On Thu, Jul 11, 2002 at 07:04:39AM -0700, Tim Potter wrote: > On Thu, Jul 11, 2002 at 03:57:11PM -0400, Leducq Dominique wrote: > > > Le Mercredi 20 F?vrier 2002 12:51, Tim Potter a ?crit : > > > Nmbd needs to be running on the local system as there are some lookup > > > requests send by winbindd that are sent by Windows NT domain controllers > > > to the incorrect port which is a bug in Windows. ?Nmbd receives these > > > packets and stores them in a database (unexpected.tdb) which winbindd > > > reads from. > > > > I would need some more details about this. Could you please tell me : > > > > - which versions of the OS are involved (NT 4 to XP) ? Only as PDC ? > > - which kind of requests ? > > - which port ? (I guess it replies to port 137 or 445 instead of source > > port of the request...) > > >From memory it is the network request that locates the PDC name on the > network. I think it is only Windows NT 4 but I haven't tested it. It > is one of the udp ports - 139 I think.
Tim, I haven't followed this closely so I may talking about the wrong things, but in general terms... The NBT Name Service is on UDP/137. Early versions of Windows/95 reply to this port instead of the originating source port when sent a Node Status Request. I don't know of anything else that makes that mistake, and it only happens on the Node Status Request, so it's fairly limited. The NBT Datagram Service is used for service announcement (browse list stuff). That's on port UDP/138. I have heard that there are problems with Windows boxes (9x and NT) always replying to 138 when they should reply to the originating source port. I don't have specifics on that one. If NT is involved, then port 445 isn't an issue. NT runs SMB over the NBT Session Service, which is TCP/139. Anyway, if the unexpected.tdb is the reason that winbindd needs nmbd, then I think it could be made optional. I imagine that winbindd would be sending regular name queries in order to find the PDC, probably looking for <ntdomain>#1B. The 1B address is actually the DMB identifier, but in Windows the DMB and PDC must be the same node. It is possible that a Node Status query is also being sent, to verify that the 1B node also has the 1C name registered (1C means "I am an NT Domain Controller). That could be an issue with a Samba DMB. If that's the case, though, W/95 can't be a PDC anyway so not getting a reply shouldn't be a problem. Again, I'm not in sync with the discussion so if that's totally bogus please disregard. Chris -)----- -- Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq. ubiqx Team -- http://www.ubiqx.org/ -)----- [EMAIL PROTECTED] OnLineBook -- http://ubiqx.org/cifs/ -)----- [EMAIL PROTECTED]
