1
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter�29.�Integrating MS Windows Networks with Samba</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"><link rel="start" href="index.html" title="The Official Samba-3 HOWTO and Reference Guide"><link rel="up" href="optional.html" title="Part�III.�Advanced Configuration"><link rel="prev" href="pam.html" title="Chapter�28.�PAM-Based Distributed Authentication"><link rel="next" href="unicode.html" title="Chapter�30.�Unicode/Charsets"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter�29.�Integrating MS Windows Networks with Samba</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="pam.html">Prev</a>�</td><th width="60%" align="center">Part�III.�Advanced Configuration</th><td width="20%" align="right">�<a accesskey="n" href="unicode.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="integrate-ms-networks"></a>Chapter�29.�Integrating MS Windows Networks with Samba</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email"><<a href="mailto:jht@samba.org">jht@samba.org</a>></code></p></div></div></div></div><div><p class="pubdate"> (Jan 01 2001) </p></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="integrate-ms-networks.html#id424744">Features and Benefits</a></span></dt><dt><span class="sect1"><a href="integrate-ms-networks.html#id424761">Background Information</a></span></dt><dt><span class="sect1"><a href="integrate-ms-networks.html#id424880">Name Resolution in a Pure UNIX/Linux World</a></span></dt><dd><dl><dt><span class="sect2"><a href="integrate-ms-networks.html#id424951"><code class="filename">/etc/hosts</code></a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425107"><code class="filename">/etc/resolv.conf</code></a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425140"><code class="filename">/etc/host.conf</code></a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425188"><code class="filename">/etc/nsswitch.conf</code></a></span></dt></dl></dd><dt><span class="sect1"><a href="integrate-ms-networks.html#id425298">Name Resolution as Used within MS Windows Networking</a></span></dt><dd><dl><dt><span class="sect2"><a href="integrate-ms-networks.html#id425691">The NetBIOS Name Cache</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425770">The LMHOSTS File</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425896">HOSTS File</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425921">DNS Lookup</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id425943">WINS Lookup</a></span></dt></dl></dd><dt><span class="sect1"><a href="integrate-ms-networks.html#id426077">Common Errors</a></span></dt><dd><dl><dt><span class="sect2"><a href="integrate-ms-networks.html#id426088">Pinging Works Only One Way</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id426116">Very Slow Network Connections</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id426154">Samba Server Name-Change Problem</a></span></dt></dl></dd></dl></div><p>
2
<a class="indexterm" name="id424707"></a>
1
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter�29.�Integrating MS Windows Networks with Samba</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="optional.html" title="Part�III.�Advanced Configuration"><link rel="prev" href="pam.html" title="Chapter�28.�PAM-Based Distributed Authentication"><link rel="next" href="unicode.html" title="Chapter�30.�Unicode/Charsets"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter�29.�Integrating MS Windows Networks with Samba</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="pam.html">Prev</a>�</td><th width="60%" align="center">Part�III.�Advanced Configuration</th><td width="20%" align="right">�<a accesskey="n" href="unicode.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="integrate-ms-networks"></a>Chapter�29.�Integrating MS Windows Networks with Samba</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email"><<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>></code></p></div></div></div></div><div><p class="pubdate"> (Jan 01 2001) </p></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="integrate-ms-networks.html#id448624">Features and Benefits</a></span></dt><dt><span class="sect1"><a href="integrate-ms-networks.html#id448641">Background Information</a></span></dt><dt><span class="sect1"><a href="integrate-ms-networks.html#id448760">Name Resolution in a Pure UNIX/Linux World</a></span></dt><dd><dl><dt><span class="sect2"><a href="integrate-ms-networks.html#id448831"><code class="filename">/etc/hosts</code></a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id448992"><code class="filename">/etc/resolv.conf</code></a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449025"><code class="filename">/etc/host.conf</code></a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449073"><code class="filename">/etc/nsswitch.conf</code></a></span></dt></dl></dd><dt><span class="sect1"><a href="integrate-ms-networks.html#id449183">Name Resolution as Used within MS Windows Networking</a></span></dt><dd><dl><dt><span class="sect2"><a href="integrate-ms-networks.html#id449576">The NetBIOS Name Cache</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449659">The LMHOSTS File</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449764">HOSTS File</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449789">DNS Lookup</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449811">WINS Lookup</a></span></dt></dl></dd><dt><span class="sect1"><a href="integrate-ms-networks.html#id449942">Common Errors</a></span></dt><dd><dl><dt><span class="sect2"><a href="integrate-ms-networks.html#id449953">Pinging Works Only One Way</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id449980">Very Slow Network Connections</a></span></dt><dt><span class="sect2"><a href="integrate-ms-networks.html#id450018">Samba Server Name-Change Problem</a></span></dt></dl></dd></dl></div><p>
2
<a class="indexterm" name="id448587"></a>
3
3
This chapter deals with NetBIOS over TCP/IP name to IP address resolution. If
4
4
your MS Windows clients are not configured to use NetBIOS over TCP/IP, then this
5
5
section does not apply to your installation. If your installation involves the use of
6
6
NetBIOS over TCP/IP, then this chapter may help you to resolve networking problems.
7
7
</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>
8
<a class="indexterm" name="id424722"></a>
9
<a class="indexterm" name="id424729"></a>
8
<a class="indexterm" name="id448602"></a>
9
<a class="indexterm" name="id448609"></a>
10
10
NetBIOS over TCP/IP has nothing to do with NetBEUI. NetBEUI is NetBIOS
11
11
over Logical Link Control (LLC). On modern networks it is highly advised
12
12
to not run NetBEUI at all. Note also that there is no such thing as
13
13
NetBEUI over TCP/IP the existence of such a protocol is a complete
14
14
and utter misapprehension.
15
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id424744"></a>Features and Benefits</h2></div></div></div><p>
15
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id448624"></a>Features and Benefits</h2></div></div></div><p>
16
16
Many MS Windows network administrators have never been exposed to basic TCP/IP
17
17
networking as it is implemented in a UNIX/Linux operating system. Likewise, many UNIX and
18
18
Linux administrators have not been exposed to the intricacies of MS Windows TCP/IP-based
21
21
This chapter gives a short introduction to the basics of how a name can be resolved to
22
22
its IP address for each operating system environment.
23
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id424761"></a>Background Information</h2></div></div></div><p>
24
<a class="indexterm" name="id424768"></a>
25
<a class="indexterm" name="id424775"></a>
26
<a class="indexterm" name="id424782"></a>
27
<a class="indexterm" name="id424789"></a>
28
<a class="indexterm" name="id424796"></a>
23
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id448641"></a>Background Information</h2></div></div></div><p>
24
<a class="indexterm" name="id448648"></a>
25
<a class="indexterm" name="id448655"></a>
26
<a class="indexterm" name="id448662"></a>
27
<a class="indexterm" name="id448669"></a>
28
<a class="indexterm" name="id448676"></a>
29
29
Since the introduction of MS Windows 2000, it is possible to run MS Windows networking
30
30
without the use of NetBIOS over TCP/IP. NetBIOS over TCP/IP uses UDP port 137 for NetBIOS
31
31
name resolution and uses TCP port 139 for NetBIOS session services. When NetBIOS over
36
36
the client will use UDP port 137 (NetBIOS Name Service, also known as the Windows Internet
37
37
Name Service, or WINS), TCP port 139, and TCP port 445 (for actual file and print traffic).
39
<a class="indexterm" name="id424818"></a>
40
<a class="indexterm" name="id424824"></a>
41
<a class="indexterm" name="id424831"></a>
42
<a class="indexterm" name="id424838"></a>
43
<a class="indexterm" name="id424844"></a>
44
<a class="indexterm" name="id424851"></a>
39
<a class="indexterm" name="id448698"></a>
40
<a class="indexterm" name="id448704"></a>
41
<a class="indexterm" name="id448711"></a>
42
<a class="indexterm" name="id448718"></a>
43
<a class="indexterm" name="id448724"></a>
44
<a class="indexterm" name="id448731"></a>
45
45
When NetBIOS over TCP/IP is disabled, the use of DNS is essential. Most installations that disable NetBIOS
46
46
over TCP/IP today use MS Active Directory Service (ADS). ADS requires
47
<a class="indexterm" name="id424860"></a> dynamic DNS with Service Resource
48
Records (SRV RR) and with Incremental Zone Transfers (IXFR). <a class="indexterm" name="id424870"></a>
47
<a class="indexterm" name="id448740"></a> dynamic DNS with Service Resource
48
Records (SRV RR) and with Incremental Zone Transfers (IXFR). <a class="indexterm" name="id448750"></a>
49
49
Use of DHCP with ADS is recommended as a further means of maintaining central control over the client
50
50
workstation network configuration.
51
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id424880"></a>Name Resolution in a Pure UNIX/Linux World</h2></div></div></div><p>
51
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id448760"></a>Name Resolution in a Pure UNIX/Linux World</h2></div></div></div><p>
52
52
The key configuration files covered in this section are:
53
</p><a class="indexterm" name="id424890"></a><a class="indexterm" name="id424896"></a><a class="indexterm" name="id424903"></a><a class="indexterm" name="id424910"></a><div class="itemizedlist"><ul type="disc"><li><p><code class="filename">/etc/hosts</code></p></li><li><p><code class="filename">/etc/resolv.conf</code></p></li><li><p><code class="filename">/etc/host.conf</code></p></li><li><p><code class="filename">/etc/nsswitch.conf</code></p></li></ul></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id424951"></a><code class="filename">/etc/hosts</code></h3></div></div></div><p>
53
</p><a class="indexterm" name="id448770"></a><a class="indexterm" name="id448776"></a><a class="indexterm" name="id448783"></a><a class="indexterm" name="id448790"></a><div class="itemizedlist"><ul type="disc"><li><p><code class="filename">/etc/hosts</code></p></li><li><p><code class="filename">/etc/resolv.conf</code></p></li><li><p><code class="filename">/etc/host.conf</code></p></li><li><p><code class="filename">/etc/nsswitch.conf</code></p></li></ul></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id448831"></a><code class="filename">/etc/hosts</code></h3></div></div></div><p>
54
54
This file contains a static list of IP addresses and names.
55
55
</p><pre class="programlisting">
56
56
127.0.0.1 localhost localhost.localdomain
57
57
192.168.1.1 bigbox.quenya.org bigbox alias4box
60
<a class="indexterm" name="id424973"></a>
61
<a class="indexterm" name="id424980"></a>
60
<a class="indexterm" name="id448853"></a>
61
<a class="indexterm" name="id448860"></a>
62
62
The purpose of <code class="filename">/etc/hosts</code> is to provide a
63
63
name resolution mechanism so users do not need to remember
66
<a class="indexterm" name="id424996"></a>
67
<a class="indexterm" name="id425003"></a>
68
<a class="indexterm" name="id425010"></a>
66
<a class="indexterm" name="id448876"></a>
67
<a class="indexterm" name="id448883"></a>
68
<a class="indexterm" name="id448890"></a>
69
69
Network packets that are sent over the physical network transport
70
70
layer communicate not via IP addresses but rather using the Media
71
71
Access Control address, or MAC address. IP addresses are currently
72
72
32 bits in length and are typically presented as four decimal
73
73
numbers that are separated by a dot (or period) for example, 168.192.1.1.
75
<a class="indexterm" name="id425026"></a>
75
<a class="indexterm" name="id448906"></a>
76
76
MAC addresses use 48 bits (or 6 bytes) and are typically represented
77
77
as two-digit hexadecimal numbers separated by colons: 40:8e:0a:12:34:56.
84
84
address can be assigned per MAC address. One address must be the primary IP address this is the
85
85
address that will be returned in the Address Resolution Protocol (ARP) reply.
87
<a class="indexterm" name="id425049"></a>
87
<a class="indexterm" name="id448929"></a>
88
88
When a user or a process wants to communicate with another machine,
89
89
the protocol implementation ensures that the “<span class="quote">machine name</span>” or “<span class="quote">host
90
90
name</span>” is resolved to an IP address in a manner that is controlled
91
91
by the TCP/IP configuration control files. The file
92
92
<code class="filename">/etc/hosts</code> is one such file.
94
<a class="indexterm" name="id425074"></a>
94
<a class="indexterm" name="id448954"></a>
95
95
When the IP address of the destination interface has been determined, a protocol called ARP/RARP is used to
96
96
identify the MAC address of the target interface. ARP is a broadcast-oriented method that uses User Datagram
97
97
Protocol (UDP) to send a request to all interfaces on the local network segment using the all 1s MAC address.
117
117
</p></li><li><p>The name or IP address of available domain
118
118
name servers that may be asked to perform name-to-address
119
119
translation lookups.
120
</p></li></ul></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425140"></a><code class="filename">/etc/host.conf</code></h3></div></div></div><p>
121
<a class="indexterm" name="id425151"></a>
120
</p></li></ul></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449025"></a><code class="filename">/etc/host.conf</code></h3></div></div></div><p>
121
<a class="indexterm" name="id449036"></a>
122
122
<code class="filename">/etc/host.conf</code> is the primary means by which the setting in
123
123
<code class="filename">/etc/resolv.conf</code> may be effected. It is a critical configuration file. This file controls
124
124
the order by which name resolution may proceed. The typical structure is:
128
128
</pre><p>Both addresses should be returned. Please refer to the
129
129
man page for <code class="filename">host.conf</code> for further details.
130
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425188"></a><code class="filename">/etc/nsswitch.conf</code></h3></div></div></div><p>
131
<a class="indexterm" name="id425199"></a>
130
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449073"></a><code class="filename">/etc/nsswitch.conf</code></h3></div></div></div><p>
131
<a class="indexterm" name="id449084"></a>
132
132
This file controls the actual name resolution targets. The
133
133
file typically has resolver object specifications as follows:
134
134
</p><pre class="programlisting">
160
160
sent, TCP/IP networks are silent. All TCP/IP communications assume a
161
161
principal of speaking only when necessary.
163
<a class="indexterm" name="id425228"></a>
164
<a class="indexterm" name="id425235"></a>
165
<a class="indexterm" name="id425242"></a>
166
<a class="indexterm" name="id425248"></a>
167
<a class="indexterm" name="id425255"></a>
163
<a class="indexterm" name="id449113"></a>
164
<a class="indexterm" name="id449120"></a>
165
<a class="indexterm" name="id449126"></a>
166
<a class="indexterm" name="id449133"></a>
167
<a class="indexterm" name="id449140"></a>
168
168
Starting with version 2.2.0, Samba has Linux support for extensions to
169
169
the name service switch infrastructure so Linux clients will
170
170
be able to obtain resolution of MS Windows NetBIOS names to IP
177
177
will be possible to ping any MS Windows machine by its NetBIOS
178
178
machine name, as long as that machine is within the workgroup to
179
179
which both the Samba machine and the MS Windows machine belong.
180
</p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id425298"></a>Name Resolution as Used within MS Windows Networking</h2></div></div></div><p>
181
<a class="indexterm" name="id425306"></a>
182
<a class="indexterm" name="id425313"></a>
183
<a class="indexterm" name="id425320"></a>
184
<a class="indexterm" name="id425326"></a>
180
</p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id449183"></a>Name Resolution as Used within MS Windows Networking</h2></div></div></div><p>
181
<a class="indexterm" name="id449191"></a>
182
<a class="indexterm" name="id449198"></a>
183
<a class="indexterm" name="id449204"></a>
184
<a class="indexterm" name="id449211"></a>
185
185
MS Windows networking is predicated on the name each machine is given. This name is known variously (and
186
186
inconsistently) as the “<span class="quote">computer name,</span>” “<span class="quote">machine name,</span>” “<span class="quote">networking
187
187
name,</span>” “<span class="quote">NetBIOS name,</span>” or “<span class="quote">SMB name.</span>” All terms mean the same thing with the
192
192
service level information for the NetBIOS name that is registered. A NetBIOS machine name is therefore
193
193
registered for each service type that is provided by the client/server.
195
<a href="integrate-ms-networks.html#uniqnetbiosnames" title="Table�29.1.�Unique NetBIOS Names">Unique NetBIOS names</a> and <a href="integrate-ms-networks.html#netbiosnamesgrp" title="Table�29.2.�Group Names">group names</a> tables
195
<a class="link" href="integrate-ms-networks.html#uniqnetbiosnames" title="Table�29.1.�Unique NetBIOS Names">Unique NetBIOS names</a> and <a class="link" href="integrate-ms-networks.html#netbiosnamesgrp" title="Table�29.2.�Group Names">group names</a> tables
196
196
list typical NetBIOS name/service type registrations.
197
197
</p><div class="table"><a name="uniqnetbiosnames"></a><p class="title"><b>Table�29.1.�Unique NetBIOS Names</b></p><div class="table-contents"><table summary="Unique NetBIOS Names" border="1"><colgroup><col align="left"><col align="justify"></colgroup><tbody><tr><td align="left">MACHINENAME<00></td><td align="justify">Server Service is running on MACHINENAME</td></tr><tr><td align="left">MACHINENAME<03></td><td align="justify">Generic machine name (NetBIOS name)</td></tr><tr><td align="left">MACHINENAME<20></td><td align="justify">LanMan server service is running on MACHINENAME</td></tr><tr><td align="left">WORKGROUP<1b></td><td align="justify">Domain master browser</td></tr></tbody></table></div></div><br class="table-break"><div class="table"><a name="netbiosnamesgrp"></a><p class="title"><b>Table�29.2.�Group Names</b></p><div class="table-contents"><table summary="Group Names" border="1"><colgroup><col align="left"><col align="justify"></colgroup><tbody><tr><td align="left">WORKGROUP<03></td><td align="justify">Generic name registered by all members of WORKGROUP</td></tr><tr><td align="left">WORKGROUP<1c></td><td align="justify">Domain cntrollers/netlogon servers</td></tr><tr><td align="left">WORKGROUP<1d></td><td align="justify">Local master browsers</td></tr><tr><td align="left">WORKGROUP<1e></td><td align="justify">Browser election service</td></tr></tbody></table></div></div><br class="table-break"><p>
198
<a class="indexterm" name="id425508"></a>
198
<a class="indexterm" name="id449393"></a>
199
199
It should be noted that all NetBIOS machines register their own
200
names as per <a href="integrate-ms-networks.html#uniqnetbiosnames" title="Table�29.1.�Unique NetBIOS Names">Unique NetBIOS names</a> and <a href="integrate-ms-networks.html#netbiosnamesgrp" title="Table�29.2.�Group Names">group names</a>. This is in vast contrast to TCP/IP
200
names as per <a class="link" href="integrate-ms-networks.html#uniqnetbiosnames" title="Table�29.1.�Unique NetBIOS Names">Unique NetBIOS names</a> and <a class="link" href="integrate-ms-networks.html#netbiosnamesgrp" title="Table�29.2.�Group Names">group names</a>. This is in vast contrast to TCP/IP
201
201
installations where the system administrator traditionally
202
202
determines in the <code class="filename">/etc/hosts</code> or in the DNS database what names
203
203
are associated with each IP address.
205
<a class="indexterm" name="id425540"></a>
206
<a class="indexterm" name="id425546"></a>
207
<a class="indexterm" name="id425553"></a>
205
<a class="indexterm" name="id449425"></a>
206
<a class="indexterm" name="id449432"></a>
207
<a class="indexterm" name="id449439"></a>
208
208
One further point of clarification should be noted. The <code class="filename">/etc/hosts</code>
209
209
file and the DNS records do not provide the NetBIOS name information
210
210
that MS Windows clients depend on to locate the type of service that may
216
216
IP address that is returned in the enumerated list of IP addresses.
217
217
Whichever machine first replies, it then ends up providing the logon services.
219
<a class="indexterm" name="id425577"></a>
220
<a class="indexterm" name="id425584"></a>
219
<a class="indexterm" name="id449463"></a>
220
<a class="indexterm" name="id449469"></a>
221
221
The name “<span class="quote">workgroup</span>” or “<span class="quote">domain</span>” really can be confusing, since these
222
222
have the added significance of indicating what is the security
223
223
architecture of the MS Windows network. The term “<span class="quote">workgroup</span>” indicates
230
230
user-level security in a workgroup environment, thus requiring the use
231
231
of a username and a matching password.
233
<a class="indexterm" name="id425611"></a>
234
<a class="indexterm" name="id425618"></a>
235
<a class="indexterm" name="id425627"></a>
236
<a class="indexterm" name="id425636"></a>
237
<a class="indexterm" name="id425645"></a>
238
<a class="indexterm" name="id425654"></a>
239
<a class="indexterm" name="id425661"></a>
240
<a class="indexterm" name="id425668"></a>
233
<a class="indexterm" name="id449496"></a>
234
<a class="indexterm" name="id449503"></a>
235
<a class="indexterm" name="id449512"></a>
236
<a class="indexterm" name="id449521"></a>
237
<a class="indexterm" name="id449531"></a>
238
<a class="indexterm" name="id449540"></a>
239
<a class="indexterm" name="id449546"></a>
240
<a class="indexterm" name="id449553"></a>
241
241
MS Windows networking is thus predetermined to use machine names
242
242
for all local and remote machine message passing. The protocol used is
243
243
called Server Message Block (SMB), and this is implemented using
252
252
MS Windows machines use a complex array of name resolution mechanisms.
253
253
Since we are primarily concerned with TCP/IP, this demonstration is
254
254
limited to this area.
255
</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425691"></a>The NetBIOS Name Cache</h3></div></div></div><p>
256
<a class="indexterm" name="id425699"></a>
257
<a class="indexterm" name="id425706"></a>
258
<a class="indexterm" name="id425712"></a>
255
</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449576"></a>The NetBIOS Name Cache</h3></div></div></div><p>
256
<a class="indexterm" name="id449584"></a>
257
<a class="indexterm" name="id449591"></a>
258
<a class="indexterm" name="id449598"></a>
259
259
All MS Windows machines employ an in-memory buffer in which is
260
260
stored the NetBIOS names and IP addresses for all external
261
261
machines that machine has communicated with over the
271
271
lookup will succeed, but the machine cannot respond. This can be
272
272
frustrating for users but is a characteristic of the protocol.
274
<a class="indexterm" name="id425737"></a>
275
<a class="indexterm" name="id425744"></a>
276
<a class="indexterm" name="id425751"></a>
274
<a class="indexterm" name="id449626"></a>
275
<a class="indexterm" name="id449633"></a>
276
<a class="indexterm" name="id449640"></a>
277
277
The MS Windows utility that allows examination of the NetBIOS
278
278
name cache is called “<span class="quote">nbtstat.</span>” The Samba equivalent
279
279
is called <code class="literal">nmblookup</code>.
280
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425770"></a>The LMHOSTS File</h3></div></div></div><p>
281
<a class="indexterm" name="id425778"></a>
280
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449659"></a>The LMHOSTS File</h3></div></div></div><p>
281
<a class="indexterm" name="id449667"></a>
282
282
This file is usually located in MS Windows NT 4.0 or Windows 200x/XP in the directory
283
283
<code class="filename">%SystemRoot%\SYSTEM32\DRIVERS\ETC</code> and contains the IP address
284
284
and the machine name in matched pairs. The <code class="filename">LMHOSTS</code> file
363
363
# so keeping the number of comments to a minimum will improve performance.
364
364
# Therefore it is not advisable to simply add lmhosts file entries onto the
365
365
# end of this file.
366
</pre></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425896"></a>HOSTS File</h3></div></div></div><p>
366
</pre></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449764"></a>HOSTS File</h3></div></div></div><p>
367
367
This file is usually located in MS Windows NT 4.0 or Windows 200x/XP in
368
368
the directory <code class="filename">%SystemRoot%\SYSTEM32\DRIVERS\ETC</code> and contains
369
369
the IP address and the IP hostname in matched pairs. It can be
370
370
used by the name resolution infrastructure in MS Windows, depending
371
371
on how the TCP/IP environment is configured. This file is in
372
372
every way the equivalent of the UNIX/Linux <code class="filename">/etc/hosts</code> file.
373
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425921"></a>DNS Lookup</h3></div></div></div><p>
374
<a class="indexterm" name="id425928"></a>
373
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449789"></a>DNS Lookup</h3></div></div></div><p>
374
<a class="indexterm" name="id449796"></a>
375
375
This capability is configured in the TCP/IP setup area in the network
376
376
configuration facility. If enabled, an elaborate name resolution sequence
377
377
is followed, the precise nature of which is dependent on how the NetBIOS
382
382
Node Type 8, then a NetBIOS Unicast (over UDP Unicast) is sent to the
383
383
WINS server to obtain a lookup before DNS, HOSTS, LMHOSTS, or broadcast
385
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id425943"></a>WINS Lookup</h3></div></div></div><p>
386
<a class="indexterm" name="id425950"></a>
387
<a class="indexterm" name="id425957"></a>
388
<a class="indexterm" name="id425967"></a>
385
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449811"></a>WINS Lookup</h3></div></div></div><p>
386
<a class="indexterm" name="id449818"></a>
387
<a class="indexterm" name="id449825"></a>
388
<a class="indexterm" name="id449835"></a>
389
389
A WINS (Windows Internet Name Server) service is the equivalent of the
390
390
rfc1001/1002 specified NBNS (NetBIOS Name Server). A WINS server stores
391
391
the names and IP addresses that are registered by a Windows client
394
394
To configure Samba to be a WINS server, the following parameter needs
395
395
to be added to the <code class="filename">smb.conf</code> file:
396
</p><table class="simplelist" border="0" summary="Simple list"><tr><td><a class="indexterm" name="id425996"></a><em class="parameter"><code>wins support = Yes</code></em></td></tr></table><p>
397
<a class="indexterm" name="id426011"></a>
396
</p><table class="simplelist" border="0" summary="Simple list"><tr><td><a class="indexterm" name="id449864"></a><em class="parameter"><code>wins support = Yes</code></em></td></tr></table><p>
397
<a class="indexterm" name="id449878"></a>
398
398
To configure Samba to use a WINS server, the following parameters are
399
399
needed in the <code class="filename">smb.conf</code> file:
400
</p><table class="simplelist" border="0" summary="Simple list"><tr><td><a class="indexterm" name="id426032"></a><em class="parameter"><code>wins support = No</code></em></td></tr><tr><td><a class="indexterm" name="id426044"></a><em class="parameter"><code>wins server = xxx.xxx.xxx.xxx</code></em></td></tr></table><p>
400
</p><table class="simplelist" border="0" summary="Simple list"><tr><td><a class="indexterm" name="id449899"></a><em class="parameter"><code>wins support = No</code></em></td></tr><tr><td><a class="indexterm" name="id449910"></a><em class="parameter"><code>wins server = xxx.xxx.xxx.xxx</code></em></td></tr></table><p>
401
401
where <em class="replaceable"><code>xxx.xxx.xxx.xxx</code></em> is the IP address
402
402
of the WINS server.
403
403
</p><p>For information about setting up Samba as a WINS server, read
404
<a href="NetworkBrowsing.html" title="Chapter�10.�Network Browsing">Network Browsing</a>.</p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id426077"></a>Common Errors</h2></div></div></div><p>
404
<a class="link" href="NetworkBrowsing.html" title="Chapter�10.�Network Browsing">Network Browsing</a>.</p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id449942"></a>Common Errors</h2></div></div></div><p>
405
405
TCP/IP network configuration problems find every network administrator sooner or later.
406
406
The cause can be anything from keyboard mishaps to forgetfulness to simple mistakes to
407
407
carelessness. Of course, no one is ever deliberately careless!
408
</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id426088"></a>Pinging Works Only One Way</h3></div></div></div><p>
408
</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449953"></a>Pinging Works Only One Way</h3></div></div></div><p>
409
409
“<span class="quote">I can ping my Samba server from Windows, but I cannot ping my Windows
410
410
machine from the Samba server.</span>”
416
416
Due to inconsistent netmasks, the Windows machine was on network 192.168.1.0/24, while
417
417
the Samba server was on network 192.168.1.128/25 logically a different network.
418
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id426116"></a>Very Slow Network Connections</h3></div></div></div><p>
418
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id449980"></a>Very Slow Network Connections</h3></div></div></div><p>
419
419
A common cause of slow network response includes:
420
420
</p><div class="itemizedlist"><ul type="disc"><li><p>Client is configured to use DNS and the DNS server is down.</p></li><li><p>Client is configured to use remote DNS server, but the
421
remote connection is down.</p></li><li><p>Client is configured to use a WINS server, but there is no WINS server.</p></li><li><p>Client is not configured to use a WINS server, but there is a WINS server.</p></li><li><p>Firewall is filtering out DNS or WINS traffic.</p></li></ul></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id426154"></a>Samba Server Name-Change Problem</h3></div></div></div><p>
421
remote connection is down.</p></li><li><p>Client is configured to use a WINS server, but there is no WINS server.</p></li><li><p>Client is not configured to use a WINS server, but there is a WINS server.</p></li><li><p>Firewall is filtering out DNS or WINS traffic.</p></li></ul></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id450018"></a>Samba Server Name-Change Problem</h3></div></div></div><p>
422
422
“<span class="quote">The name of the Samba server was changed, Samba was restarted, and now the Samba server cannot be
423
423
pinged by its new name from an MS Windows NT4 workstation, but it does still respond to pinging using
424
424
the old name. Why?</span>”