[Samba] Simple question about netbios name and workgroup, in smb.conf
rpenny at samba.org
Fri Oct 6 18:02:31 UTC 2023
On Fri, 6 Oct 2023 14:03:55 -0300
Ricardo Campos via samba <samba at lists.samba.org> wrote:
> Hi, all. I need some help.
> I've installed samba 4.4 in a SuSE 42.2, years ago and it was still
> running smoothly till weeks ago. It is still running but new windows
> machines and old ones that were updated with some Microsoft software
> could not enter the domain because of a sort of loss of confidence
> Well, I was called to solve the problem. It seemed to me that the
> better way to do it was to install the new version of samba (4.19.0)
> which was said to correct the issue. I'm exactly at this point.
> I installed it, and openldap, in a Ubuntu 22.04 LTS box, from source
> and started some tests, but I couldn't go far enough because smbd
> finds errors:
> [2023/09/25 13:56:40.683717, 0]
> smbldap_search_domain_info: Adding domain info for *NEWATENA*
> failed with NT_STATUS_UNSUCCESSFUL
> [2023/09/25 13:56:40.683755, 0]
> pdb_init_ldapsam: WARNING: Could not get domain info, nor add one
> to the domain. We cannot work reliably without it.
> [2023/09/25 13:56:40.683769, 0]
> pdb backend ldapsam:ldap://127.0.0.1 did not correctly init (error
> was NT_STATUS_CANT_ACCESS_DOMAIN_INFO)
> A piece of the smb.conf file follows:
Please do not post part of a smb.conf , it doesn't really help, it
would be better to post the output of 'testparm -s'
> server max protocol = NT1
> preserve case = no
> time server = yes
> inherit acls = yes
> nt acl support = yes
> netbios name = *newatena*
> netbios aliases = newatena
> inherit permissions = yes
> printing = cups
> logon script = logon.bat
> dos charset = iso-8859-1
> local master = yes
> workgroup = *FUTURO*
> os level = 33
> Both newatena and FUTURO are temporary names, since I still have the
> samba 4.4 running.
Samba 4.4 is extremely old
> With slapcat we can see this (partial) entry:
> dn: sambaDomainName=*FUTURO*,dc=xxxx,dc=xxx,dc=xx
> sambaDomainName: *FUTURO*
> sambaAlgorithmicRidBase: 1000
> sambaNextUserRid: 1000
> sambaMinPwdLength: 5
> structuralObjectClass: sambaDomain
> My simple question is this: why would samba asks for a domain using
> the *netbios
> name* instead of the *workgroup*?
Because, there are two workgroups on a Samba server, one, the 'local'
one, uses the NetBIOS name and the 'domain' that uses the NetBIOS domain
> If you need more information, please ask.
Yes, why are you trying to keep an old obsolete system working ?
The old 'PDC' type domains rely on SMBv1 and that protocol is very,
very insecure. You would be better off either upgrading your existing
domain to AD, or setting up a new domain, the latter is probably better
because it gets rid of all the really old ways of doing things.
More information about the samba