cross-subnet authentication

Iain Rae iainr at civ.hw.ac.uk
Sat Jul 22 18:35:01 GMT 2000 

Lars Kneschke wrote:
> 
> Philip Ciufo wrote:
> >
> > I've been using samba for a while now as a PDC and now require to move
> > several NT workstations into a new subnet, one that is different from the
> > subnet the PDC resides in. I tried the move already and the workstation
> > comes up with the error "a pdc for the domain could not be found". I
> > placed an entry in the lmhosts file of the workstation and this made no
> > difference.
> >
> > I ran samba with a higher log level, but have lost the logs. However, I
> > did see a "rejecting dgram ..." message of sort in the nmbd log file. I
> > can reproduce the error, so if anyone feels I really need the log file
> > then I can post it.
> >
> > My issue here is really if anyone has had a samba PDC in A.B.C.any
> > subnet and the workstation in A.B.D.any subnet and been able to get the
> > workstation to authenticate? If so, was there anything special you had to
> > do?
> If you have Windows workstations in different subnets then the pdc you
> need a wins server. It makes no difference if the pdc is a windows nt or
> samba server. Samba acts as wins server, when you set the parameter
> "wins support = yes" in the global section of your smb.conf.
> 
> Why do you need a wins server?
> 
> With out wins, the windows workstation finds it's pdc, sending
> broadcasts. But a router normaly doesn't route broadcast. So no
> workstation in another subnet then the pdc, will find the pdc.
> If you are using a wins server, the client registers itself and his
> function(pdc, domainmasterbrowser, local masterbrowser) at the wins
> server. If the client searches his pdc, it will ask the wins server,
> which gives him the ip address of the pdc.
> You need to configure the windows workstation to use wins.
> 
> Cu
<nods> Lars is right, if you configure your samba as a wins server and
point the NT PC's at it they will be able to see the PDC (you should be
able to do cross subnet browsing as well), we have a couple of labs that
run happily like this, if you need examples of the smb.conf files we use
then e-mail me.


-- 
Iain Rae
Computing Officer
Dept. Civil & Offshore Engineering
Heriot-Watt University

More information about the samba-ntdom mailing list