[Samba] cross vlan browsing / domain authentication

Toby Schaefer toby-list at mail.nixa.k12.mo.us
Fri Dec 12 23:08:54 GMT 2003


Greetings!

  I've been on the list for some time, and have recently deployed a samba
3.0.0 server / LDAP backend in order to provide domain authentication and
roaming profiles.  One question that I have is, when vlans are used, what is
the best way to propagate the server across them?  If I turn on WINS and use
my dhcp server to give the wins information, all the NetBIOS information
will flow freely - however, at a school system, the vlans are in place to
keep the students from seeing the teacher machines (The see no evil effect).
The other way that I know to do this is the lmhosts import on the client
machines, and this works nicely but is another step to repeat 1500 times. MS
Spams our DDNS with a lot of AD stuff, _ldap_tcp, _kerebos, etc, but samba
does not. 

So, what's the 'preferred' method for announcing the server and hiding the
clients cross-subnet?  Can we statically add the Samba server with the
_ldap, _kerebos, and other SRV listings into our DNS [and it work], or
should the lmhosts be the best solution.  I'm open to suggestions and ready
to really test this beast out!

Cheers,

Toby Schaefer
Nixa R-II School District






More information about the samba mailing list