[Samba] 3.0.20a nmbd/wins problems - can't find domain

Paul Griffith paulg at cs.yorku.ca
Wed Oct 19 14:51:59 GMT 2005 

Greetings,

Our setup:
Xeon 2x2.8Ghz/2GB RAM
Red Hat Linux release 7.3 (Valhalla)
Kernel 2.4.29 on an i686
multihomed - 5 subnets, samba operates only on 4
firewalled
Samba: v3.0.20a
Clients: Windows XP SP2 fully patched; MacOS X 10.3/10.4

We are having intermittent problems with nmbd/wins. At one point our
admin users couldn't logon for upto 2 hours. When any of our user login
into the domain they *may* get the eror message stating that the domain
is not available. 

Here are the steps we have taken to try to solve this problem

1 - move Samba from xinetd to standalone startup script
2 - update Samba from 3.0.11 to 3.0.20a
3 - open up firewall to allow udp ports 137-139;445 from our 4 subnets
4 - tested against a fully unpatched WinXP SP2 client to see if it was a 
    MS patch

All the above steps failed :-(

How we can reproduce the error...

1 - login to domain
2 - turn off computer, not log off
3 - login into domain when the login screen appears
4 - goto step 2 and repeat until domain login fails (about 2-3 times)


Using etherreal we have notice that the only difference between a good
or bad session is..

bad session - client doesn't do anything with the NB name query and
goes to DNS to find the IP of the server that handles the CSYORKUCA
domain. We dont't have the netbios name in our DNS

good session - client doesn't goto dns, it works with the NB name
query and talks to the server that handles the CSYORKUCA domain.

In the past we had never put the 'netbios name' into the DNS. I was
under the impression that netios wasn't routable? How would this work
with 4 subnets?

Any advice....

Thanks
Paul


---smb.conf--- 
[global]
	display charset = ascii
	workgroup = CSYORKUCA
	netbios name = PCSERVER
	netbios aliases = SILVER
	server string = CS Samba %v Server
	interfaces = 130.63.xx.xx/255.255.255.0, 130.63.xx.xx/255.255.255.0, 130.63.xx.xx/255.255.255.0, 130.63.xx.xx/255.255.255.0
	bind interfaces only = Yes
	passdb backend = pdb_udb
	enable privileges = Yes
	passwd program = /cs/local/lib/udb/smbchange %u
	passwd chat = . %n\n
	username map = /cs/local/share/samba/usermap
	unix password sync = Yes
	client NTLMv2 auth = Yes
	client lanman auth = No
	client plaintext auth = No
	log level = 2
	max log size = 0
	deadtime = 3
	printcap name = /cs/local/share/LPRng/printcap
	logon script = default.bat
	logon path = 
	logon home = 
	domain logons = Yes
	os level = 65
	preferred master = Yes
	domain master = Yes
	wins support = Yes
	invalid users = root
	inherit permissions = Yes
	hosts allow = 127.0.0.1/24, 130.63.xx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xxx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xx.91/255.255.255.0, 130.63.xx.200/255.255.255.0
	print command = /cs/local/bin/lpr -b -P%p %s ; rm -f %s
	lpq command = /cs/local/bin/lpq -P%p
	lprm command = /cs/local/bin/lprm -P%p %j
	use client driver = Yes
	oplocks = No
	level2 oplocks = No

[netlogon]
	path = /cs/local/share/samba/netlogon

[homes]
	comment = Home Directories
	valid users = %S
	read only = No
	csc policy = disable

[printers]
	comment = All Printers
	path = /tmp
	create mask = 0700
	printable = Yes
	browseable = No

More information about the samba mailing list