smbclient server name resolution [SAMBA digest 1503]

Darrin M. Gorski dgorski at ford.com
Tue Nov 25 23:12:25 GMT 1997


On Tue, 25 Nov 1997, Roeland M.J. Meyer wrote:

> In "managed" corporate sites, this might be desireable, but restricting
> information is generally not good/healthy. What you do here is raise the
> bar too much. In MIS managed sites this is desireable in order to keep the
> clue-less from jiggering the system, but I found it to be a major PITA when
> setting up my own domain. It is one reason why Unix-folk have a hard time
> ducking the "elitist" charge. I figure that if an SA, or workstation user,
> has enough beans to compile and install Samba, from sources, then I'll
> gladly give them a named.boot file and let'em run named. Notice the
> emphasis on getting Samba to run first, it's an IQ test <grin>. By doing it
> themselves, it saves me about 3 hours per Samba installation. OTOH, it
> takes about 10 minutes to fire up named for them.

Don't get me wrong, I'm not saying don't tell them how, just don't do it
for them. I despise software installs that install other *unrequired*
software along the way. It's been a long running pet peave of mine. It's
something Microsoft loves to do.

> If I have to do it all for them then all the *.conf files remain r-o,
> including named.boot.

And I'd agree with that 100%.

> Personally, I don't even like them running Samba, at that point and
> would rather be handing them a WinNTws machine and shift the problems to
> the Windows/LAN support group <grin>.

You devil. ;-) In my case, that simply moves the problem from me to me.
And I would *NEVER* encourage a UNIX user to go to NT. I don't want to be
remembered that way.

> >From a support standpoint, I wouldn't mind if a user installed Samba on
> >his/her workstation, but named I would not allow. The simple reason is if
> >they blow it, I'll get a trouble ticket that says _my_ DNS is down, even
> 
> Huh?!? How can their secondary break your Primary?!? This sounds more like
> a process problem.

I'm not saying they can take the primary down, but they could sure bugger
their own resolver up good. That leaves their workstation useless to
them, and I get a call. Please understand, when *ANYTHING* goes wrong
with a machine connected to a network (any network), my users say 'The
network is down', even when their cubie is still working.

> >if they really broke their own. Then it would take me the next hour to get
> >the user to tell me they 'added' named for Samba. I would not be amused.
> 
> If you provided the named.boot file, and they didn't have to edit it, then
> where's the harm? It would certainly reduce your network load. You could
> even use rdist to maintain it. Refresh it at regular intervals (like once
> per day) to prevent them from monkey-rigging it.

Again, provide all the tools and instructions, just don't do it
automatically as part of the Samba install. That's the point I'm trying to
make, nothing more.

> >In short, don't do it for the user. If they are going to run named, they
> >should at least understand a little about DNS and named. Much like those
> >who run Samba should at least know a little about SMB and Samba.
> 
> I thought like that once. It makes too much work, all the way 'round. If
> you feel accountable, and I certainly am, don't let end-users install Samba
> on servers, do it yourself.

The point is not who's user's we're talking about, it's that Lee Average
user running Samba on his/her PC at home using an ISP could potentially
lose name service and forever wonder why, because he/she has no concept
of DNS and how it's supposed to work.

> Otherwise, it's trivial to give them a site-dependent named.boot file
> and let them run named, with specific instructions to not mess with it,
> on pain of appendage removal. *That* takes all of two minutes, to setup
> one directory, ftp two files and jigger the SysV init stuff. Generally,
> you don't even have to crack open vi.  Personally, I set named.boot to
> "root.wheel r-r-r". 

To reiterate, I simply feel that named should not be installed with 'make
install' from the Samba distribution. Perhaps a 'make installnamed' would
be more appropriate. I just don't like the automatic install idea.

Other issues:

  Which named? Will samba come with the source to one? Who'll maintain it?

                                [Darrin]

 "I have no special gift. I am only passionately curious."
				- A. Einstein

Darrin M. Gorski, Research Computer Systems Network Support
Scientific Research Laboratories, Ford Motor Company
Internet: dgorski at ford.com | Tel/Fax: +1 (313) 248-3753



More information about the samba mailing list