[Samba] The "single WINS" problem
Andrew Bartlett
abartlet at samba.org
Sat Nov 26 10:39:24 GMT 2005
On Sat, 2005-11-26 at 09:29 +0100, Tomasz Chmielewski wrote:
> To prevent such cases, where networks are separate (i.e. in different
> cities) but use a single user database (in LDAP), I just set up PDCs
> instead of BDCs (they don't see each other via netbios anyway), and each
> of them is acting as a WINS server.
> I find it much more resistent to such failures.
One of the nice things about this setup is that with 'dns proxy = yes',
you can still have access to the same fileservers (because they are in
DNS), but the netbios space is separate for PDC/BDC etc. I use this to
separate my (less trusted) wireless network from the main LAN. The
wireless gateway is a DC and WINS server. Were a malicious laptop to
spoof the DC, corrupt WINS etc, it cannot disrupt the main LAN.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20051126/fee6fb8b/attachment.bin
More information about the samba
mailing list