[Samba] any reliable way to discover Windows hostname over SMB2+?
Andrew Bartlett
abartlet at samba.org
Fri Jul 14 01:33:05 UTC 2017
On Fri, 2017-07-14 at 12:36 +1200, Jason Haar via samba wrote:
> On Fri, Jul 14, 2017 at 10:32 AM, Giulio via samba <samba at lists.samba.org>
> wrote:
>
> >
> > It seems that kind of debug messages is gone even when using smb1 with
> > newer smbclient versions.
> >
> >
>
> Yes I noticed that too - even more motivation to find a different way
>
>
> > ======
> >
> > rpcclient 3.x
> > $ rpcclient -U "" -c srvinfo -N 192.168.1.171 -d 10 2>&1|grep AvNb|wc -l
> > 0
> >
> > $ rpcclient -U wrong%wrong -c srvinfo -N 192.168.1.171 -d 10 2>&1
> > > grep AvNb|wc -l
> >
> > 8 <== works
> >
> > rpcclient 4.7.0rc1 is like newer smbclient, the info is not there anymore.
> >
>
> Yes - unfortunately all that only works against Win7. Doesn't work on
> Win2012 or Win10
>
>
> >
> > ========
> >
> > If you need this, I'd investigate using some kind of LLMNR client,
> > since this is the "zeroconf" way to get Windows names: when you
> > disable smb1 on Windows, netbios name resolution gets disabled too,
> > and automatic name resolution is LLMNR only.
> >
>
> As far as I'm aware, LLMNR is multicast-only - which in practice means
> broadcast-only? We've got a global WAN - over 200 sites. I can't rely on
> broadcast/multicast - gotta be unicast.
>
> Thanks for the help - you did some real digging there :-)
I take it you don't have passwords for all these systems?
I think somehow getting at the advertised hostname in the NTLMSSP
challenge is probably still one of your better options. Some code
change might be needed to get the string printed again.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list