[Samba] Starting from scratch... and Active Directory

Lennart Sorensen lsorense at csclub.uwaterloo.ca
Mon Dec 14 09:33:49 MST 2009 

On Fri, Dec 11, 2009 at 01:42:33PM -0800, Kevin Keane wrote:
> > -----Original Message-----
> > From: Lennart Sorensen
> > >
> > > Next, you need to make sure that DNS resolution works and uses the
> > Windows box as DNS server. This is critically important.
> > 
> > Well you have to make your DNS use the windows box as the DNS server
> > for the mydomain.local domain.  To make the DNS go to the windows box
> > at all times is not necesary and is frustratingly slow compared to
> > bind9 for example.
> 
> That's a good point. Actually, in this example just the ad.mydomain.local zone; the rest of mydomain.local can be served from bind.
> 
> In fact, that's how I have it set up. There are (at least) two ways to do that. You can configure the Windows DNS server as forwarder in BIND, or you can configure bind to be a slave zone to the Windows DNS server. I had some issues with using bind as a slave zone and was too lazy to troubleshoot them, so I have it configured as forwarder.

It is much slower to forward to bind from windows than it is to forward
from bind to windows for the .local domain.

Windows is amazingly slow as a DNS server.

> Somewhere in your named.conf file (or one of the include files) - just substitute your Windows DNS IP addresses, of course:
> 
> zone "ad.nctechcenter.com" in {
>         type forward;
>         forward only;
>         forwarders { 192.168.2.197; 192.168.2.193; fd55:e420:71c5:1::c1; };
> };
> 
> > >
> > > One catch: Server 2008 prefers IPv6. In IPv6, you cannot support
> > NetBT/WINS. Samba does not support Network Discovery very well, so your
> > server becomes invisible.
> > 
> > Hmm, that's an interesting change.
> 
> Basically, Microsoft decided not to port NetBIOS to IPv6. It has already been deprecated since Vista came out, but without NetBIOS, your Windows XP network neighborhood will remain empty.
> 
> In Vista, the network list is populated using UPnP, which has been renamed Network Discovery. But Samba currently doesn't support the necessary underlying protocols (LLTD, in particular).
> 
> If you are OK with flying "blind" and just giving your users specific UNC paths, then that wouldn't be a problem.
> 
> As a side note: you can also use Avahi/Bonjour/Zeroconf to advertise Samba, but I think only Mac clients will see it; Windows clients will not. Can't these guys agree on one standard?

Microsoft prefers standards only they have.

-- 
Len Sorensen

More information about the samba mailing list