[Samba] home lan

Tim Bates tin at new-life.org.au
Wed May 28 23:12:16 GMT 2008


Is your overall issue that you can't work with computer names anymore? 
If so, I'd recommend setting up a real DNS server to fix that. Or if 
your router allows it, enter static local DNS entries in that (sounds 
like you don't have that option though).

TB

Skip Guenter wrote:
> I've read too many articles and posts on "domain master browser", 
> "computer master browser", "NT domain browser", "PDC and BDCs", etc. 
> etc.  and I've managed to confuse my shrinking brain over this.  I 
> apologize in advance if I'm posting a redundant question (I've looked 
> thru archivers best I could) or posting to the wrong place.
>
> Here's my local situation - my router (off of cable modem) serves as 
> firewall, a limited DHCP server, etc. etc.  all the standard stuff.
>
> My little network had about 9 relatively stationary machines that are 
> on 24/7 and another 2 that come and go.  The majority of these are 
> headless dedicated number crunchers (it's an affliction called BOINC, 
> another story) these all have static IPs.
>
> At one point in time these were nearly all WinXP boxes (exceptions are 
> a couple of #3 son's Gentoo machines whose primary purpose I think is 
> hacking into stuff... but that's also another topic).  Late last year 
> I decided to see if you really can teach an old dog new tricks.  I 
> undertook converting one of the 'crunchers' to Xubuntu.  OK, so now 
> you know I'm a Linux noob.  Fast forward to today.... The network now 
> has about 15 stationary machines and 3 or 4 that come and go.  All the 
> 'crunchers' are Xubuntu 64b (v8.04 except one v7.10), one of the 
> desktops is Ubuntu and the Gentoo machines are still here (along with 
> #3 son).  There are only two WinXP machines left... a laptop that is 
> owned by my employer and my 'main' desktop(C17).  Two of the Xubuntu 
> 'crunchers' (C19 & C20) have Samba running in a very simple, un-secure 
> mode to share up some backup drive space and some generic network 
> storage.  One of those (C20) also serves as an apt-cacher.
>
> What I failed to consider in my "conversion" to Linux was who was the 
> 'domain master browser' and who the backups were.  The winXP desktop 
> is still set to
> "IsDomainMaster = Yes" in it's registry and the "Computer Browser" 
> service is running.  But there are no longer any backups in the 
> network that I'm aware of.  Yesterday I was VNCing into one of the 
> crunchers and it wouldn't connect.  Ran a .bat file I have that pings 
> all the machines and tells me if any don't respond that should.  Dang 
> router (192.168.nnn.1) didn't respond... along with some of the other 
> machines.  After rebooting cable modem, router, wireless AP - NO 
> CHANGE.  For unrelated reasons I happened to crash my desktop (C17, 
> the win XP box) a bit later... when it came back up all was fine and 
> everybody on the network was again consistently pingable, sub 1ms.  
> I'm concluding it's something to do with C17 being the one and only 
> 'computer browser list maintainer' on the network.  Maybe a bad 
> conclusion but it still brings up that I think I need to address 
> getting a 'backup computer browser' on the LAN.
>
> I read someplace that the winXP can't be 'primary' with Samba as 
> 'backup'.... but I'm getting mixed signals on that.
> So what this dissertation boils down to is... /*what would you 
> recommend* /for my little LAN?
>
> (no subnets, all machines have static IPs or DHCP (router) assigned, 
> reserved IPs by MAC address with an occasional exception of "uncle 
> Freddy's broken computer" on the bench and getting a true DHCP next 
> up, assigned IP.)
> Other router things that may or may not be relevant:
>
> 1) I have no WINS or DNS server and am sure I don't completely 
> understand what they do. 2) My router settings point to the DNS 
> servers of my ISP.
>     a) along with a checked box, under the .1 IP of the router on the 
> local LAN, that says "Enable DNS relay" (I think router is acting like 
> a DNS server, maybe).
> 3) There is a box checked in the router to turn on "NetBios 
> advertisement".    a) NetBios Registration mode has an option enabled 
> that says "Broadcast Only (use when no WINS server configured)".
> 4) Enable RIP is checked as on
>    a) RIP operating mode is set to "V2 multicast"
>    b) "router metric = 1"
>    c) "act as default router" is checked as on
> 5) DHCP is on and a small range of IPs is specified
>
> C17's WinXP registry:
> 1) IsDomainMaster = Yes
> 2) MaintainServerList = Yes
>
> */Should I set up C20 as the primary and C19 as the secondary and turn 
> off the computer browser service in the winXP box (after adjusting 
> registry)? What settings do I change if that's the recommended course? 
> Or is there a configuration I should use where the winXP is primary 
> and C20 is the backup?/*
>
> C20's smb.conf:
>
> [global]
> ## Browsing/Identification ###
> #
>   workgroup = /name of workgroup is here/
> ;  server string = %h server (Samba , Ubuntu)
>   server string = %h server
>   wins support = no
> ;  dns proxy = no
> ;  name resolve order = lmhosts host wins bcast
>
> #### Networking ####
> #
>   interfaces = eth0
>   bind interfaces only = true
>   domain master = no
>   netbios name = /C20's name here/
>   preferred master = no
>   local master = no
> # (/C17/, master browser)
> ;  remote announce = 192.168./nnn.nn /
>
> ####### Authentication #######
> #
> ;  security = user
>   security = share
>   guest account = /guest/
>   invalid users = root admin_user
>   encrypt passwords = true
>   guest ok = yes
>   guest only = yes
>   hosts allow = 192.168./nnn./ 127.0.0.1
>   hosts deny = all
> ;  passdb backend = tdbsam
> ;  obey pam restrictions = yes
> ;  unix password sync = no
> ;  passwd program = /usr/bin/passwd %u
> ;  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n 
> *Retype\snew\sUNIX\spassword:* %n\n 
> *passwd:*password\supdated\ssuccessfully* .
> ;  pam password change = no
>
> #### Debugging/Accounting ####
>   log file = /var/log/samba/log.%m
>   max log size = 999
>   syslog only = no
>   syslog = 0
>   panic action = /usr/share/samba/panic-action %d
>   veto files = /*Security*/*.tmp/*root*/*boot*/
>
> ########## Domains ###########
>
> ########## Printing ##########
> #
>    load printers = no
>
> ############ Misc ############
> #
>   socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 
> SO_SNDBUF=65536
>   deadtime = 15
>   default case = lower
> ;  disable netbios = yes
>   max connections = 9
>   preserve case = no
>   printable = no
>
> #======================= Share Definitions =======================
> #
> [netshare2]
>   comment = network shared drivespace
>   path = /mnt/netshare2
>   writeable = yes
> ;  create mask = 0664
>   create mask = 0775
>   directory mask = 0775
>   public = yes
>   guest ok = yes
>   only guest = yes
>
> # Un-comment the following (and tweak the other settings below to suit)
> # to enable the default home directory shares.  This will share each
> # user's home directory as \\server\username
> ;[homes]
> ;   comment = Home Directories
> ;   browseable = no
>
> # By default, \\server\username shares can be connected to by anyone
> # with access to the samba server.  Un-comment the following parameter
> # to make sure that only "username" can connect to \\server\username
> # This might need tweaking when using external authentication schemes
> ;   valid users = %S
> # By default, the home directories are exported read-only. Change next
> # parameter to 'yes' if you want to be able to write to them.
> ;   writable = no
> # File creation mask is set to 0700 for security reasons. If you want to
> # create files with group=rw permissions, set next parameter to 0775.
> ;   create mask = 0700
> # Directory creation mask is set to 0700 for security reasons. If you 
> want to
> # create dirs. with group=rw permissions, set next parameter to 0775.
> ;   directory mask = 0700
>


**********************************************************************
This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.
**********************************************************************


More information about the samba mailing list