I've RTFM (inlcuding the very nice BROWSING.txt and BROWSING-Config.txt) as
well
as the archives and I can't find any info on my particular problem. Any
assistance at all would be most appreciated!
Background:
I am trying to use samba to control the browse lists for our main workgroup
throughout our enterprise. I set up a samba server on AIX. It is a WINS
server, as well as the Domain Master Browser (DMB) and the Local Master Browser
for its subnet. I have another samba server running Redhat 5.1 and it is acting
as the Local Master Browser for its [different] subnet. It knows about the WINS
server.
Problem:
By setting my debug level to 3 I can watch samba get info for the workgroup - it
happily collects info and also happily syncs with other Local Master Browsers on
different subnets. From my Windoze95 I can do a NET VIEW /WORKGROUP:ITS and I
can see the browse list start to grow as the syncs occur.
But, if I go to my NT workstation (MSCRAMER-LAPTOP, with addr 172.16.3.136) *IT
IS UNABLE TO GET THE BROWSE LIST*. The workgroup name is ITS. This NT
workstation is on the same subnet as the second samba server. When I first go
to Network Neighborhood I see the following in log.smb on the WINS Server / DMB:
process_get_backup_list_request: request from MSCRAMER-LAPTOP<00> IP
172.16.3.13
6 to ITS<1b>.
send_backup_list_response: sending backup list for workgroup ITS to MSCRAMER-LAP
TOP<00> IP 172.16.3.136
process_get_backup_list_request: request from MSCRAMER-LAPTOP<00> IP
172.16.3.13
6 to ITS<1b>.
send_backup_list_response: sending backup list for workgroup ITS to MSCRAMER-LAP
TOP<00> IP 172.16.3.136
but none of the machines in the workgroup are in my browse list. If I drill
down through entire network, MS Networking, and then the workgroup name (ITS) I
get the following error in a dialog:
Its is not accessible
The account is not authorized to login from this station
and also the log.nmb given above message appears again on the WINS/DMB machine.
Now, I am aware of the encrypted passwords issue - this NT machine is running
SP4. If I add the registry key to use plaintext passwords things work fine.
However, adding this registry key to all of our NT machines is not an option.
So.....what is going on here???
Under Windoze95 things work fine - I can see the browse list. The thing that
confuses me is that if I do a "Find Computer" on NT and search for the
name of
the WINS/DMB machine I find it. Not only do I find it, but I can drill down
into it and see all the shares (like netlogon and a public share)!!! Without
the Registry kludge! So obviously I am getting my connection to IPC$.
Permissions on /var/locks/samba are 0644. The NT box has NetBIOS bound to only
IP.
Am I doing something wrong? It seems to me (although I don't understand it)
that serving the browse list is some sort of special operation or
"share" and
that it requires a password. If this is true, then this seems like a serious
limitation of samba. Why not make this available via IPC$? Please tell me that
I am just doing something wrong. Attached is the smb.conf for the WINS/DMB
machine. samba version is 1.9.18p10.
/usr/local/samba/lib/users.map has a single entry:
pcguest = *
;======================= Global Settings
====================================[global]
workgroup = ITS
volume = AIX
load printers = no
guest account = pcguest
guest ok = yes
username map = /usr/local/samba/lib/users.map
debug level = 3
log file = /var/log/samba-log.%m
max log size = 500
short preserve case = yes
preserve case = yes
lock directory = /var/locks/samba
locking = yes
strict locking = yes
share modes = yes
security = share
socket options = TCP_NODELAY
; Domain Control Options
domain master = yes
local master = yes
preferred master = yes
os level = 128
domain logons = yes
wins support = yes
;============================ Share Declarations
=============================[netlogon]
comment = Samba Network Logon Service
path = /home/netlogon
guest ok = yes
locking = no
read only = yes
browseable = yes
[IPC$]
comment = IPC Share
path = /tmp
guest ok = yes
browseable = yes
[public]
path = /home/pcguest
public = yes
only guest = yes
writable = no
printable = no
Politics:
Getting this working under samba would be a Good Thing. Right now we have NT in
our environment but with no real structure. NT bigots want to begin building an
NT4 Domain structure. Netware bigots want to put NDS for NT on every NT box.
I'd like to take care of our problems by using samba. Really our only
problems
are name resolution and browsing lists. If I could provide a way for remote
users (on different subnets) to get a consistent list of machines when they
drill down into the ITS workgroup our needs would be met.
Thanks in advance for any help. If I should increase debugging levels and
forward that info along please ask and I will happily do so.
Matt