[Samba] home lan - Samba

This is a discussion on [Samba] home lan - Samba ; I've read too many articles and posts on "domain master browser", "computer master browser", "NT domain browser", "PDC and BDCs", etc. etc. and I've managed to confuse my shrinking brain over this. I apologize in advance if I'm posting a ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: [Samba] home lan

  1. [Samba] home lan

    I've read too many articles and posts on "domain master browser",
    "computer master browser", "NT domain browser", "PDC and BDCs", etc.
    etc. and I've managed to confuse my shrinking brain over this. I
    apologize in advance if I'm posting a redundant question (I've looked
    thru archivers best I could) or posting to the wrong place.

    Here's my local situation - my router (off of cable modem) serves as
    firewall, a limited DHCP server, etc. etc. all the standard stuff.

    My little network had about 9 relatively stationary machines that are on
    24/7 and another 2 that come and go. The majority of these are headless
    dedicated number crunchers (it's an affliction called BOINC, another
    story) these all have static IPs.

    At one point in time these were nearly all WinXP boxes (exceptions are a
    couple of #3 son's Gentoo machines whose primary purpose I think is
    hacking into stuff... but that's also another topic). Late last year I
    decided to see if you really can teach an old dog new tricks. I
    undertook converting one of the 'crunchers' to Xubuntu. OK, so now you
    know I'm a Linux noob. Fast forward to today.... The network now has
    about 15 stationary machines and 3 or 4 that come and go. All the
    'crunchers' are Xubuntu 64b (v8.04 except one v7.10), one of the
    desktops is Ubuntu and the Gentoo machines are still here (along with #3
    son). There are only two WinXP machines left... a laptop that is owned
    by my employer and my 'main' desktop(C17). Two of the Xubuntu
    'crunchers' (C19 & C20) have Samba running in a very simple, un-secure
    mode to share up some backup drive space and some generic network
    storage. One of those (C20) also serves as an apt-cacher.

    What I failed to consider in my "conversion" to Linux was who was the
    'domain master browser' and who the backups were. The winXP desktop is
    still set to
    "IsDomainMaster = Yes" in it's registry and the "Computer Browser"
    service is running. But there are no longer any backups in the network
    that I'm aware of. Yesterday I was VNCing into one of the crunchers and
    it wouldn't connect. Ran a .bat file I have that pings all the machines
    and tells me if any don't respond that should. Dang router
    (192.168.nnn.1) didn't respond... along with some of the other
    machines. After rebooting cable modem, router, wireless AP - NO
    CHANGE. For unrelated reasons I happened to crash my desktop (C17, the
    win XP box) a bit later... when it came back up all was fine and
    everybody on the network was again consistently pingable, sub 1ms. I'm
    concluding it's something to do with C17 being the one and only
    'computer browser list maintainer' on the network. Maybe a bad
    conclusion but it still brings up that I think I need to address getting
    a 'backup computer browser' on the LAN.

    I read someplace that the winXP can't be 'primary' with Samba as
    'backup'.... but I'm getting mixed signals on that.

    So what this dissertation boils down to is... /*what would you
    recommend* /for my little LAN?

    (no subnets, all machines have static IPs or DHCP (router) assigned,
    reserved IPs by MAC address with an occasional exception of "uncle
    Freddy's broken computer" on the bench and getting a true DHCP next up,
    assigned IP.)

    Other router things that may or may not be relevant:

    1) I have no WINS or DNS server and am sure I don't completely
    understand what they do.
    2) My router settings point to the DNS servers of my ISP.
    a) along with a checked box, under the .1 IP of the router on the
    local LAN, that says "Enable DNS relay" (I think router is acting like a
    DNS server, maybe).
    3) There is a box checked in the router to turn on "NetBios
    advertisement".
    a) NetBios Registration mode has an option enabled that says
    "Broadcast Only (use when no WINS server configured)".
    4) Enable RIP is checked as on
    a) RIP operating mode is set to "V2 multicast"
    b) "router metric = 1"
    c) "act as default router" is checked as on
    5) DHCP is on and a small range of IPs is specified

    C17's WinXP registry:
    1) IsDomainMaster = Yes
    2) MaintainServerList = Yes

    */Should I set up C20 as the primary and C19 as the secondary and turn
    off the computer browser service in the winXP box (after adjusting
    registry)? What settings do I change if that's the recommended course?
    Or is there a configuration I should use where the winXP is primary and
    C20 is the backup?/*

    C20's smb.conf:

    [global]
    ## Browsing/Identification ###
    #
    workgroup = /name of workgroup is here/
    ; server string = %h server (Samba , Ubuntu)
    server string = %h server
    wins support = no
    ; dns proxy = no
    ; name resolve order = lmhosts host wins bcast

    #### Networking ####
    #
    interfaces = eth0
    bind interfaces only = true
    domain master = no
    netbios name = /C20's name here/
    preferred master = no
    local master = no
    # (/C17/, master browser)
    ; remote announce = 192.168./nnn.nn /

    ####### Authentication #######
    #
    ; security = user
    security = share
    guest account = /guest/
    invalid users = root admin_user
    encrypt passwords = true
    guest ok = yes
    guest only = yes
    hosts allow = 192.168./nnn./ 127.0.0.1
    hosts deny = all
    ; passdb backend = tdbsam
    ; obey pam restrictions = yes
    ; unix password sync = no
    ; passwd program = /usr/bin/passwd %u
    ; passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
    *Retype\snew\sUNIX\spassword:* %n\n
    *passwd:*password\supdated\ssuccessfully* .
    ; pam password change = no

    #### Debugging/Accounting ####
    log file = /var/log/samba/log.%m
    max log size = 999
    syslog only = no
    syslog = 0
    panic action = /usr/share/samba/panic-action %d
    veto files = /*Security*/*.tmp/*root*/*boot*/

    ########## Domains ###########

    ########## Printing ##########
    #
    load printers = no

    ############ Misc ############
    #
    socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536
    SO_SNDBUF=65536
    deadtime = 15
    default case = lower
    ; disable netbios = yes
    max connections = 9
    preserve case = no
    printable = no

    #======================= Share Definitions =======================
    #
    [netshare2]
    comment = network shared drivespace
    path = /mnt/netshare2
    writeable = yes
    ; create mask = 0664
    create mask = 0775
    directory mask = 0775
    public = yes
    guest ok = yes
    only guest = yes

    # Un-comment the following (and tweak the other settings below to suit)
    # to enable the default home directory shares. This will share each
    # user's home directory as \\server\username
    ;[homes]
    ; comment = Home Directories
    ; browseable = no

    # By default, \\server\username shares can be connected to by anyone
    # with access to the samba server. Un-comment the following parameter
    # to make sure that only "username" can connect to \\server\username
    # This might need tweaking when using external authentication schemes
    ; valid users = %S
    # By default, the home directories are exported read-only. Change next
    # parameter to 'yes' if you want to be able to write to them.
    ; writable = no
    # File creation mask is set to 0700 for security reasons. If you want to
    # create files with group=rw permissions, set next parameter to 0775.
    ; create mask = 0700
    # Directory creation mask is set to 0700 for security reasons. If you
    want to
    # create dirs. with group=rw permissions, set next parameter to 0775.
    ; directory mask = 0700

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


  2. Re: [Samba] home lan

    Is your overall issue that you can't work with computer names anymore?
    If so, I'd recommend setting up a real DNS server to fix that. Or if
    your router allows it, enter static local DNS entries in that (sounds
    like you don't have that option though).

    TB

    Skip Guenter wrote:
    > I've read too many articles and posts on "domain master browser",
    > "computer master browser", "NT domain browser", "PDC and BDCs", etc.
    > etc. and I've managed to confuse my shrinking brain over this. I
    > apologize in advance if I'm posting a redundant question (I've looked
    > thru archivers best I could) or posting to the wrong place.
    >
    > Here's my local situation - my router (off of cable modem) serves as
    > firewall, a limited DHCP server, etc. etc. all the standard stuff.
    >
    > My little network had about 9 relatively stationary machines that are
    > on 24/7 and another 2 that come and go. The majority of these are
    > headless dedicated number crunchers (it's an affliction called BOINC,
    > another story) these all have static IPs.
    >
    > At one point in time these were nearly all WinXP boxes (exceptions are
    > a couple of #3 son's Gentoo machines whose primary purpose I think is
    > hacking into stuff... but that's also another topic). Late last year
    > I decided to see if you really can teach an old dog new tricks. I
    > undertook converting one of the 'crunchers' to Xubuntu. OK, so now
    > you know I'm a Linux noob. Fast forward to today.... The network now
    > has about 15 stationary machines and 3 or 4 that come and go. All the
    > 'crunchers' are Xubuntu 64b (v8.04 except one v7.10), one of the
    > desktops is Ubuntu and the Gentoo machines are still here (along with
    > #3 son). There are only two WinXP machines left... a laptop that is
    > owned by my employer and my 'main' desktop(C17). Two of the Xubuntu
    > 'crunchers' (C19 & C20) have Samba running in a very simple, un-secure
    > mode to share up some backup drive space and some generic network
    > storage. One of those (C20) also serves as an apt-cacher.
    >
    > What I failed to consider in my "conversion" to Linux was who was the
    > 'domain master browser' and who the backups were. The winXP desktop
    > is still set to
    > "IsDomainMaster = Yes" in it's registry and the "Computer Browser"
    > service is running. But there are no longer any backups in the
    > network that I'm aware of. Yesterday I was VNCing into one of the
    > crunchers and it wouldn't connect. Ran a .bat file I have that pings
    > all the machines and tells me if any don't respond that should. Dang
    > router (192.168.nnn.1) didn't respond... along with some of the other
    > machines. After rebooting cable modem, router, wireless AP - NO
    > CHANGE. For unrelated reasons I happened to crash my desktop (C17,
    > the win XP box) a bit later... when it came back up all was fine and
    > everybody on the network was again consistently pingable, sub 1ms.
    > I'm concluding it's something to do with C17 being the one and only
    > 'computer browser list maintainer' on the network. Maybe a bad
    > conclusion but it still brings up that I think I need to address
    > getting a 'backup computer browser' on the LAN.
    >
    > I read someplace that the winXP can't be 'primary' with Samba as
    > 'backup'.... but I'm getting mixed signals on that.
    > So what this dissertation boils down to is... /*what would you
    > recommend* /for my little LAN?
    >
    > (no subnets, all machines have static IPs or DHCP (router) assigned,
    > reserved IPs by MAC address with an occasional exception of "uncle
    > Freddy's broken computer" on the bench and getting a true DHCP next
    > up, assigned IP.)
    > Other router things that may or may not be relevant:
    >
    > 1) I have no WINS or DNS server and am sure I don't completely
    > understand what they do. 2) My router settings point to the DNS
    > servers of my ISP.
    > a) along with a checked box, under the .1 IP of the router on the
    > local LAN, that says "Enable DNS relay" (I think router is acting like
    > a DNS server, maybe).
    > 3) There is a box checked in the router to turn on "NetBios
    > advertisement". a) NetBios Registration mode has an option enabled
    > that says "Broadcast Only (use when no WINS server configured)".
    > 4) Enable RIP is checked as on
    > a) RIP operating mode is set to "V2 multicast"
    > b) "router metric = 1"
    > c) "act as default router" is checked as on
    > 5) DHCP is on and a small range of IPs is specified
    >
    > C17's WinXP registry:
    > 1) IsDomainMaster = Yes
    > 2) MaintainServerList = Yes
    >
    > */Should I set up C20 as the primary and C19 as the secondary and turn
    > off the computer browser service in the winXP box (after adjusting
    > registry)? What settings do I change if that's the recommended course?
    > Or is there a configuration I should use where the winXP is primary
    > and C20 is the backup?/*
    >
    > C20's smb.conf:
    >
    > [global]
    > ## Browsing/Identification ###
    > #
    > workgroup = /name of workgroup is here/
    > ; server string = %h server (Samba , Ubuntu)
    > server string = %h server
    > wins support = no
    > ; dns proxy = no
    > ; name resolve order = lmhosts host wins bcast
    >
    > #### Networking ####
    > #
    > interfaces = eth0
    > bind interfaces only = true
    > domain master = no
    > netbios name = /C20's name here/
    > preferred master = no
    > local master = no
    > # (/C17/, master browser)
    > ; remote announce = 192.168./nnn.nn /
    >
    > ####### Authentication #######
    > #
    > ; security = user
    > security = share
    > guest account = /guest/
    > invalid users = root admin_user
    > encrypt passwords = true
    > guest ok = yes
    > guest only = yes
    > hosts allow = 192.168./nnn./ 127.0.0.1
    > hosts deny = all
    > ; passdb backend = tdbsam
    > ; obey pam restrictions = yes
    > ; unix password sync = no
    > ; passwd program = /usr/bin/passwd %u
    > ; passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
    > *Retype\snew\sUNIX\spassword:* %n\n
    > *passwd:*password\supdated\ssuccessfully* .
    > ; pam password change = no
    >
    > #### Debugging/Accounting ####
    > log file = /var/log/samba/log.%m
    > max log size = 999
    > syslog only = no
    > syslog = 0
    > panic action = /usr/share/samba/panic-action %d
    > veto files = /*Security*/*.tmp/*root*/*boot*/
    >
    > ########## Domains ###########
    >
    > ########## Printing ##########
    > #
    > load printers = no
    >
    > ############ Misc ############
    > #
    > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536
    > SO_SNDBUF=65536
    > deadtime = 15
    > default case = lower
    > ; disable netbios = yes
    > max connections = 9
    > preserve case = no
    > printable = no
    >
    > #======================= Share Definitions =======================
    > #
    > [netshare2]
    > comment = network shared drivespace
    > path = /mnt/netshare2
    > writeable = yes
    > ; create mask = 0664
    > create mask = 0775
    > directory mask = 0775
    > public = yes
    > guest ok = yes
    > only guest = yes
    >
    > # Un-comment the following (and tweak the other settings below to suit)
    > # to enable the default home directory shares. This will share each
    > # user's home directory as \\server\username
    > ;[homes]
    > ; comment = Home Directories
    > ; browseable = no
    >
    > # By default, \\server\username shares can be connected to by anyone
    > # with access to the samba server. Un-comment the following parameter
    > # to make sure that only "username" can connect to \\server\username
    > # This might need tweaking when using external authentication schemes
    > ; valid users = %S
    > # By default, the home directories are exported read-only. Change next
    > # parameter to 'yes' if you want to be able to write to them.
    > ; writable = no
    > # File creation mask is set to 0700 for security reasons. If you want to
    > # create files with group=rw permissions, set next parameter to 0775.
    > ; create mask = 0700
    > # Directory creation mask is set to 0700 for security reasons. If you
    > want to
    > # create dirs. with group=rw permissions, set next parameter to 0775.
    > ; directory mask = 0700
    >



    ************************************************** ********************
    This message is intended for the addressee named and may contain
    privileged information or confidential information or both. If you
    are not the intended recipient please delete it and notify the sender.
    ************************************************** ********************
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


  3. Re: [Samba] home lan

    On Thu, May 29, 2008 at 12:39 AM, Skip Guenter wrote:
    >Yesterday I was VNCing into one of the crunchers and it wouldn't
    > connect. Ran a .bat file I have that pings all the machines and tells me if
    > any don't respond that should. Dang router (192.168.nnn.1) didn't
    > respond... along with some of the other machines. After rebooting cable
    > modem, router, wireless AP - NO CHANGE. For unrelated reasons I happened to
    > crash my desktop (C17, the win XP box) a bit later... when it came back up
    > all was fine and everybody on the network was again consistently pingable,
    > sub 1ms. I'm concluding it's something to do with C17 being the one and
    > only 'computer browser list maintainer' on the network. Maybe a bad
    > conclusion but it still brings up that I think I need to address getting a
    > 'backup computer browser' on the LAN.


    I think the only problem is IP address of individual computer. Is this
    still static of DHCP? If it is DHCP, which computer is running DHCP?

    If the problem occur again, please check both computers IP address.
    Even local dns would not help you to solve this as you are connecting
    using IP address. DNS only usefull if you are using name, not IP (to
    convert name to IP).

    DK
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


  4. Re: [Samba] home lan

    On Wednesday 28 May 2008 10:04:08 pm David Kuntadi wrote:
    > On Thu, May 29, 2008 at 12:39 AM, Skip Guenter

    wrote:
    > >Yesterday I was VNCing into one of the crunchers and it wouldn't
    > > connect. Ran a .bat file I have that pings all the machines and tells me
    > > if any don't respond that should. Dang router (192.168.nnn.1) didn't
    > > respond... along with some of the other machines. After rebooting cable
    > > modem, router, wireless AP - NO CHANGE. For unrelated reasons I happened
    > > to crash my desktop (C17, the win XP box) a bit later... when it came
    > > back up all was fine and everybody on the network was again consistently
    > > pingable, sub 1ms. I'm concluding it's something to do with C17 being
    > > the one and only 'computer browser list maintainer' on the network.
    > > Maybe a bad conclusion but it still brings up that I think I need to
    > > address getting a 'backup computer browser' on the LAN.

    >
    > I think the only problem is IP address of individual computer. Is this
    > still static of DHCP? If it is DHCP, which computer is running DHCP?
    >
    > If the problem occur again, please check both computers IP address.
    > Even local dns would not help you to solve this as you are connecting
    > using IP address. DNS only usefull if you are using name, not IP (to
    > convert name to IP).
    >
    > DK


    Shorewall. DHCP Server and BIND are three ways to get a home LAN going.
    Shorewall will handle NAT and provide your security while DHCP Server will
    handle assigning IP address assignments. BIND will handle internal DNS stuff
    (and can even cache the External DNS.) All of these will allow Samba to work
    as well.

    Mandriva Linux even has a Wizard to set up all these sevices for you.

    --Shaun
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


+ Reply to Thread