[Samba] home lan
Skip Guenter
sguenter at austin.rr.com
Wed May 28 17:39:07 GMT 2008
I've read too many articles and posts on "domain master browser",
"computer master browser", "NT domain browser", "PDC and BDCs", etc.
etc. and I've managed to confuse my shrinking brain over this. I
apologize in advance if I'm posting a redundant question (I've looked
thru archivers best I could) or posting to the wrong place.
Here's my local situation - my router (off of cable modem) serves as
firewall, a limited DHCP server, etc. etc. all the standard stuff.
My little network had about 9 relatively stationary machines that are on
24/7 and another 2 that come and go. The majority of these are headless
dedicated number crunchers (it's an affliction called BOINC, another
story) these all have static IPs.
At one point in time these were nearly all WinXP boxes (exceptions are a
couple of #3 son's Gentoo machines whose primary purpose I think is
hacking into stuff... but that's also another topic). Late last year I
decided to see if you really can teach an old dog new tricks. I
undertook converting one of the 'crunchers' to Xubuntu. OK, so now you
know I'm a Linux noob. Fast forward to today.... The network now has
about 15 stationary machines and 3 or 4 that come and go. All the
'crunchers' are Xubuntu 64b (v8.04 except one v7.10), one of the
desktops is Ubuntu and the Gentoo machines are still here (along with #3
son). There are only two WinXP machines left... a laptop that is owned
by my employer and my 'main' desktop(C17). Two of the Xubuntu
'crunchers' (C19 & C20) have Samba running in a very simple, un-secure
mode to share up some backup drive space and some generic network
storage. One of those (C20) also serves as an apt-cacher.
What I failed to consider in my "conversion" to Linux was who was the
'domain master browser' and who the backups were. The winXP desktop is
still set to
"IsDomainMaster = Yes" in it's registry and the "Computer Browser"
service is running. But there are no longer any backups in the network
that I'm aware of. Yesterday I was VNCing into one of the crunchers and
it wouldn't connect. Ran a .bat file I have that pings all the machines
and tells me if any don't respond that should. Dang router
(192.168.nnn.1) didn't respond... along with some of the other
machines. After rebooting cable modem, router, wireless AP - NO
CHANGE. For unrelated reasons I happened to crash my desktop (C17, the
win XP box) a bit later... when it came back up all was fine and
everybody on the network was again consistently pingable, sub 1ms. I'm
concluding it's something to do with C17 being the one and only
'computer browser list maintainer' on the network. Maybe a bad
conclusion but it still brings up that I think I need to address getting
a 'backup computer browser' on the LAN.
I read someplace that the winXP can't be 'primary' with Samba as
'backup'.... but I'm getting mixed signals on that.
So what this dissertation boils down to is... /*what would you
recommend* /for my little LAN?
(no subnets, all machines have static IPs or DHCP (router) assigned,
reserved IPs by MAC address with an occasional exception of "uncle
Freddy's broken computer" on the bench and getting a true DHCP next up,
assigned IP.)
Other router things that may or may not be relevant:
1) I have no WINS or DNS server and am sure I don't completely
understand what they do.
2) My router settings point to the DNS servers of my ISP.
a) along with a checked box, under the .1 IP of the router on the
local LAN, that says "Enable DNS relay" (I think router is acting like a
DNS server, maybe).
3) There is a box checked in the router to turn on "NetBios
advertisement".
a) NetBios Registration mode has an option enabled that says
"Broadcast Only (use when no WINS server configured)".
4) Enable RIP is checked as on
a) RIP operating mode is set to "V2 multicast"
b) "router metric = 1"
c) "act as default router" is checked as on
5) DHCP is on and a small range of IPs is specified
C17's WinXP registry:
1) IsDomainMaster = Yes
2) MaintainServerList = Yes
*/Should I set up C20 as the primary and C19 as the secondary and turn
off the computer browser service in the winXP box (after adjusting
registry)? What settings do I change if that's the recommended course?
Or is there a configuration I should use where the winXP is primary and
C20 is the backup?/*
C20's smb.conf:
[global]
## Browsing/Identification ###
#
workgroup = /name of workgroup is here/
; server string = %h server (Samba , Ubuntu)
server string = %h server
wins support = no
; dns proxy = no
; name resolve order = lmhosts host wins bcast
#### Networking ####
#
interfaces = eth0
bind interfaces only = true
domain master = no
netbios name = /C20's name here/
preferred master = no
local master = no
# (/C17/, master browser)
; remote announce = 192.168./nnn.nn /
####### Authentication #######
#
; security = user
security = share
guest account = /guest/
invalid users = root admin_user
encrypt passwords = true
guest ok = yes
guest only = yes
hosts allow = 192.168./nnn./ 127.0.0.1
hosts deny = all
; passdb backend = tdbsam
; obey pam restrictions = yes
; unix password sync = no
; passwd program = /usr/bin/passwd %u
; passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n
*passwd:*password\supdated\ssuccessfully* .
; pam password change = no
#### Debugging/Accounting ####
log file = /var/log/samba/log.%m
max log size = 999
syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
veto files = /*Security*/*.tmp/*root*/*boot*/
########## Domains ###########
########## Printing ##########
#
load printers = no
############ Misc ############
#
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536
SO_SNDBUF=65536
deadtime = 15
default case = lower
; disable netbios = yes
max connections = 9
preserve case = no
printable = no
#======================= Share Definitions =======================
#
[netshare2]
comment = network shared drivespace
path = /mnt/netshare2
writeable = yes
; create mask = 0664
create mask = 0775
directory mask = 0775
public = yes
guest ok = yes
only guest = yes
# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user's home directory as \\server\username
;[homes]
; comment = Home Directories
; browseable = no
# By default, \\server\username shares can be connected to by anyone
# with access to the samba server. Un-comment the following parameter
# to make sure that only "username" can connect to \\server\username
# This might need tweaking when using external authentication schemes
; valid users = %S
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
; writable = no
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
; create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you
want to
# create dirs. with group=rw permissions, set next parameter to 0775.
; directory mask = 0700
More information about the samba
mailing list