Is there a way to prevent browselists from machines other than those of my choosing to show up in the browselists/network neighbourhood? I don't want win95 clients that offer shares themselves to show up in the network neighbourhood. Michel. -- Michel van der Laan - michel@nijenrode.nl http://www.nijenrode.nl/~michel
>Is there a way to prevent browselists from machines other than those >of my choosing to show up in the browselists/network neighbourhood? > >I don't want win95 clients that offer shares themselves to show up >in the network neighbourhood. > >Michel.Unless you plan on implmenting policies, you are out of luck. With the way ot works, browsing is a free for all, and the more computers / subnets you have, the more interesting it gets. If you are really dead set on this feature, it technicly could be added to the code. -Eric
>Is there a way to prevent browselists from machines other than those >of my choosing to show up in the browselists/network neighbourhood? > >I don't want win95 clients that offer shares themselves to show up >in the network neighbourhood.I do not believe this to be possible - The protocols samba runs under are kind of designed to make everyone visible to everyone. You can make the samba server software win local browse master elections with a parameter change. If you then modified the server software you could arrange a way to eliminate some machines from the reported browse list. I do not believe that filtering of the browse list is currently part of the software, but it wouldn't be that hard to add, with a little work. You could put the clients you don't want to deal with on another 'subnet', but then there is a lot of work you'd have to do in order to make sure they could see everything they should, and it wouldn't prevent them from seeing one another. My question to you is: Why? Why would you want shares to not show up in the browse list? I'm curious because I'm afraid you are trying to make things not show up as a 'security' measure. If so, you should know that just because it isn't in the browse list, that doesn't mean you can't get to it. Anyone can simply type a name into the 'find computer' dialog box and they'll be able to see the shares that machine has available. If security is your goal, you should instead force your users to password protect their shares. Of course, you might just want to clean up an overly large browse list, in which case, some filtering of the browse list might be useful. Of course, asking your users to remove any unneeded shares might also help in this case. And if that doesn't work, you could go to the windows 95 machines and remove the ability to share files and printers. That should stop them. Good luck! Michael Kohne mhkohne@discordia.org "Evolution is God's version of domino rally"
Michael Kohne wrote:>I do not believe this to be possible - The protocols samba runs under are >kind of designed to make everyone visible to everyone. You can make the >samba server software win local browse master elections with a parameter >change. If you then modified the server software you could arrange a way to >eliminate some machines from the reported browse list. I do not believe >that filtering of the browse list is currently part of the software, but it >wouldn't be that hard to add, with a little work.Unless someone is already fooling around with this, please let me know; otherwise I'll play with that myself... it sounds to that it is what I need...> >You could put the clients you don't want to deal with on another 'subnet', >but then there is a lot of work you'd have to do in order to make sure they >could see everything they should, and it wouldn't prevent them from seeing >one another.Actually the shares that I do not want to see (which are all from workstations in the student dorms) are in seperate subnets... But since samba is configured to collate browselists between subnets (since there are subnets that I do *not* want to exlude) they show up the network neighbourhood... My knowledge of the browsing mechanism is limited, but unfortunately so is a lot of the documentation one can find about this... =/ If there's a really simple way to prevent shares showing up from one single seperate subnet, that that would be fine too... How?> >My question to you is: Why? Why would you want shares to not show up in the >browse list? I'm curious because I'm afraid you are trying to make things >not show up as a 'security' measure. If so, you should know that just >because it isn't in the browse list, that doesn't mean you can't get to it.<snip> No, not as a security measure....>Of course, you might just want to clean up an overly large browse list, inExactly; the browselist is just becoming too large.. and I don't want to bother others with some ppl offering their own personal MP3 file. It's not that I don't allow the students to offer that - that's their responsibility.... It's just that I don't want it in the browselist..... It's starting to get very messy. Michel. -- Michel van der Laan - michel@nijenrode.nl http://www.nijenrode.nl/~michel
is it possible to set a scope ID in samba? only machines that have the same scope ID will be able to see each other in the browselists (i think). -blanton ________________________________________ Blanton Lewis Rice University Engineering Support Team blanton@rice.edu 713-527-8750 x5779
>Is there a way to prevent browselists from machines other than those >of my choosing to show up in the browselists/network neighbourhood? > >I don't want win95 clients that offer shares themselves to show up >in the network neighbourhood.I've asked the same question in the samba list some while ago, but no one answered. Have you gotten anywhere with this? It would be a great feature, to be able to clean up those browse lists, to only show 'official' servers... Tom. -- | Tom Vandepoel | Sr.Network Engineer | NetVision nv Tom.Vandepoel@netvision.be http://www.netvision.be | | T. 32-16-31.00.15 | F. 32-16-31.00.12
Bob Lockie wrote:> > > >>Is there a way to prevent browselists from machines other than those > >>of my choosing to show up in the browselists/network neighbourhood? > >> > >>I don't want win95 clients that offer shares themselves to show up > >>in the network neighbourhood. > > > >I've asked the same question in the samba list some while ago, but no > >one answered. > >Have you gotten anywhere with this? It would be a great feature, to be > >able to clean up those browse lists, to only show 'official' servers... > > I think I saw mention of how to do this in the man page for smb.conf. > > I may be wrong and I haven't done it.I've just checked that man page in the 2.0.4 distro, but didn't find anything on this. Does anyone else have hints on how to filter what's in the browse list? Is there anyone else interested in this functionality, except me? Tom. -- | Tom Vandepoel | Sr.Network Engineer | NetVision nv Tom.Vandepoel@netvision.be http://www.netvision.be | | T. 32-16-31.00.15 | F. 32-16-31.00.12
On 4 Jun 99, Tom Vandepoel <Tom.Vandepoel@netvision.be> had questions about Unwanted Browselists:> >Is there a way to prevent browselists from machines other than those > >of my choosing to show up in the browselists/network neighbourhood? > > > >I don't want win95 clients that offer shares themselves to show up > >in the network neighbourhood. > > I've asked the same question in the samba list some while ago, > but no one answered. Have you gotten anywhere with this? It would > be a great feature, to be able to clean up those browse lists, to > only show 'official' servers...I think nmbd checks both WINS and broadcast sources to build the browse.dat file. A brute-force solution would be to edit the browse.dat file periodically, but windoze clients cache the browse list for 15-30 minutes (something like that) so there would be a considerable delay. The real solution would be to hack the nmbd code and add the feature yourself. How about an smb.conf setting to specify a list of NetBIOS names to include in (or exclude from) the browse list? Sounds pretty cool to me. Of course, I love volunteering other people for coding projects (considering I can't seem to get my own projects off the ground...:) Steve ************************************************************* Steve Arnold http://www.rain.org/~sarnold Conserving bandwidth (and belly-button lint...)
>>Date: Wed, 02 Jun 1999 19:54:48 +0200 >>From: Tom Vandepoel <Tom.Vandepoel@netvision.be> >>To: michel@nijenrode.nl, samba@samba.anu.edu.au, samba-bugs@samba.org >>Subject: Re: Unwanted Browselists >>Message-ID: <37556FE8.2A71C977@netvision.be>>>Is there a way to prevent browselists from machines other than those >>of my choosing to show up in the browselists/network neighbourhood? >> >>I don't want win95 clients that offer shares themselves to show up >>in the network neighbourhood.>I've asked the same question in the samba list some while ago, but no >one answered. >Have you gotten anywhere with this? It would be a great feature, to be >able to clean up those browse lists, to only show 'official' servers... > >Tom.Hey Tom, Michel, et al... If the machines you don't want to show up are Windows 9x boxes, all you need to do to make them not show up is disable file and print sharing in Control Panel/Networks (assuming you don't need them to share their drives/printers). WinNT boxes will show up whether you like it or not. WinNT shows up as a result of the Server service, which really can't be disabled cleanly. Another option is to use workgroup names more effectively. Put the accounting folks in the "accounting" workgroup, the sales folks in the "sales" workgroup, etc. That way, if you are in the "complab" workgroup, you will only see others in the complab workgroup when you double-click on network neighborhood. Unless you double-click Entire Network, you won't see sales and accounting and so on. Next choice is to segment the network, which can prevent the netbios over TCP/IP broadcasts from getting to your machines, which keeps undesirables from showing up in your network neighborhood. Does that help at all? Thomas Cameron, CNE, MCP, MCT Three-Sixteen Technical Services, Inc.
> Date: Sun, 06 Jun 1999 18:13:00 +0200 > From: Tom Vandepoel <Tom.Vandepoel@netvision.be> > Subject: Re: Unwanted Browselists > > Thomas Cameron wrote:[munch]> > One workgroup/domain is fine for us, all we want to be able to see are > the 2 major file/print servers in the browse list, and filter out all > other crap...How about using Poledit, and setting "No 'Entire Network' in Network Neighborhood"? (see: Local User, Shell, Restrictions, or thereabouts, depending on your OS). c -- Cliff Green green@umdnj.edu Academic Computing Service UMDNJ