[Samba] Samba4 AD cannot see machines in windows browser

Tue Jul 17 20:57:26 UTC 2018

On Tue, Jul 17, 2018 at 1:18 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Tue, 17 Jul 2018 12:59:25 -0700
> Alberto Moreno via samba <samba at lists.samba.org> wrote:
>
> Hi Moreno, see inline comments:
>
> > Hi
> >
> > On Tue, Jul 17, 2018 at 12:38 PM Rowland Penny via samba <
> > samba at lists.samba.org> wrote:
> >
> > > On Tue, 17 Jul 2018 12:16:56 -0700
> > > Alberto Moreno via samba <samba at lists.samba.org> wrote:
> > >
> > > > Hi.
> > > >
> > > > I'm continuing learning samba4.
> > > >
> > > > I had add some machines to the domain, windows 10 Pro.
> > > >
> > > > But I open windows browser and don't see my domain and my
> > > > machines.
> > > >
> > > > Is normal with samba4?
> > >
> > > Depending on how you set up Samba, yes and no.
> > >
> > > >
> > > > My smb.conf
> > > >
> > > > # Global parameters
> > > > [global]
> > > >         netbios name = MBXDC1
> > > >         realm = MBX.LOCAL
> > > >         server role = active directory domain controller
> > > >         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
> > > > drepl, winbindd, ntp_signd, kcc, dnsupdate
> > > >         workgroup = MBX
> > > >         idmap_ldb:use rfc2307 = yes
> > > >         log level = 5
> > > >
> > > > [netlogon]
> > > >         path = /usr/local/samba/var/locks/sysvol/mbx.local/scripts
> > > >         read only = No
> > > >
> > > > [sysvol]
> > > >         path = /usr/local/samba/var/locks/sysvol
> > > >         read only = No
> > >
> > > Ah, it is an AD DC, so the answer is definitely yes, there is no
> > > browsing with a Samba AD DC.
> > >
> > >
> > Now, who manage the machine list in the network?
>
> The DNS server on the DC
>

Got it.

> >
> > >
> > > > Other thing, I try to increase my log level, but samba won't
> > > > accept, it continue with log level = 2.
> > >
> > > Did you restart Samba after making the change ?
> > >
> > >
> > Yes, I stop first and latter start the service.
>
> Then it should work, unless nothing happened over log level 2 ;-)
>

Got it.

> >
> > >
> > > > My windows machines had the computer browser service off and fw
> > > > off.
> > >
> > > How do you expect to use a browser service that is turned off ?
> > > Not that it will help if you do turn it on.
> > >
> > >
> > Just to understand, in samba NT4 domain, the recommendation was that,
> > must exist only 1 network browser in the network, them we had to turn
> > off this service(computer browser) under windows machines, because
> > this service conflict with samba, the reason was that those machines
> > will try to became master/local browser in the domain and start
> > sending packets all over the network which is traffic unnecessary.
> >
> > With samba4 AD setup, the rule continue or I was wrong?
>
> Ye, the rule continues for Unix domain members, but there is no
> browsing of Samba AD DC's, they will not show up in a Windows Browser,
> you should use DNS instead. You should also be aware that Windows is
> moving away from network browsing.
>

Got it.

>
> >
> > > >
> > > > Samba version 4.7.8 CentOS Linux release 7.5.1804 (Core)
> > >
> > > How did you provision an AD DC using Centos packages, I thought you
> > > still couldn't use them for a DC.
> > >
> > >
> > I install samba4 from src(make && make install).
>
> OK, just checking ;-)
>
>
:-).

> Thanks for your help Penny.
> >
>
> Please do not refer to me by my surname.
>

My apologies, my mistake.

> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
-- 
LIving the dream...