[Samba] home lan

[Skip Guenter]

I've read too many articles and posts on "domain master browser", 
"computer master browser", "NT domain browser", "PDC and BDCs", etc. 
etc.  and I've managed to confuse my shrinking brain over this.  I 
apologize in advance if I'm posting a redundant question (I've looked 
thru archivers best I could) or posting to the wrong place.

Here's my local situation - my router (off of cable modem) serves as 
firewall, a limited DHCP server, etc. etc.  all the standard stuff.

My little network had about 9 relatively stationary machines that are on 
24/7 and another 2 that come and go.  The majority of these are headless 
dedicated number crunchers (it's an affliction called BOINC, another 
story) these all have static IPs.

At one point in time these were nearly all WinXP boxes (exceptions are a 
couple of #3 son's Gentoo machines whose primary purpose I think is 
hacking into stuff... but that's also another topic).  Late last year I 
decided to see if you really can teach an old dog new tricks.  I 
undertook converting one of the 'crunchers' to Xubuntu.  OK, so now you 
know I'm a Linux noob.  Fast forward to today.... The network now has 
about 15 stationary machines and 3 or 4 that come and go.  All the 
'crunchers' are Xubuntu 64b (v8.04 except one v7.10), one of the 
desktops is Ubuntu and the Gentoo machines are still here (along with #3 
son).  There are only two WinXP machines left... a laptop that is owned 
by my employer and my 'main' desktop(C17).  Two of the Xubuntu 
'crunchers' (C19 & C20) have Samba running in a very simple, un-secure 
mode to share up some backup drive space and some generic network 
storage.  One of those (C20) also serves as an apt-cacher.

What I failed to consider in my "conversion" to Linux was who was the 
'domain master browser' and who the backups were.  The winXP desktop is 
still set to
"IsDomainMaster = Yes" in it's registry and the "Computer Browser" 
service is running.  But there are no longer any backups in the network 
that I'm aware of.  Yesterday I was VNCing into one of the crunchers and 
it wouldn't connect.  Ran a .bat file I have that pings all the machines 
and tells me if any don't respond that should.  Dang router 
(192.168.nnn.1) didn't respond... along with some of the other 
machines.  After rebooting cable modem, router, wireless AP - NO 
CHANGE.  For unrelated reasons I happened to crash my desktop (C17, the 
win XP box) a bit later... when it came back up all was fine and 
everybody on the network was again consistently pingable, sub 1ms.  I'm 
concluding it's something to do with C17 being the one and only 
'computer browser list maintainer' on the network.  Maybe a bad 
conclusion but it still brings up that I think I need to address getting 
a 'backup computer browser' on the LAN.

I read someplace that the winXP can't be 'primary' with Samba as 
'backup'.... but I'm getting mixed signals on that. 

So what this dissertation boils down to is... /*what would you 
recommend* /for my little LAN?

(no subnets, all machines have static IPs or DHCP (router) assigned, 
reserved IPs by MAC address with an occasional exception of "uncle 
Freddy's broken computer" on the bench and getting a true DHCP next up, 
assigned IP.) 

Other router things that may or may not be relevant:

1) I have no WINS or DNS server and am sure I don't completely 
understand what they do. 
2) My router settings point to the DNS servers of my ISP.
     a) along with a checked box, under the .1 IP of the router on the 
local LAN, that says "Enable DNS relay" (I think router is acting like a 
DNS server, maybe).
3) There is a box checked in the router to turn on "NetBios 
advertisement". 
    a) NetBios Registration mode has an option enabled that says 
"Broadcast Only (use when no WINS server configured)".
4) Enable RIP is checked as on
    a) RIP operating mode is set to "V2 multicast"
    b) "router metric = 1"
    c) "act as default router" is checked as on
5) DHCP is on and a small range of IPs is specified

C17's WinXP registry:
1) IsDomainMaster = Yes
2) MaintainServerList = Yes

*/Should I set up C20 as the primary and C19 as the secondary and turn 
off the computer browser service in the winXP box (after adjusting 
registry)? What settings do I change if that's the recommended course? 
Or is there a configuration I should use where the winXP is primary and 
C20 is the backup?/*

C20's smb.conf:

[global]
## Browsing/Identification ###
#
   workgroup = /name of workgroup is here/
;  server string = %h server (Samba , Ubuntu)
   server string = %h server
   wins support = no
;  dns proxy = no
;  name resolve order = lmhosts host wins bcast

#### Networking ####
#
   interfaces = eth0
   bind interfaces only = true
   domain master = no
   netbios name = /C20's name here/
   preferred master = no
   local master = no
# (/C17/, master browser)
;  remote announce = 192.168./nnn.nn /

####### Authentication #######
#
;  security = user
   security = share
   guest account = /guest/
   invalid users = root admin_user
   encrypt passwords = true
   guest ok = yes
   guest only = yes
   hosts allow = 192.168./nnn./ 127.0.0.1
   hosts deny = all
;  passdb backend = tdbsam
;  obey pam restrictions = yes
;  unix password sync = no
;  passwd program = /usr/bin/passwd %u
;  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n 
*Retype\snew\sUNIX\spassword:* %n\n 
*passwd:*password\supdated\ssuccessfully* .
;  pam password change = no

#### Debugging/Accounting ####
   log file = /var/log/samba/log.%m
   max log size = 999
   syslog only = no
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   veto files = /*Security*/*.tmp/*root*/*boot*/

########## Domains ###########

########## Printing ##########
#
    load printers = no

############ Misc ############
#
   socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 
SO_SNDBUF=65536
   deadtime = 15
   default case = lower
;  disable netbios = yes
   max connections = 9
   preserve case = no
   printable = no

#======================= Share Definitions =======================
#
[netshare2]
   comment = network shared drivespace
   path = /mnt/netshare2
   writeable = yes
;  create mask = 0664
   create mask = 0775
   directory mask = 0775
   public = yes
   guest ok = yes
   only guest = yes

# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares.  This will share each
# user's home directory as \\server\username
;[homes]
;   comment = Home Directories
;   browseable = no

# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.  Un-comment the following parameter
# to make sure that only "username" can connect to \\server\username
# This might need tweaking when using external authentication schemes
;   valid users = %S
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
;   writable = no
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
;   create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you 
want to
# create dirs. with group=rw permissions, set next parameter to 0775.
;   directory mask = 0700