[Samba] BDC nmblookup and net getlocalsid not working

Edward Polak epolak at mcco.nl
Wed Nov 8 17:23:28 GMT 2006


Hi,

After lots of struggle and rtfm I finally got most things running, except
for 'nmblookup' and 'net getlocalsid' on the BDC. I'm not new to Samba, but
plenty more to learn. Here's the setup in summary:
system pdc is the PDC on subnet 192.168.0.0, running SuSE10.1, LDAP master,
wins server, domain master browser, no iptables;
system bdc is the BDC on subnet 192.168.2.0, running SuSE10.0, LDAP slave,
local master browser, iptables
Both are Samba3.0.2x and they share the same Workgroup name. These subnets
are connected through an IPsec tunnel.

The iptables firewall on bdc does not block port 138/139/445 between
subnets. LDAP replicates fine (I've checked), users can login to their
roaming profiles, etc.
When I check the local Windows network, I see all resources on both subnets
and I can connect to the shares on both ends etc.

The only thing that remains a mystery to me is why nmblookup doesn't give an
answer when looking up accross subnets. I increased the log level on the bdc
to 4, hoping it might reveal something useful.

  pdc:/ # nmblookup pdc
  querying pdc on 192.168.0.255
  192.168.0.3 pdc<00>

  pdc:/ # nmblookup bdc
  querying bdc on 192.168.0.255
  name_query failed to find name bdc

  pdc:/ # smbclient -L pdc
  success, all services, shares and workstations are listed

  bdc:/ # nmblookup bdc
  debug_lookup_classname(nmbd): Unknown class
  added interface ip=192.168.2.3 bcast=192.168.2.255 nmask=255.255.255.0
  querying bdc on 192.168.2.255
  Got a positive name query response from 192.168.2.3 ( 192.168.2.3 )
  192.168.2.3 bdc<00>

  bdc:/ # nmblookup pdc
  debug_lookup_classname(nmbd): Unknown class
  added interface ip=192.168.2.3 bcast=192.168.2.255 nmask=255.255.255.0
  querying pdc on 192.168.2.255
  name_query failed to find name pdc

  bdc:/ # smbclient -L pdc
  success, all services, shares and workstations are listed

  pdc:/ # net getlocalsid
  SID for domain THEDOMAIN is: S-1-5-21-1234567890-1234567890-1234567890

  bdc:/ # net getlocalsid
  [2006/11/08 12:53:58, 0] utils/net.c:net_getlocalsid(494)
    Can't fetch domain SID for name: BDC

To complete the picture, running 'nbtstat -a bdc' and 'nbtstat -a pdc' works
just fine from the local Windows client's DOS prompt. So does 'net view pdc'
and 'net view bdc'.

I've read many similar questions on various mailinglists but didn't find the
answer and I've read the Samba3-HOWTO (or most of it, anyway). Everything
else works, so I basically have happy users, but it worries me a bit that
it's not working like it should (I guess).
What could be wrong here? I'm lost.

Let me know if you need more info.

Big thanks in advance,
EdP




More information about the samba mailing list