How does NT choose a DC?

Luke Kenneth Casson Leighton lkcl at samba.org
Wed May 10 18:52:48 GMT 2000 

On Thu, 11 May 2000, Gene Yee wrote:

> 
> Luke, with such a quick responce I wasn't quite sure if you were just making 
> a statement or confirming what Paul said.

rsi.
 
> So does a workstation make a request from all the DCs located from WINS and 
> authenticates with the quickest server?  Seems a bit chatty if you ask me...

multi-stage, and yes, it's chatty, and insecure [all based on UDP].

nbt 137 lookup domain<1c> bcast & wins.  fail?
nbt 137 lookup domain<1b> wins & bcast.  fail?
nbt 137 lookup domain<00> bcast.  fail?  failed?

any success: from nbt 137 contains ip of pdc or bdc.

nbt 138 GETDC to ip-of-domain<xx> from above.  fail?  failed.

success: response contains name-of-server.

nbt 137 lookup server<00> wins & bcast.  fail?  failed.

success: *now* you can do an SMB session request.

this is not all, there are bits left out.

now, is anyone curious as to _why_ it sometimes takes 30 seconds to
time-out if your DC can't be found?


> >From: Luke Kenneth Casson Leighton <lkcl at samba.org>
> >Reply-To: lkcl at samba.org
> >To: Multiple recipients of list SAMBA-NTDOM <samba-ntdom at samba.org>
> >Subject: Re: How does NT choose a DC?
> >Date: Wed, 10 May 2000 16:40:52 +1000
> >
> >udp 138 mailslot GETDC request.
> >
> >On Wed, 10 May 2000, Paul J Collins wrote:
> >
> > > >>>>> "Anders" == Anders C Thorsen <anders at aae.wisc.edu> writes:
> > >
> > >     Anders> Well... my guess would be to look at the subnet (ip AND
> > >     Anders> netmask)
> > >
> > > But that *is* a broadcast, they exact type that is done in the absence
> > > of WINS.
> > >
> > > I seem to recall hearing that the client gets a list of all the DCs in
> > > the WINS and sends a request to each of them and then picks the one
> > > that responds first; a focused broadcast, if you will.  NetBIOS names
> > > with type 0x1c are domain controllers, I believe.
> > >
> > > Paul.
> > >
> > > --
> > > Paul Collins <sneakums at eircom.net> - - - - - [ A&P,a&f ]
> > >  GPG: 0A49 49A9 2932 0EE5 89B2  9EE0 3B65 7154 8131 1BCD
> > >  PGP: 88BA 2393 8E3C CECF E43A  44B4 0766 DD71 04E5 962C
> > > "Linux: it's just this operating system, you know?"
> > >
> >
> ><a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton    </a>
> ><a href=" http://cb1.com/~lkcl"  > Samba and Network Development   </a>
> ><a href=" http://samba.org"      > Samba Web site                  </a>
> ><a href=" http://mcp.com"        > Macmillan Technical Publishing  </a>
> >
> >ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
> >
> 
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
> 

<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton    </a>
<a href=" http://cb1.com/~lkcl"  > Samba and Network Development   </a>
<a href=" http://samba.org"      > Samba Web site                  </a>
<a href=" http://mcp.com"        > Macmillan Technical Publishing  </a>
 
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals

More information about the samba-ntdom mailing list