. (samba 2.0.0beta5) (smb.conf further down)

I have several problems here, (slowness in logging on to a NT-wks,
cannot find app-server in 'Network Neighborhood'...and so on..) 
and I think all the problems are connected to this one:

I am running WINS on the samba-pdc, and when i list resources on the
server, it always thinks it is master of the domain. However, if I list
the apps-server, it usually thinks one of the nt-workstations is the
master. If I apply a registry patch to Nt-wks's, they stop
appering in PDC's browse list. (patch lower down, nomaster.reg)

The next thing that happened is that a windows95 machine that had
file-sharing installed wanted to be master. Eventhough I have os level on
64 on the pdc, it never gets to be the master browser :( 

I took away file-sharing on the windows95 machine, and now the pdc-server
doesn't see *any* other machine in the browse list. Looks like you have to
have at least one windows machine that fights elections in order to get
the election process going, but why isn't samba always winning?

Ok, I re-installed the browser on some NT-workstations, and now I can see
every Nt-workstation and the Samba app-server, both in Network
Neighborhood on the NT-wks's and in the pdc's browse list. But, browsing
the app-server still reports a nt-workstation as master browser. I have
disabled netbios interface on Nt-workstations, and they are only running
tcp/ip.

Sometimes the pdc *is* master, but when it isn't, logging on to a NT-wks
takes about 1 minute. When I have samba-pdc as master browser, logging on
usually takes less than 10 s.

Isn't there any other way to let the pdc win elections more securely?
Or is there something I've missed in configuring the network?

Here is some output from log.nmb:  

[1999/01/10 20:05:39, 0] nmbd/nmbd.c:sig_hup(93) 
  Got SIGHUP dumping debug info.  
[1999/01/10 20:05:39, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(308) 
  dump_workgroups() 
   dump workgroup on subnet 193.167.32.3: netmask= 255.255.255.0: 
        SAMBA(1) current master browser = THAT
                THAT 400c9b0b (Samba auth and home server)  
[1999/01/10 20:05:39, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(308) 
  dump_workgroups() 
   dump workgroup on subnet UNICAST_SUBNET: netmask= 193.167.32.3: 
        SAMBA(1) current master browser = UNKNOWN


###################

What is UNICAST_SUBNET? And why does samba-logs say that it is:

[1999/01/10 18:42:38, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(118) 
  become_logon_server_success: Samba is now a logon server for workgroup
	SAMBA on subnet 193.167.32.3

On subnet 193.167.32.3? Shoulnd't this be something like 193.167.32.0/24 ?


=================== relevant parts of smb.conf from PDC-server:  ;  ; 
	null passwords = no 
	guest account = guest 
	workgroup = SAMBA 
	wins support = yes
	name resolve order = wins lmhost host bcast
	domain master = yes 
	local master = yes
	os level = 64
        preferred master = yes
        domain logons = yes
        logon script = scripts\login.bat
        security = user ;  logon path = \\%N\%U\Windows
        logon path = \\that\%U\Windows
        preserve case = yes
        case sensitive = no
        smb passwd file = /usr/local/samba/private/smbpasswd
        encrypt passwords = yes
        log level = 0
        unix password sync = yes
        passwd program = /usr/bin/passwd %u ; /root/Scripts/yp-restart
        passwd chat = *word: %n\n *word: %n\n *changed*
        socket options = IPTOS_LOWDELAY TCP_NODELAY 
        domain group map = /usr/local/samba/var/domaingroup.map 
        logon drive = h: 
        logon home = \\%N\%U
        lm announce = yes
        lm interval = 120



=====================================
Relevant parts of apps-server's smb.conf:

        load printers = yes 
        workgroup = SAMBA 
; security=domain doesn't work :(
;  	security = domain
        security = server
        password server = that
        debug level = 0
        log file = /var/adm/smbd/%m.log
        encrypt passwords = yes
        smb passwd file = /usr/local/samba/private/smbpasswd
        wins server = ip.of.pdc.samba
        wins support = no
        wins proxy = yes
        domain master = no
        local master = no
        preferred master = no
        os level = 10
        case sensitive = no
        preserve case = yes
        socket options = IPTOS_LOWDELAY TCP_NODELAY 
        username map = /usr/local/samba/lib/username.map 
        server string = "Samba App-server"



==============nomaster.reg
REGEDIT4
; Contributor:  Harald Hannelius (Harald at iki.fi) (Thanks Allen Reese)
; Updated:  	09 January 1999 
; Status:  	Current 
;
; Subject:  	Registry file so NT won't participate in election.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters]
"MaintainServerList"="No" 
"IsDomainMaster"="FALSE"
=============EOnomaster.reg




-- 

===========================================================        
Harald H Hannelius | harald at sit.fi      | GSM +358405470870
Mauritzgatan 14D41 | www.iki.fi/~harald | Pho +35892783568
00170 HKI FINLAND  | harald at iki.fi      | Fax +35892783568
===========================================================

More information about the samba-ntdom mailing list