[Samba] Joining EMC NAS to Samba 3 Domain?

Jim Hogan jimh at u.washington.edu
Mon Mar 26 19:40:11 GMT 2007 

I see list discussions on this subject from a few years back but they 
were very brief and, it seems, inconclusive.

I would be interested in hearing from anybody who has discovered the 
"trick" to getting an EMC Celerra to join their Samba 3.x domain.

I have an old NetApp Filer happily joined.  I simply created an account 
with "smbldap-useradd -w filername" and when I then configured the Filer 
for CIFS it was immediately accessible and I could see "SambaNTPassword" 
and related bits in its record (LDAP backend using Fedora Directory 
Services)".

I did the same for the EMC, "smbldap-useradd -w emcname".  Then, when I 
create the EMC's CIFS server (with name, domain, NT4/netbios type, WINS 
spec) it does appear in Domain browse list very quickly, but no 
resources are available.  The dump of the EMC's CIFS config (included 
below) shows all of the correct Netbios stuff. 

In LDAP, the SambaNTPassword attribute (and a few others created in 
client records when a successful join is completed) are missing.

EMC documentation is to the effect "Windows NT servers are automatically 
joined to a domain when created".  This does not square with other joins 
where a Samba root user/password are required.  EMC does have a "Join" 
option for its "server_cifs" command (that takes a password), but this 
is supposedly only for Win2000+ .  I tried it anyway.  It times out.

When I start the EMC's CIFS service and run tcpdump with "host emcname" 
I see lots of bidirectional chat between the EMC and our PDC.  I don't 
see anything that indicates abject failure.  I do see a regular 
repetition of some NBT that seem like a join/registration attempt (see 
below).

One thing that I do see are some occasional NBT broadcast messages that 
I would not expect if the EMC was using WINS correctly, but it is 
showing lots of unicast, so perhaps this doesn't mean much.  In NBTSTAT, 
the EMC shows up as an <00> and <20> (I assume those are the node types 
and that one of them is not "hybrid", which should be 08 IIRC)

One thought I just had was to chang the EMC's root password to match the 
Samba admin/root in case somehow the "automatic" join is still supplying 
credentials using EMC's defaults.

In any event, if anyone has been there, done that, I would be interested 
to hear from you.

Thanks,

Jim


CIFS config

[nasadmin at emc_control etc]$ server_cifs server_2
server_2 :
256 Cifs threads started
Security mode = NT
Max protocol = NT1
I18N mode = UNICODE
Home Directory Shares DISABLED
Usermapper auto broadcast enabled

Default WINS servers = 10.33.33.16
Enabled interfaces: (All interfaces are enabled)

Disabled interfaces: (No interface disabled)

DOMAIN DEOHS RC=5
 SID=S-1
 DC*PDC(10.22.22.33) ref=7 time=0 ms
 DC**BDC(10.22.22.7) ref=1 time=0 ms

CIFS Server (Default) EMCNAME[DOMAIN] RC=8
 Comment='EMC NAS'
 if=10_33_33_11 l=10.22.33.44 b=10.33.33.255 mac=00.00.00.00
 Password change interval: 0 minutes


Some abbreviated tcpdump

NBT UDP PACKET(137): REGISTRATION; REQUEST; UNICAST
NBT UDP PACKET(137): REGISTRATION; REQUEST; UNICAST
NBT UDP PACKET(137): REGISTRATION; REQUEST; UNICAST
NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
NBT UDP: REGISTRATION; POSITIVE; RESPONSE; UNICAST
NBT UDP  PACKET(137): REGISTRATION; POSITIVE; RESPONSE; UNICAST
NBT UDP PACKET(137): REGISTRATION; POSITIVE; RESPONSE; UNICAST
NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; U

More information about the samba mailing list