[Samba] WINS corruption alleged

Jeremy Allison jra at samba.org
Fri Feb 19 10:53:57 MST 2010 

On Fri, Feb 19, 2010 at 09:50:49AM -0800, Edward Quinn wrote:
> I searched but was unable to locate a close match for this case.  I doubt
> that Samba was the culprit here, but unus vir nullus vir.  Your feedback
> would be appreciated.
> 
> Situation:
>     Windows clients, mostly WinXP desktops, got "no logon servers are
> available" when trying to access shared directories on fileservers.  The
> Windows domain controllers run Win2k3.  Member servers range from NT4 to
> Win2k8, plus three Alpha-VMS platforms running Samba 2.2.8.  WINS Manager
> Active Registrations showed the expected IP address for Domain Master
> Browser and Domain Controller.  But there was another record matching that
> domain name.  It was Type [1Eh]Normal Group Name and had the IP address of a
> Samba server's secondary network interface.
> 
> Immediate Response:
>     The lead Windows sysadmin concluded that the Samba server caused
> corruption of the WINS database by improperly assuming the role of domain
> controller or master browser.  The SMBD service was then disabled on the
> Samba server, and after that the WINS database was rebuilt and all the
> Windows servers were rebooted.  Users were back to normal the next day.
> 
> Corrective Action Proposed:
>     The Samba server in question has primary and secondary NICs in the same
> subnet.  The "interfaces" configuration option is blank.  Other   global
> settings include:
>         security = DOMAIN
>         domain logons = No
>         os level = 20
>         preferred master = No
>         local master = No
>         domain master = No
>         wins server = 192.168.1.20
>         wins support = No
>     After reviewing the configuration, the Windows lead recommended setting
> "os level" to 1 before re-enabling Samba in order to prevent future WINS
> corruption problems.  Samba V2.2.8 had been running on several VMS hosts for
> more than 8 months using the settings shown. All participated as members of
> the Windows domain and shared directories on the network without incident.

Given those settings nmbd shouldn't be announcing itself as a DC.

But Samba 2.2.x is *very* old, and it's hard to say if that
could have been a bug from that time.

Jeremy.

More information about the samba mailing list