smbclient server name resolution [SAMBA digest 1503]

Roeland M.J. Meyer rmeyer at mhsc.com
Tue Nov 25 22:22:15 GMT 1997


At 07:52 26-11-97 +1100, Darrin M. Gorski wrote:
>
>My $.02 on the topic:
>
>While I agree that setting up a DNS secondary is a very simple task, I
>think doing it at samba install time is inappropriate. A how-to or even
>it's own subdir in the distribution would suffice. Many people who run
>samba on their desktop will not (nor will their network admins) want to
>install named on those machines. The Samba FAQ should list common problems
>attributed to gethostbyname() timeouts, and should point to the resources
>available with the samba distribution, including info on DNS and running
>named.

In "managed" corporate sites, this might be desireable, but restricting
information is generally not good/healthy. What you do here is raise the
bar too much. In MIS managed sites this is desireable in order to keep the
clue-less from jiggering the system, but I found it to be a major PITA when
setting up my own domain. It is one reason why Unix-folk have a hard time
ducking the "elitist" charge. I figure that if an SA, or workstation user,
has enough beans to compile and install Samba, from sources, then I'll
gladly give them a named.boot file and let'em run named. Notice the
emphasis on getting Samba to run first, it's an IQ test <grin>. By doing it
themselves, it saves me about 3 hours per Samba installation. OTOH, it
takes about 10 minutes to fire up named for them.

If I have to do it all for them then all the *.conf files remain r-o,
including named.boot. Personally, I don't even like them running Samba, at
that point and would rather be handing them a WinNTws machine and shift the
problems to the Windows/LAN support group <grin>.

>>From a support standpoint, I wouldn't mind if a user installed Samba on
>his/her workstation, but named I would not allow. The simple reason is if
>they blow it, I'll get a trouble ticket that says _my_ DNS is down, even

Huh?!? How can their secondary break your Primary?!? This sounds more like
a process problem.

>if they really broke their own. Then it would take me the next hour to get
>the user to tell me they 'added' named for Samba. I would not be amused.

If you provided the named.boot file, and they didn't have to edit it, then
where's the harm? It would certainly reduce your network load. You could
even use rdist to maintain it. Refresh it at regular intervals (like once
per day) to prevent them from monkey-rigging it.

>In short, don't do it for the user. If they are going to run named, they
>should at least understand a little about DNS and named. Much like those
>who run Samba should at least know a little about SMB and Samba.

I thought like that once. It makes too much work, all the way 'round. If
you feel accountable, and I certainly am, don't let end-users install Samba
on servers, do it yourself. Otherwise, it's trivial to give them a
site-dependent named.boot file and let them run named, with specific
instructions to not mess with it, on pain of appendage removal. *That*
takes all of two minutes, to setup one directory, ftp two files and jigger
the SysV init stuff. Generally, you don't even have to crack open vi.
Personally, I set named.boot to "root.wheel r-r-r".


_________________________________________________
Morgan Hill Software Company, Inc.
Colorado Springs, CO - Livermore, CA - Morgan Hill, CA
              
Domain Administrator (MHSC2-DOM)
Administrative and Technical contact
____________________________________________
InterNIC Id:	MHSC hostmaster (HM239-ORG)
e-mail:		mailto:hostmaster at mhsc.com
web -pages:	http://www.mhsc.com/



More information about the samba mailing list