Setting up multiple servers for handling multiple workgroups/domains - SMB

This is a discussion on Setting up multiple servers for handling multiple workgroups/domains - SMB ; Hi there I have a Linux-box acting as a router for two subnets; 192.168.1.0/24 and 192.168.2.0/24. As of now I have one samba server running, serving both subnets, but only in one workgroup. I've set it up so that the ...

+ Reply to Thread
Results 1 to 13 of 13

Thread: Setting up multiple servers for handling multiple workgroups/domains

  1. Setting up multiple servers for handling multiple workgroups/domains

    Hi there

    I have a Linux-box acting as a router for two subnets; 192.168.1.0/24
    and 192.168.2.0/24. As of now I have one samba server running, serving
    both subnets, but only in one workgroup. I've set it up so that the
    workgroup "skole" should logically be the one on .1 and "pedagog"
    should be on .2 (of course, this is "done" by the different clients
    around the net). But, now I want to set up a new netbios-name, erwin,
    to serve .2 ("pedagog") specifically, and to become the primary domain
    controller for it as well. How do I accomplish this, and is it
    possible without running two servers?

    Great thanks in advance

    Marius

  2. Re: Setting up multiple servers for handling multiple workgroups/domains

    Marius Flage wrote:

    > Hi there
    >
    > I have a Linux-box acting as a router for two subnets; 192.168.1.0/24
    > and 192.168.2.0/24. As of now I have one samba server running, serving
    > both subnets, but only in one workgroup. I've set it up so that the
    > workgroup "skole" should logically be the one on .1 and "pedagog"
    > should be on .2 (of course, this is "done" by the different clients
    > around the net). But, now I want to set up a new netbios-name, erwin,
    > to serve .2 ("pedagog") specifically, and to become the primary domain
    > controller for it as well. How do I accomplish this, and is it
    > possible without running two servers?
    >
    > Great thanks in advance
    >
    > Marius

    Just not very clear about what you are trying to do. So, do you want to
    host two PDCs on the same system ?

    If that is what you want to do ... then the key to your solution is to
    load different smb.conf files for different client, or in your cases
    different sub nets.

    Please, do share your results if that does work.

    Sunny

  3. Re: Setting up multiple servers for handling multiple workgroups/domains

    On Tue, 6 Jan 2004, Sunny wrote:

    > Just not very clear about what you are trying to do. So, do you want to
    > host two PDCs on the same system ?


    They don't have to be running as PDCs, no. Just running with -different-
    names in different workgroups on separate subnets.

    > If that is what you want to do ... then the key to your solution is to
    > load different smb.conf files for different client, or in your cases
    > different sub nets.


    And how do I do that? The clue to this is nmbd, isn't it? I have to launch
    two copies of it, and make it bind specifically to different interfaces,
    don't I?

    Can anyone else help out?

    Marius


  4. Re: Setting up multiple servers for handling multiple workgroups/domains

    Marius Flage wrote:

    > On Tue, 6 Jan 2004, Sunny wrote:
    >
    >
    >>Just not very clear about what you are trying to do. So, do you want to
    >>host two PDCs on the same system ?

    >
    >
    > They don't have to be running as PDCs, no. Just running with -different-
    > names in different workgroups on separate subnets.
    >
    >
    >>If that is what you want to do ... then the key to your solution is to
    >>load different smb.conf files for different client, or in your cases
    >>different sub nets.

    >
    >
    > And how do I do that? The clue to this is nmbd, isn't it? I have to launch
    > two copies of it, and make it bind specifically to different interfaces,
    > don't I?
    >
    > Can anyone else help out?
    >
    > Marius
    >

    Actually, since you want total separation then it is much simpler (no
    need to dynamically load different smb.conf files based on the IP
    address). Have two different smb.conf file.
    - smb.conf.subnet1
    - smb.conf.subnet2

    In "smb.conf.subnet1", have the following parameters
    interfaces = "subnet1" or 192.168.1.1/24 127.0.0.1/8
    bind interfaces only = yes

    *note* you need the 127.0.0.1 entry so that you can connect locally
    (used by Samba for changing passwords, for example).

    In "smb.conf.subnet2", have the following parameters
    interface = "subnet2" or 192.168.2.1/24 127.0.0.1/8
    bind interfaces only = yes

    Than you just start the nmbd & smbd server with their own smb.conf files.
    $ nmbd -D -s /.../smb.conf.subnet1
    $ smbd -D -s /.../smb.conf.subnet1

    .... similarly for the 2nd subnet.

    You now have 2 samba server running separately on 2 different NICs.
    Couple of things to watch for:

    1) Log subdirectory. You can make then separate using the -l option.

    2) Locking. Since, SAMBA will be running as 2 different application,
    there is no way for them to know what the other is doing unless you
    utilize the Locking provided by the kernel. So, make sure to compile
    the kernel with the locking capabilities and also configure Samba to use
    it. You only need to worry about this if you'll be make the same sahres
    available via both the Samba servers.

    Hope that helps,
    Sunny

  5. Re: Setting up multiple servers for handling multiple workgroups/domains

    On Wed, 7 Jan 2004, Sunny wrote:

    > Than you just start the nmbd & smbd server with their own smb.conf files.
    > $ nmbd -D -s /.../smb.conf.subnet1
    > $ smbd -D -s /.../smb.conf.subnet1


    Problem, it won't launch for the second subnet, and I get the following
    error:

    ERROR: nmbd is already running. File /var/run/samba/nmbd.pid exists and
    process id 24638 is running.

    So, it doesn't look like nmbd provides support for running more than one
    daemon?

    Marius


  6. Re: Setting up multiple servers for handling multiple workgroups/domains

    Marius Flage wrote:
    ....
    > ERROR: nmbd is already running. File /var/run/samba/nmbd.pid exists and
    > process id 24638 is running.

    ....

    Does it help having different "pid directory" settings for the
    two configurations?

    E.g.

    mkdir /var/run/samba1 /var/run/samba2

    and put

    pid directory = /var/run/samba1

    in the subnet1 smb.conf, and

    pid directory = /var/run/samba2

    in the subnet2 smb.conf.

    Mogens

    --
    Mogens Kjaer, Carlsberg A/S, Computer Department
    Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
    Phone: +45 33 27 53 25, Fax: +45 33 27 47 08
    Email: mk@crc.dk Homepage: http://www.crc.dk


  7. Re: Setting up multiple servers for handling multiple workgroups/domains

    On Fri, 9 Jan 2004, Mogens Kjaer wrote:

    > Does it help having different "pid directory" settings for the
    > two configurations?


    As far as I can tell, there's no such setting as "pid directory". I'm
    running Debian stable, so the samba version isn't the newest around, so if
    it's a pretty new feature I probably haven't got it.

    Marius




  8. Re: Setting up multiple servers for handling multiple workgroups/domains

    Marius Flage wrote:
    >> Does it help having different "pid directory" settings for the
    >> two configurations?

    >
    > As far as I can tell, there's no such setting as "pid directory". I'm


    Where did you look?
    $ testparm -sv | grep -i "pid directory"
    pid directory = /var/run/samba
    $ man -P /bin/cat smb.conf | grep -2i "pid directory"


    pid directory (G)
    This option specifies the directory where pid files
    will be placed.

    > running Debian stable, so the samba version isn't the newest around, so if
    > it's a pretty new feature I probably haven't got it.


    So ... what happened after you tried setting in smb.conf?
    --
    /dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
    or put "not-spam" or "/dev/rob0" in Subject header to reply

  9. Re: Setting up multiple servers for handling multiple workgroups/domains

    On Fri, 9 Jan 2004, /dev/rob0 wrote:

    > Where did you look?
    > $ testparm -sv | grep -i "pid directory"
    > pid directory = /var/run/samba
    > $ man -P /bin/cat smb.conf | grep -2i "pid directory"


    Did you get the part that I'm running debian stable? The setting isn't in
    the package delivered by stable, it's probably in unstable, but I don't
    want to run that, unstable that is.

    Marius


  10. Re: Setting up multiple servers for handling multiple workgroups/domains

    Marius Flage wrote:
    > Did you get the part that I'm running debian stable?


    Yes, I did, but that does not tell us the Samba version. Did you try the
    2 command lines I showed you? I do not think the "pid directory" is a
    new setting. We have it in older 2.2.x machines, and something like
    that, I bet, goes back much further, probably pre-1.0.

    (On the oldest machine I tried, testparm didn't accept the -v option.
    But 2 seconds of experimentation showed that "-s" then is the same as
    "-sv" now.)

    > The setting isn't in
    > the package delivered by stable, it's probably in unstable, but I don't


    So EDIT your smb.conf and PUT it in there and SEE what happens.
    --
    /dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
    or put "not-spam" or "/dev/rob0" in Subject header to reply

  11. Re: Setting up multiple servers for handling multiple workgroups/domains

    On Sat, 10 Jan 2004, /dev/rob0 wrote:

    > Yes, I did, but that does not tell us the Samba version. Did you try the
    > 2 command lines I showed you? I do not think the "pid directory" is a
    > new setting. We have it in older 2.2.x machines, and something like
    > that, I bet, goes back much further, probably pre-1.0.


    The deb-package is named 2.2.3a-12.3. The setting is not there:

    hobbiton:/etc# testparm -s | grep "pid directory"
    hobbiton:/etc#

    As you can see, it returned nothing.

    > So EDIT your smb.conf and PUT it in there and SEE what happens.


    That was the first thing I did after I got your initial response, that's
    when I went ahead and checked the settings available and couldn't find it
    there.

    Marius



  12. Re: Setting up multiple servers for handling multiple workgroups/domains

    Sunny wrote:

    > Marius Flage wrote:
    >
    >> Hi there
    >>
    >> I have a Linux-box acting as a router for two subnets; 192.168.1.0/24
    >> and 192.168.2.0/24. As of now I have one samba server running, serving
    >> both subnets, but only in one workgroup. I've set it up so that the
    >> workgroup "skole" should logically be the one on .1 and "pedagog"
    >> should be on .2 (of course, this is "done" by the different clients
    >> around the net). But, now I want to set up a new netbios-name, erwin,
    >> to serve .2 ("pedagog") specifically, and to become the primary domain
    >> controller for it as well. How do I accomplish this, and is it
    >> possible without running two servers?
    >>
    >> Great thanks in advance
    >>
    >> Marius

    >
    > Just not very clear about what you are trying to do. So, do you want to
    > host two PDCs on the same system ?
    >
    > If that is what you want to do ... then the key to your solution is to
    > load different smb.conf files for different client, or in your cases
    > different sub nets.
    >
    > Please, do share your results if that does work.
    >
    > Sunny

    Hey Marius,

    I have another approach for you. Use the virtualization capabilities in
    samba. I am not sure if you are familiar with it. That way you'll be
    running on one instance of both nmbd & smbd daemons. What will happen
    is that based on the connection, the daemons will load a different
    sub-section of the smb.conf file.

    I am summarizing it below.

    Have a main smb.conf file.

    --- smb.conf ---
    [global]
    netbios alias = skole pedagog
    include = /usr/local/samba/lib/smb.conf.%L

    --- end ---

    When the client tries to connect to the SAMBA server it will specify the
    name of the server to which it's trying to connect. When the client
    wants to connect to skole server, the SAMBA server will than load the
    smb.conf.skole.

    Best thing about this approach is that you'll not have to worry about
    the locking issues.

    Hope that helps,
    Sunny


  13. Re: Setting up multiple servers for handling multiple workgroups/domains

    Marius Flage wrote:
    >> Yes, I did, but that does not tell us the Samba version. Did you try the

    > [snip]
    > The deb-package is named 2.2.3a-12.3. The setting is not there:


    Okay, there is your Samba version.

    >> 2 command lines I showed you? I do not think the "pid directory" is a

    > [snip]
    > hobbiton:/etc# testparm -s | grep "pid directory"
    > hobbiton:/etc#


    This is useful information, but to be sure I would have used "grep -i".

    >> new setting. We have it in older 2.2.x machines, and something like
    >> that, I bet, goes back much further, probably pre-1.0.

    > [snip]
    > As you can see, it returned nothing.


    So perhaps my guess was wrong (the grep issue maintaining a small
    doubt.) The oldest version I have running is 2.2.5, and it does have the
    "pid directory" option.

    >> So EDIT your smb.conf and PUT it in there and SEE what happens.

    >
    > That was the first thing I did after I got your initial response, that's


    Good. Your reply left the impression that you had not done this. Did it
    log an error about an unknown parameter when you tried it?

    I would venture the suggestion that the best thing for you to try now is
    to upgrade your Samba. Another option might be to chroot one or both
    instances of it, but this would be much more work. Good luck.
    --
    /dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
    or put "not-spam" or "/dev/rob0" in Subject header to reply

+ Reply to Thread