[Samba] samba without netbios
julius.junghans at gmx.de
Tue Oct 25 13:19:29 GMT 2005
William Burns wrote:
>> On Monday 24 October 2005 14:06, julius Junghans wrote:
>>> ive read a lot in the howto about netbios/ddns, but im still
>>> confused if
>>> its possible for samba to only use tcp/ip without netbios.
>>> are there any howtos for this topic that are not mentioned in the
> John H Terpstra wrote:
>> Please point me to the documentation (section and page number please)
>> that you have referred to and that is not clear to you. I need to
>> know so I can fix it.
> I don't know what Julius is looking at but...
> I'm looking into similar docs re: DFS not working on SAMBA servers
> that are referred to w/ fully.qualified.sub.domains... (even though a
> straight samba share WILL work under that name)
> I figure that all the info that Julius needs is in the docs...
> Here's how he might proceed to get where he wants to go.
> At the bottom of this section:
> 126.96.36.199 Routed Networks - Page 480
> There's a pretty definitive sounding statement:
>> The use of DNS is not an acceptable substitute
>> for WINS. DNS does not store specific
>> information regarding NetBIOS networking
>> particulars that get stored in the WINS
>> name resolution database and that Windows
>> clients require and depend on.
Ive read that somewhere in the samba3 howto html docs.
> That sounds like a "no".
> But, later in section
> "15.1 Joining a Domain: Windows 200x/XP Professional"
> at the bottom of page 495, there's this:
>> Where NetBIOS technology uses WINS as well as UDP broadcast
>> as key mechanisms for name resolution, Active Directory
>> servers register their services with the Microsoft Dynamic DNS
>> server. Windows clients must be able to query the correct DNS
>> server to find the services (like which machines are domain controllers
>> or which machines have the Netlogon service running).
Maybe the service information is hold in the ldap?
> So, sometime you HAVE to use DNS....
> Later there's a note that you don't have to do this [DNS] if you're in
> a SAMBA domain.
> But... Does this mean I can disable Netbios/Netbeui?
> There's A direct answer to Julius' question in section
> "16.5 Questions and Answers"
> at the bottom of page 554
>> 6. Q: Is it possible to reduce network broadcast activity with
>> A: Yes, there are two ways to do this. The first involves
>> use of WINS (See TOSHARG2, Chapter 9, Section 9.5, “WINS
>> — The Windows Inter-networking Name Server”); the alternate
>> method involves disabling the use of NetBIOS over TCP/IP. This
>> second method requires a correctly configured DNS server (see
>> TOSHARG2, Chapter 9, Section 9.3, “Discussion”)
> Plus the following note:
>> Use of SMB without NetBIOS is possible only
>> on Windows 200x/XP Professional clients
>> and servers, as well as with Samba-3.
> Personally, I find the answer to question 6 a little confusing because
> I *thought* that in Win'9x, disabling "NetBIOS over TCP/IP" meant that
> you'd get no SMB traffic on the TCP/IP side of that client. (It'd be
> all NetBEUI)
> This Win' 9x "NetBIOS over TCP/IP" config feature does not exist in
> Win' XP as such, but is provided by Win' XP's "TCP/IP NetBIOS Helper"
> in Control-Panel/Services which "Enables support for NetBIOS over
> TCP/IP (NetBT) service and NetBIOS name resolution"
> This service sometimes inexplicably gets turned off, causing the
> Win'XP client to fail to use DNS resolution to resolve SMB names.
> But... it IS possible....
> That brings us to this section
> which is not numbered in the html version ??? but in the PDF version
> has a section number:
> "9.3.2 TCP/IP without NetBIOS"
> On page 151 we learn:
>> Use of raw SMB over TCP/IP (No NetBIOS layer) can be done only with
>> Active Directory domains. Samba is not an Active Directory domain
>> ergo, it is not possible to run Samba as a domain controller and at
>> the same time not use NetBIOS.
Yep, I also read that. so you can't use it without an ms windows active
directory server...if i understand this right.
That would be a problem.
> But, it should be possible to do this w/ a stand-alone SAMBA server.
All the DNS/DDNS stuff seems to be hacked into little peaces and put
somewhere in the docs.
> And then, a very interesting statement:
>> Where Samba is used as an Active Directory
>> domain member server (DMS) it is possible to configure Samba to not
>> use NetBIOS over TCP/IP.
Thats what i want. Or maybe im to confused at all now....lets for the
moment assume thats what i want.
> This is interesting because I *thought* that I was concerned about
> replacing NetBIOS w/ DNS name resolution on my Win'XP clients.
> Is this also about how SAMBA resolves names?
> I hadn't given any thought to the possibility that SAMBA might need to
> resolve an IP from a PC name.., or even know the PC name at all...
> IS this a requirement? I mean, isn't the smbd process passive? Maybe
>> if NetBIOS over TCP/IP is disabled, it is
>> necessary to manually create appropriate DNS entries for the Samba DMS
>> because they will not be automatically generated either by Samba, or by
>> the ADS environment.
Can you run a Domain Member Server without an Domain Controller?
> Now, it seems like I've been told that: if I want to have a SAMBA
> server without NetBIOS (only DNS) name services enabled on the
> clients, my only hope is to get a SAMBA member server into my Active
> Directory domain. I'd expect to see the SRV records that I need to put
> into A.D. spelled out...
> Is that what's on page 152?
There was an exception:
6. Q: Is it possible to reduce network broadcast activity with
Am i Wrong?
> Instead, it looks like lots of stuff that an AD domain puts into DNS
> is listed.
> I don't get the idea that these are the few things that I need to ADD
> to an existing MS-DNS server in order to get my member server going.
> (Am I wrong?)
> Then I'm supposed to double-check my work by looking on a DNS server
> named frodo for what provides LDAP service for
> "_ldap._tcp.dc._msdcs.quenya.org" ?
> Phew... That was supposed to convince me that SAMBA/AD domain
> membership is not for the faint-of-heart, right?
> Either that, or it was supposed to encourage me (w/ a wink) to take on
> the challenge of going straight to doing everything w/ a linux-based
> DNS server in place of MS-DNS.
> Which.... Might cause me to look at the section on DDNS, and DHCP,
> where I *think* Julius was looking....
> And I might be encouraged to tilt at the ISC vs. MS DNS windmill. (It
> would be cool, wouldn't it?)
> But I, as a non-unix-wizard, should really be looking back at:
> "6.3 Domain Member Server"
> "6.4 Samba ADS Domain Membership"
> on Page 107.
>> This is a rough guide to setting up Samba-3 with Kerberos authentication
>> against a Windows 200x KDC. A familiarity with Kerberos is assumed.
> Where I can bite the kerberos configuration bullet, and refer to a few
> microsoft documents to help me get a SAMBA server kerberized right
> into an AD domain.
> And then, when I've got that done, I can turn off NetBIOS over TCP/IP
> on my Win'XP clients.
> At least... I think that's the intent of the docs... If I was reading
> that right.
Thx for putting the peaces together :)
More information about the samba