[Samba] Functionality of Nmbd at Active Directory mode of Samba4 !

mathias dufresne infractory at gmail.com
Wed Dec 2 10:40:05 UTC 2015 

2015-12-01 17:19 GMT+01:00 CpServiceSPb . <cpservicespb at gmail.com>:

> > If you run 'nmbd' with 'samba' i.e. on an AD DC, you are duplicating
> the code in the 'nmb' component of the 'samba' deamon, this is definitely
> > not recommended. You could turn off 'nmb', but again this is
> not recommended, the rest of the 'samba' deamon relies on 'nmb' not the
> > external 'nmbd' .
>
> > Or to put it another way, if you are running 'nmbd' with an AD DC, I
> would suggest you stop, sooner or later, you are going to have problems.
> Unfortunatelly, may be you are right. :((
> When I run Nmbd with Saba at AD mode, I don' t remember exactly now, but if
> Nmbd started first and then Samba daemon, error was or vice versa.
>
>
> > Well probably not any time soon, (unless you are prepared to come up with
> patches), this appears to be one of those things that would be nice
> > to have, but not at the top of the list. It also seems to be disappearing
> from windows, so why waste valuable time doing something
> > that will possibly no longer be needed.
> It also seems to be disappearing from Windows - but hasn' t been
> disappeared and i think will not be disappeared form quite long time.
> More over many pc station are equipped Windows XP yet, not even Windows 7.
> As following, it can be necessary for a quite long time.
>
> From mathias
> > Now VM usage + split of file servers => no need of nmbd on AD DC. Nmbd
> will be run on file servers which serve files for Windows computers.
> > That's just my own point of view, built according to own understanding of
> Samba. That means I can be really far from the original "why" : )
>
> I know many people who has AD DC 2008R, even 2003R2  at working position.
> And people who is connected to its DCs or servered by it very active uses
> Windows analogue of nmb functionality (built-in in Windows of course) in
> their LANs.
>

I worked for years for a small company building planes: Airbus. They do
have lot of DC, lot of file servers, they use ADAM intensively too. I don't
remember they were using WINS service. DC are meant to authenticate
clients. That specific process is based on DNS to guess where to
authenticate.

In fact having DC in network neighborhood is good for mini-parks only. If
you have 2 files server and 2 DC, 50 clients, at worst you will have 54
entries in network neighborhood.

Now think about same network neighborhood when you have 50 DC, 250 file
servers and tenths of thousands clients. Wouldn't be easier for your users
to have only these file servers in their network neighborhood rather than
all clients + all DC + somewhere in the middle some lost file servers?



> I will remember, that nmbd in addition makes server visible in Network
> Neighborhood, in some points takes part of accessing to it by NetBios name
> (additionally to IP) ,
> maintains computers list for group, can acts as LMB and/or DMB that is in
> general makes possible Neighborhood Browsing.
> Quite a big function capacity in my oppinion.
>

I'm lacking knowledge about MS AD but I was believing AD was coming with
its own replacement of that election process.
If I'm wrong the fact DC are not part of that process does not seems to be
a too big issue if they are not file server.


>
> And it is more comfortable to get AD DC with fully working Neignborhood
> Browsing.
>

For lazy admins on small park, it could be.
For DC with short names in a big park, you lose time opening the network
neighborhood, waiting it fill up, dig into declared machines to find the
one you was looking for rather than just typing "\\my_dc_name" in windows
explorer address bar.


> And some of them people (mentioned above) stopped to migrate their Windows
> AD DCs to Samba4 one because of the reason - lack of discussion
> functionality.
>

"lack of discussion" functionality: what did you meant?
They really stopped digging into Samba AD because they didn't find their DC
in the network neighborhood? No they must have better reasons I think. I
should have missed the meaning of what you said...


> As following, I consider important working full nmb functional with AD DC
> at Samba4.
>
>
> May be I am wrong, but moving code from nmbd (s3) is necessary only to AD
> DC nmb code part (s4) , of course with some editions.
> But I may be wrong.
>
> *Rowland, *can you point me to files from AD DC sources where nmb code is
> presented ?
>
>
> May be I will be able to start "process" of working under it. :))
>
>
Good luck! Always a good idea to help opensource :)

More information about the samba mailing list