I ran snoop on my samba servers to capture Ethernet packets between the remote XP machine and the samba servers. It does show that the
With a successful connection: The client sends what appears to be an empty SMB packet to the server on port 445 SMB: ----- SMB: ----- SMB: SMB: "" SMB: The server responds with a similar packet, then the client starts sending more information to the server e.g. NBT: ----- NBT Header ----- NBT: NBT: Type = SESSION MESSAGE NBT: Length = 133 bytes NBT: SMB: ----- SMB Header ----- SMB: SMB: CLIENT REQUEST SMB: Command code = 0x72 SMB: Command name = SMBnegprot SMB: SMB: SMB Status: SMB: - Error class = No error SMB: - Error code = No error SMB: SMB: Header: SMB: - Tree ID (TID) = 0x0000 SMB: - Process ID (PID) = 0xfeff SMB: - User ID (UID) = 0x0000 SMB: - Multiplex ID (MID) = 0x0000 SMB: - Flags summary = 0x18 SMB: - Flags2 summary = 0xc853 SMB: SMB: ByteCount = 98 SMB: Dialect String = PC NETWORK PROGRAM 1.0 SMB: Dialect String = LANMAN1.0 SMB: Dialect String = Windows for Workgroups 3.1a SMB: Dialect String = LM1.2X002 SMB: Dialect String = LANMAN2.1 SMB: Dialect String = NT LM 0.12 SMB: However which a failed connection, it looks like the client sends the empty SMB packet, the server does respond with an empty SMB packet, but then the client just sends another empty SMB packet. I am stumped. I appreciate any advice. -----Original Message----- From: Gaiseric Vandal [mailto:[email protected]] Sent: Wednesday, February 02, 2011 7:39 AM To: 'Samba' Subject: RE: [Samba] can connect to 2 samba servers by name but to one by IPonly This is where things stand so far: Pdc1 is samba 3.4.x Bdc1 is samba 3.0.x (also the WINS server) Bdc2 is samba 3.0.x On an XP Pro machine at work, joined to the domain, the following commands work net use \\pdc1 net use \\bdc1 net use \\bdc2 If I connect to work via VPN from either a work machine (which is a domain member, but logging in using cached credentials) or my home PC (XP Pro but not in the domain) the following commands fail net use \\pdc1 net use \\pdc1.mydomain.com The following commands work net use \\bdc1 net use \\bdc2 net use \\IP_OF_PDC1 ping pdc1 ping pdc1.mydomain.com nslookup pdc1.mydomain.com IN fact, "net use" seems to work for any other Windows or Samba server (in the same or different domains), just not the PDC1. Since, by default, VPN clients do NOT use WINS server, this indicates that they are resolving host names via DNS. (I did try enabling WINS client but it didn't change anything.) If the machine is a domain member, "nslookup pdc1" also works. I use sonicwall VPN client which has a "virtual" nic, which gets an IP address (including DNS and optionally wins info) from the company DHCP server, and on the same subnet as the servers and other machines on the network. If I update lmhosts on my PC, I can use "net use \\pdc1." This suggests that XP is NOT using DNS to resolve host name for this host. But that doesn't make sense, since every other host can be accessed by name. "nbtstat -r" ("Lists names resolved by broadcast and via WINS") only shows the other xp machine on my home network, not any of the machines on the company network, so I am pretty sure I am not resolving server names via broadcast or wins. Updating hosts file on my XP machine doesn't help either. It also should not matter how the server resolves hostnames. Any thoughts? Thanks -----Original Message----- From: Gaiseric Vandal [mailto:[email protected]] Sent: Thursday, January 13, 2011 2:14 PM To: TAKAHASHI Motonobu Cc: Samba Subject: Re: [Samba] can connect to 2 samba servers by name but to one by IPonly nslookup on windows machines does require the FQDN name- i.e. "pdc1.mydomain.com." ping does not (windows will appropriately add the domain name.) I have not tried "net use \\pdc1.mydomain.com" from a VPN connection. I know that "nslookup" and "ping" in Windows have separate name resolution routines, and handle domain suffixes a little differently. Again, that should have affected all machines. Machines on VPN connection get the "mydomain.com" appended to the VPN virtual NIC, but it is not the default domain for the machine. I looked at my DNS server- I can't see any differences in the entry for "pdc1" vs any other machine- even though DNS is the only thing that would make sense. But VPN clients use the 2ndary DNS servers for name lookup, not the primary. I may try configuring VPN clients to use the primary DNS server. None of the server names are 16 characters or more. Thanks On 01/13/2011 12:38 PM, TAKAHASHI Motonobu wrote: > 2011/1/13 Gaiseric Vandal<[email protected]>: > >> Adding pdc1 to the hosts file (c:\windows\system32\drivers\etc\hosts) did >> not make a difference. After adding pdc1 to lmhosts, "net use \\pdc1" did >> work. So in the case of pdc1 one, the name is being resolved as a netbios >> name (i.e. via lmhosts) not a tcp/ip type name (i.e. via dns or hosts) >> >> But then why does "net use" work with all the other windows or samba >> servers? As far as I can tell, DNS is the only method by which the names >> are being resolved. >> > What does "nslookup PDC1" and "ping PDC1" show? > > If you have a host named "PDC1.example.com" then nslookup PDC1 may > return the IP address of "PDC1.example.com", not the IP address of > expected "PDC1". > > Anyway, you had better debug at the view of DNS name resolution, not Samba. > > --- > TAKAHASHI Motonobu<[email protected]> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
