[Samba] adding netbios name stops getent from working

Jason Keltz jas at eecs.yorku.ca
Wed Apr 14 17:57:59 UTC 2021 

On 4/14/2021 1:53 PM, Rowland penny via samba wrote:
> On 14/04/2021 18:12, Jason Keltz via samba wrote:
>>
>> On 4/14/2021 12:37 PM, Rowland penny via samba wrote:
>>> On 14/04/2021 17:29, Jason Keltz via samba wrote:
>>>> Hi.
>>>>
>>>> I have a Samba file server which is part of an AD domain.  I can 
>>>> ssh to the server using my AD username/password.  I can also mount 
>>>> my home directory under Windows.  Everything works as I expect. 
>>>> However, I need to give the server an alias.  If I use "netbios 
>>>> name" to set that alias in smb.conf, then "getent passwd <user>" 
>>>> stops working, and I can no longer login. Why is that?
>>>>
>>>> Jason.
>>>>
>>>>
>>>
>>> It would be 'netbios alias' except that would require SMBv1 and you 
>>> probably have it turned off, not to mention that AD uses dns instead 
>>> of netbios.
>>>
>>> Why do 'need' to give it an alias ?
>>>
>>> If you must give it an alias, do a search on 'CNAME'
>>
>> Hi Rowland!
>>
>> I have always used an "alias" (netbios name) so that if I need to 
>> rebuild the server with a new name (say, during an upgrade), the user 
>> doesn't need to change any of their mounts. The server can be called 
>> "abcd" and changed to "efgh", but if the user knows to always mount 
>> their home directory as say, "\\fileserver\homes", then it will 
>> always work no matter what I change the physical server name to.
>>
>> I already have the CNAME.  I tried that.  Under Windows, I'm logged 
>> into the AD domain.  If I try to mount from \\fileserver\homes, then 
>> I get asked for my username and password, and the mount fails.  On 
>> the other hand, if I try to mount from say, 
>> \\fileserver.full.domain\homes, it works.  I don't even need to 
>> "re-enter" my username and password as would be expected.  When I do 
>> an nslookup of just "fileserver", that works.  The fact that the 
>> login box comes up probably means it has contacted the host. It's 
>> just not clear why I can't login without specifying the full path.
>>
>> Jason.
>>
>>
>
> Louis could probably explain it better than I, but it seems that 
> Windows is moving towards using FQDN's instead of short hostnames. 
> Other tools may, and apparently do, work differently, just because 
> 'nslookup' will work with a short hostname, does not mean Windows 
> tools will.

Hi Rowland,

The interesting thing is that \\name-of-server-without-domain works, but 
\\alias-of-server-without-domain doesn't.  As you said, maybe Louis has 
some ideas.

Thanks!

Jason.

More information about the samba mailing list