[Samba] Functionality of Nmbd at Active Directory mode of Samba4 !

Rowland penny rpenny at samba.org
Sat Dec 5 12:09:02 UTC 2015


On 05/12/15 11:45, CpServiceSPb . wrote:
>> There is nothing stopping you connecting directly to your shares, or using a domain member as a fileserver
> I agree, but for most of users T talked with, via friendly name
> (NetBios) but not quite long (DNS) is more comfortable.
>
>> In my personal opinion, you are risking trouble by still using XP, yes I know that sometimes you have to, but I would suggest that you start
>> making plans to replace XP, I would not put it past microsoft coming up with something to stop later versions of windows connecting to XP PCs.
>> You are also risking any unknown security holes (unknown to everybody but the black hats, that is) in XP, these holes will not be fixed.
> 1. Windows 7/8 have NetBios functionality (NeighborHood browser ability) ,
> not only XP (and of course server line of MS have also) ;
> 2. I know about that (risky and so on) . But there are different
> conditions: financial, organization, lawing, technical, and so on, to go
> faster to moving forward to Win after XP (life after death :)) ) .
>
>
>> All I can suggest is you get hold of 'samba-master' from samba git and see if you can work out how to do this. To me 'C' comes between 'B' &
>> 'D' :-D i.e. I haven't a clue
> Not much, but thank you.
> I did at such way when I began to write (code) multi group LMB/DMB
> functionlity among IP address space for Nmbd and now I have almost
> completely working solution (that allows browsing even for roadwarriors,
> what was necessary for me) .
>
>
> *For mathia *
>   > I worked for years for a small company building planes: Airbus. They do
> have lot of DC, lot of file servers, they use ADAM intensively too. I don't
>> remember they were using WINS service. DC are > meant to authenticate
> clients. That specific process is based on DNS to guess where to
> authenticate.
>> In fact having DC in network neighborhood is good for mini-parks only. If
> you have 2 files
>> server and 2 DC, 50 clients, at worst you will have 54 entries in network
> neighborhood. Now think about same network neighborhood when you have 50
>> DC, 250 file servers and tenths of
>> thousands clients. Wouldn't be easier for your users to have only these
> file servers in their network neighborhood rather than all clients + all DC
> +
>> somewhere in the middle some lost file servers?
> As I mentionrd above, there are different situation in different
> organizations, commercial/non commercial/edicational/military/peaceful. :)
> Mostly using of NetBios abilities is applicable for home/small/medium
> business.
> But even in big business companiest it can be used via Wins.
> No, for conditions I touched with, wouldn' t.
> It would easy for users (first of all and then for lazy admins :)) ) to
> have choise to make possibility to see computers at list (including file
> servers) or not to see.
> Users who can/wants to use accss to servers/computers by name they are
> wellcome, users who can /want to access internal resources by IP or by
> other way (DNS or other which is used at your organization) , they are
> wellcome.
> Society of freedom choise. Is it ?
>
> By the way, why is it good for miniparks only ? You may not answer to this
> question. It can well working for quite big parks also.
> If you meant broadcast, I may partially agree with you, but modern netcards
> as communication lines have big broadband. :))
>
>> I'm lacking knowledge about MS AD but I was believing AD was coming with its own replacement of that election process.
>> If I'm wrong the fact DC are not part of that process does not seems to be a too big issue if they are not file server.
> I don' t know any replacement of such operation, there are two choises: use
> or not (be or not to be :)) ).
> And also I heard about MS policy declares one server for each role.:)))
> But .....
> As I said there are different orgs in or with different conditions.
>
>> For lazy admins on small park, it could be. For DC with short names in a big park, you lose time opening the network
>> neighborhood, waiting it fill up, dig into declared machines to find the one you was looking for rather than just typing "\\my_dc_name" in windows
>> explorer address bar.
> For first two statements see above. :))
> About losing time, in my oppinion not always, because list is builded for
> some time (not zerod after 1 minute) .
> Regarding typing of \\DC_name, your users and admis have to be equiped with
> big memory. :)))
> Sometimes is quite difficult to remember of 2 DCs names (even one DC name)
> , but if you talked about 50+ DCs or many DCs + some fileservers ...
> You are a monster. :))
>
>> "lack of discussion" functionality: what did you meant?
> I meant that absence of functionality we duscussed about. Not else.
>
>> They really stopped digging into Samba AD because they didn't find their DC in the network neighborhood? No they must have better reasons I think.
>   Please take in mind, that Samba3/4 Nmbd functionality is not limited of
> showing/hiding Samba3/4 server itself at Net list, it can (or often is) be
> as LMB (local master) and/or DMB (domain master) that means quite more,
> means maintaining and providing Nethood list to other DCs, servers, clients.
>
>> Good luck! Always a good idea to help opensource :)
> Thanks. Do you want to join me at this beginning ? :)
>
> P. S.: I offer to stop this duscussion.If Samba development team will addso
> to the code it is will be very nice.
> If you, mathias or others want to make it in your/their own or take part in
> it, it will benice also. :)
> If you or others want to help me in it, you are wellcome.

Obviously to you, the lack of network browsing is a big deal, to others, 
it is just not that important. There are things required that take 
priority over this, so until one of the main developers (or more likely, 
their employer) require it, network browsing will probably not get 
'fixed'. If you can fix it, you will need to supply patches against 
samba-master to either samba-technical or 
https://github.com/samba-team/samba

Rowland



More information about the samba mailing list