[Samba] can connect to 2 samba servers by name but to one by IPonly

Gaiseric Vandal gaiseric.vandal at gmail.com
Wed Feb 2 18:11:45 MST 2011

I ran snoop on my samba servers to capture Ethernet packets between the
remote XP machine and the samba servers.  It does show that the 

With a successful connection:

The client sends what appears to be an empty SMB packet to the server on
port 445 

SMB:  ----- SMB:   -----
SMB:  ""

The server responds with a similar packet, then the client starts sending
more information to the server e.g.

NBT:  ----- NBT Header -----
NBT:  Length = 133 bytes
SMB:  ----- SMB Header -----
SMB:  Command code = 0x72
SMB:  Command name =  SMBnegprot
SMB:  SMB Status:
SMB:     - Error class = No error
SMB:     - Error code = No error
SMB:  Header:
SMB:     - Tree ID      (TID) = 0x0000
SMB:     - Process ID   (PID) = 0xfeff
SMB:     - User ID      (UID) = 0x0000
SMB:     - Multiplex ID (MID) = 0x0000
SMB:     - Flags summary = 0x18
SMB:     - Flags2 summary = 0xc853
SMB:  ByteCount = 98
SMB:  Dialect String = PC NETWORK PROGRAM 1.0
SMB:  Dialect String = LANMAN1.0
SMB:  Dialect String = Windows for Workgroups 3.1a
SMB:  Dialect String = LM1.2X002
SMB:  Dialect String = LANMAN2.1
SMB:  Dialect String = NT LM 0.12

However which a failed connection, it looks like the client sends the empty
SMB packet, the server does respond with an empty SMB packet, but then the
client just sends another empty SMB packet.  

I am stumped.

I appreciate any advice.

-----Original Message-----
From: Gaiseric Vandal [mailto:gaiseric.vandal at gmail.com] 
Sent: Wednesday, February 02, 2011 7:39 AM
To: 'Samba'
Subject: RE: [Samba] can connect to 2 samba servers by name but to one by

This is where things stand so far:

Pdc1 is samba 3.4.x
Bdc1 is samba 3.0.x (also the WINS server) 
Bdc2 is samba 3.0.x 

On an XP Pro machine at work, joined to the domain, the following commands

	net use \\pdc1
	net use \\bdc1
	net use \\bdc2

If I connect to work via VPN from either a work machine (which is a domain
member, but logging in using cached credentials) or my home PC (XP Pro but
not in the domain) the following commands fail

	net use \\pdc1
	net use \\pdc1.mydomain.com

The following commands  work 

	net use \\bdc1
	net use \\bdc2
	net use \\IP_OF_PDC1

	ping pdc1
	ping pdc1.mydomain.com
	nslookup pdc1.mydomain.com

IN fact, "net use" seems to work for any other Windows or Samba server (in
the same or different domains), just not the PDC1.   Since, by default, VPN
clients do NOT use WINS server, this indicates that they are resolving host
names via DNS.    (I did try enabling WINS client but it didn't change

If the machine is a domain member, "nslookup pdc1" also works.

I use sonicwall VPN client which has a "virtual" nic, which gets an IP
address (including DNS and optionally wins info) from the company DHCP
server, and on the same subnet as the servers and other machines on the

If I update lmhosts on my PC, I can use "net use \\pdc1."  This suggests
that XP is NOT using DNS to resolve host name for this host.  But that
doesn't make sense, since every other host can be accessed by name. 

"nbtstat -r" ("Lists names resolved by broadcast and via WINS") only shows
the other xp machine on my home network, not any of the machines on the
company network, so I am pretty sure I am not resolving server names via
broadcast or wins.  Updating hosts file on my XP machine doesn't help

It also should not matter how the server resolves hostnames.

Any thoughts?


-----Original Message-----
From: Gaiseric Vandal [mailto:gaiseric.vandal at gmail.com] 
Sent: Thursday, January 13, 2011 2:14 PM
To: TAKAHASHI Motonobu
Cc: Samba
Subject: Re: [Samba] can connect to 2 samba servers by name but to one by

nslookup on windows machines does require the FQDN name-  i.e. 

ping does not (windows will appropriately add the domain name.)

I have not tried "net use \\pdc1.mydomain.com" from a VPN connection.

I know that "nslookup" and "ping" in Windows have separate name 
resolution routines, and handle domain suffixes a little 
differently.     Again, that should have affected all machines.  
Machines on VPN connection get the "mydomain.com" appended to the VPN 
virtual NIC, but it is not the default domain for the machine.

I looked at my DNS server-  I can't see any differences in the entry for 
"pdc1" vs any other machine-  even though DNS is the only thing that 
would make sense.  But VPN clients use the 2ndary DNS servers for name 
lookup, not the primary.     I may try configuring VPN clients to use 
the primary DNS server.    None of the server names are 16 characters or 


On 01/13/2011 12:38 PM, TAKAHASHI Motonobu wrote:
> 2011/1/13 Gaiseric Vandal<gaiseric.vandal at gmail.com>:
>> Adding pdc1 to the hosts file (c:\windows\system32\drivers\etc\hosts) did
>> not make a difference.  After adding pdc1 to lmhosts,  "net use \\pdc1"
>> work.  So in the case of pdc1 one, the name is being resolved as a
>> name (i.e. via lmhosts) not a tcp/ip type name (i.e. via dns or hosts)
>> But then why does "net use" work with all the other windows or samba
>> servers?  As  far as I can tell, DNS is the only method by which the
>> are being resolved.
> What does "nslookup PDC1" and "ping PDC1" show?
> If you have a host named "PDC1.example.com" then nslookup PDC1 may
> return the IP address of "PDC1.example.com", not the IP address of
> expected "PDC1".
> Anyway, you had better debug at the view of DNS name resolution, not
> ---
> TAKAHASHI Motonobu<monyo at samba.gr.jp>

More information about the samba mailing list