William Burns wrote: > >> On Monday 24 October 2005 14:06, julius Junghans wrote: >> >> >>> ive read a lot in the howto about netbios/ddns, but im still >>> confused if >>> its possible for samba to only use tcp/ip without netbios. >>> are there any howtos for this topic that are not mentioned in the >>> samba3 >>> howto? >>> >> > John H Terpstra wrote: > >> Please point me to the documentation (section and page number please) >> that you have referred to and that is not clear to you. I need to >> know so I can fix it. >> >> > John: > I don't know what Julius is looking at but... > I'm looking into similar docs re: DFS not working on SAMBA servers > that are referred to w/ fully.qualified.sub.domains... (even though a > straight samba share WILL work under that name) > > I figure that all the info that Julius needs is in the docs... > Here's how he might proceed to get where he wants to go. > > At the bottom of this section: > http://us3.samba.org/samba/docs/Samba-Guide.pdf > 13.3.1.2 Routed Networks - Page 480 > > There's a pretty definitive sounding statement: > >> Note >> The use of DNS is not an acceptable substitute >> for WINS. DNS does not store specific >> information regarding NetBIOS networking >> particulars that get stored in the WINS >> name resolution database and that Windows >> clients require and depend on. > Ive read that somewhere in the samba3 howto html docs.
> That sounds like a "no". > > But, later in section > "15.1 Joining a Domain: Windows 200x/XP Professional" > at the bottom of page 495, there's this: > >> Where NetBIOS technology uses WINS as well as UDP broadcast >> as key mechanisms for name resolution, Active Directory >> servers register their services with the Microsoft Dynamic DNS >> server. Windows clients must be able to query the correct DNS >> server to find the services (like which machines are domain controllers >> or which machines have the Netlogon service running). > > Maybe the service information is hold in the ldap? > So, sometime you HAVE to use DNS.... > Later there's a note that you don't have to do this [DNS] if you're in > a SAMBA domain. > But... Does this mean I can disable Netbios/Netbeui? > > There's A direct answer to Julius' question in section > "16.5 Questions and Answers" > at the bottom of page 554 > >> 6. Q: Is it possible to reduce network broadcast activity with >> Samba-3? >> A: Yes, there are two ways to do this. The first involves >> use of WINS (See TOSHARG2, Chapter 9, Section 9.5, “WINS >> — The Windows Inter-networking Name Server”); the alternate >> method involves disabling the use of NetBIOS over TCP/IP. This >> second method requires a correctly configured DNS server (see >> TOSHARG2, Chapter 9, Section 9.3, “Discussion”) > > *howto* > Plus the following note: > >> Note >> Use of SMB without NetBIOS is possible only >> on Windows 200x/XP Professional clients >> and servers, as well as with Samba-3. > > > Personally, I find the answer to question 6 a little confusing because > I *thought* that in Win'9x, disabling "NetBIOS over TCP/IP" meant that > you'd get no SMB traffic on the TCP/IP side of that client. (It'd be > all NetBEUI) > > This Win' 9x "NetBIOS over TCP/IP" config feature does not exist in > Win' XP as such, but is provided by Win' XP's "TCP/IP NetBIOS Helper" > in Control-Panel/Services which "Enables support for NetBIOS over > TCP/IP (NetBT) service and NetBIOS name resolution" > This service sometimes inexplicably gets turned off, causing the > Win'XP client to fail to use DNS resolution to resolve SMB names. > > But... it IS possible.... > That brings us to this section > http://tr.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2551944 > > which is not numbered in the html version ??? but in the PDF version > has a section number: > http://us3.samba.org/samba/docs/Samba3-HOWTO.pdf > "9.3.2 TCP/IP without NetBIOS" > On page 151 we learn: > >> Use of raw SMB over TCP/IP (No NetBIOS layer) can be done only with >> Active Directory domains. Samba is not an Active Directory domain >> controller: >> ergo, it is not possible to run Samba as a domain controller and at >> the same time not use NetBIOS. > Yep, I also read that. so you can't use it without an ms windows active directory server...if i understand this right. That would be a problem. > But, it should be possible to do this w/ a stand-alone SAMBA server. > Well, how? All the DNS/DDNS stuff seems to be hacked into little peaces and put somewhere in the docs. > And then, a very interesting statement: > >> Where Samba is used as an Active Directory >> domain member server (DMS) it is possible to configure Samba to not >> use NetBIOS over TCP/IP. > > Thats what i want. Or maybe im to confused at all now....lets for the moment assume thats what i want. > This is interesting because I *thought* that I was concerned about > replacing NetBIOS w/ DNS name resolution on my Win'XP clients. > Is this also about how SAMBA resolves names? > I hadn't given any thought to the possibility that SAMBA might need to > resolve an IP from a PC name.., or even know the PC name at all... > IS this a requirement? I mean, isn't the smbd process passive? Maybe > not.....? > >> if NetBIOS over TCP/IP is disabled, it is >> necessary to manually create appropriate DNS entries for the Samba DMS >> because they will not be automatically generated either by Samba, or by >> the ADS environment. > > Can you run a Domain Member Server without an Domain Controller? > Now, it seems like I've been told that: if I want to have a SAMBA > server without NetBIOS (only DNS) name services enabled on the > clients, my only hope is to get a SAMBA member server into my Active > Directory domain. I'd expect to see the SRV records that I need to put > into A.D. spelled out... > Is that what's on page 152? > There was an exception: 6. Q: Is it possible to reduce network broadcast activity with Samba-3? Am i Wrong? > Instead, it looks like lots of stuff that an AD domain puts into DNS > is listed. > I don't get the idea that these are the few things that I need to ADD > to an existing MS-DNS server in order to get my member server going. > (Am I wrong?) > > Then I'm supposed to double-check my work by looking on a DNS server > named frodo for what provides LDAP service for > "_ldap._tcp.dc._msdcs.quenya.org" ? > > Phew... That was supposed to convince me that SAMBA/AD domain > membership is not for the faint-of-heart, right? > Either that, or it was supposed to encourage me (w/ a wink) to take on > the challenge of going straight to doing everything w/ a linux-based > DNS server in place of MS-DNS. > > Which.... Might cause me to look at the section on DDNS, and DHCP, > where I *think* Julius was looking.... > And I might be encouraged to tilt at the ISC vs. MS DNS windmill. (It > would be cool, wouldn't it?) > > But I, as a non-unix-wizard, should really be looking back at: > http://us3.samba.org/samba/docs/Samba3-HOWTO.pdf > "6.3 Domain Member Server" > and > "6.4 Samba ADS Domain Membership" > on Page 107. > >> This is a rough guide to setting up Samba-3 with Kerberos authentication >> against a Windows 200x KDC. A familiarity with Kerberos is assumed. > > > Where I can bite the kerberos configuration bullet, and refer to a few > microsoft documents to help me get a SAMBA server kerberized right > into an AD domain. > And then, when I've got that done, I can turn off NetBIOS over TCP/IP > on my Win'XP clients. > At least... I think that's the intent of the docs... If I was reading > that right. > > -Bill > > Thx for putting the peaces together :) Greets Julius -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
