Netbios name %m not always correct

David Lee t.d.lee at
Tue Oct 21 10:06:28 GMT 2003

On Sat, 18 Oct 2003, Christopher R. Hertel wrote:

> David Lee wrote:
> >
> :
> > Yes.  The intention in both Michael's case and mine is to send a popup
> > (historically WinPopup?) message to the PC that has initiated the
> > connection.  Our configuring smb.conf's "print command" and "preexec" to
> > do "smbclient -M ... %m ..." is simply a means to achieve that end.
> >
> > If there is some other (better, more appropriate, etc.) means to that end
> > we'll happily consider switching to it.  What might it (or they) be?
> Well...
> Do you remember about a year ago when there was a big flap about Spam-
> vertising Popups on Windows systems?  Some company in Florida was selling
> (at $300-ish a copy, as I recall) a bit of software that would send
> pop-ups to unsuspecting (and unprotected) users across the Internet.  That's
> when Microsoft started recommending that people block ports 135 and 138.
> Here is the deal:
> The WinPopup application, which is common on home and desktop Windows
> flavors (Win9x, ME, and possibly XP-Home) uses a very old remote function
> call system known as the Windows Messsanger Service.  It's documented here
> and there.  Probably the best place to start would be the X/Open's
> 11-year-old SMB specifications.  (See the References section in my on-line
> book.)

Presumably the Microsoft/Intel "File Sharing Protocol" "PN 138446"  (and
similar) from November 1988?  (It so happens that a few months ago, I
supplied two patches to "SMBsend*" code in "libsmb/climessage.c" that
implements that spec.)

> With WindowsNT4 (possibly in some service pack) it was recognized that the
> NetBIOS based Messanger Service was outdated and needed replacing.  The
> functionality was re-implemented using Microsoft's Remote Procedure Call
> (MS-RPC) system.  The basics are the same.  A message is sent to the receiver
> and displayed.  I *don't* know a lot about the workings of the RPC call based
> Messanger Service, but:
>   - It doesn't require NetBIOS.
>   - It only works on systems that support MS-RPC.


But can we briefly return to the "Big Picture", (away from the technical
detail for just a moment, although we'll return...)

The Big Picture:
1. PC connects to a samba server;
2. smb.conf (e.g. "print command") can invoke some mechanism to send some
   sort of message back to that same PC.

In "the good old days"(!), the particular implementation of this "big
picture" is step 1 providing a name (it so happens, a NetBIOS name) to the
samba server, and that step 2 could invoke "smbclient -M ... %m ...".
Note the linking role of "%m"  (which happens to be that NetBIOS name).

Closing in towards some detail:

You suggest (if I understand correctly) that the above implementation is
increasingly inappropriate/unusable (two counts: NetBIOS/WINS on the wane;
Windows Messenger Service outdated and/or insecure).  Fair enough.

So it sounds as if we need a version of "smbclient -M ..." (or something
analogous to it) that can use a DNS-name or IP-address (instead of "%m"
NetBIOS name) and that can use this MS-RPC thingy (instead of "SMBsend*").

Is that correct?

> I *think* that the RPC version is on by default on some platforms, and that
> it's a bit harder to turn off, but I'm not sure.  I don't known enough about
> this mechanism (something I hope to rectify some day).
> As far as I know, Samba has not implemented any tools for utilizing the
> MS-RPC version of the Messanger Service.  Because of the potential for
> abuse, there really is not much call.  On the other hand, I'm sure there's
> enough code to get someone started.  It's basically an RPC call.

Could you give me two pointers:

1. Whereabouts in the Samba 3.0.0 code should I start looking for the
   existing code?

2. Is there a document (the equivalent to Nov.1988 138446) that describes
   the protocol?

> Chris Hertel -)-----
> Durham University Alumnus  :)

[I seem to recall your Dunelm pedigree from a conversation a couple of
years ago.  Greetings!]


:  David Lee                                I.T. Service          :
:  Systems Programmer                       Computer Centre       :
:                                           University of Durham  :
:            South Road            :
:                                           Durham                :
:  Phone: +44 191 334 2752                  U.K.                  :

More information about the samba-technical mailing list