On Sat, May 04, 2002 at 05:09:12PM +0930, Richard Sharpe wrote: > In tracking down some problems with winbindd I have noticed that > namequery.c does not handle multiple IP addresses at all if a DC has > multiple IP addresses (in DNS, and the DNS name is given in passwd server > in the smb.conf).
This is true... The namequery code is kind of a mess; it is hard to tell which types of name resolution are capable of returning multiple addresses. NMB lookups can return multiple addresses for the DC but not for hosts. LMHOSTS and DNS lookups will only return one address even though you would expect they should return multiple addresses. Of course, if you list multiple addresses in the password server directive, you get multiple hosts, but only one IP per listed host. > I suspect that this will not cause a problem if the DC has multiple > adapters that are all configured and working, but if the DC has aliases, > this will cause a problem because cm_get_dc_name in winbindd_cm.c calls > get_dc_ip, which only returns one IP, which might be the IP of the alias. Why are you putting multiple IP addresses for the same DC in DNS? It sounds like the Windows server doesn't expect you to do this. Samba expects that each of the IP addresses it receives from get_dc_list will be independent DCs. > cm_get_dc_name then goes on to do a WINS request against the returned IP, > but Windows seems not to listen for WINS requests against anything other > than the primary IP address of the adapter. How do Windows clients behave? Do they somehow "know" the correct address of the DC? > This will cause painfully inexplicable results for some DCs and not > others, however, it is going to require some work in namequery.c to fix. I'm working in putting IPv6 support in Samba, which in part requires changing much of the networking code to operate on address lists rather than assuming that each host is identified by a single address. This should fix the multiple-IPs-per-server problem, but for this case I'm not sure it will help you since the Windows server behaves differently depending on which address you talk to. The solution for your problem, I think, is to configure Samba with either an IP address for the DC or a DNS name that resolves to only the primary address. -Nathan -- +-------------------+---------------------+------------------------+ | Nathan Lutchansky | [EMAIL PROTECTED] | Lithium Technologies | +------------------------------------------------------------------+ | I dread success. To have succeeded is to have finished one's | | business on earth... I like a state of continual becoming, | | with a goal in front and not behind. - George Bernard Shaw | +------------------------------------------------------------------+
msg00580/pgp00000.pgp
Description: PGP signature
