samba - Jan 2001 - Samba and Lmhosts: HELP NEEDED

Hello,

I would like to use an lmhosts file to solve the following problem:

At our university we have different sites with Samba servers. They all 
serve as domain logon servers (and WINS-servers) for several
domains. People from one departement log on to the Samba server of their 
domain. The problem occurs when
they go (fysically) to another site where they would like to log on and 
obtain their shares from their homesite.

Therefore I wanted to make an general lmhosts file which has the Netbios 
names of all the logon servers for
all the domains. This file would be placed on each logon server in 
/etc/lmhosts. On all the logon servers I would
also have "name resolve order = lmhosts wins bcast".

Example lmhosts file:

a.b.c.d    server1#20 (domain logon server for site1)
a.b.c.d    domain1#1b
e.f.g.h    server2#20 (domain logon server for site2)
e.f.g.h    domain2#1b

The windows clients (win98) are configured according to the specific site.
Network Neigbourhood: Enable Wins-resolution, wins-server = server1 for 
clients in site1
                                                                        
    wins-server = server 2 for clients in site 2

So a user wants to logon to server2 but who is fysically in site1 (where 
the clients refer to the wins-server of site1).
He fills in his userid and password and types in his domain (in the 
Client for Microsoft Networks) and tries to logon. THIS FAILS
Error ==>No domain server was available to validate your password.

TEST: If we change the configuration of the Windows client in site1: 
wins-server = wins-server of site2. Then it is possible to logon
from site1 to the server in site2. The logon script is being executed. 
This seems evident because the logon server2 is found in the
WINS database.

My question:
What's wrong with my lmhosts file? Why is the logon server not found? Or 
other configuration settings?
I also tried adding "a.b.c.d    domain1#1c" to the lmhosts file but
this
did not help either.


Any information would be greatly appricated,

Werner Maes
LUDIT-KULeuven

That scheme is why WINS was developed in the first place.  All machines on
the network should be talking to the same WINS server regardless of the
domain.  that will solve your problem.  The WINS server could be halfway
around the world.  As long as hosts on your network can query it, it'll
work.

Curtis


----- Original Message -----
From: "werner maes" <werner.maes@cc.kuleuven.ac.be>
Newsgroups: comp.protocols.smb,linux.samba
To: <samba@samba.org>
Sent: Friday, January 26, 2001 6:20 AM
Subject: Samba and Lmhosts: HELP NEEDED

>   Hello,
>
> I would like to use an lmhosts file to solve the following problem:
>
> At our university we have different sites with Samba servers. They all
> serve as domain logon servers (and WINS-servers) for several
> domains. People from one departement log on to the Samba server of their
> domain. The problem occurs when
> they go (fysically) to another site where they would like to log on and
> obtain their shares from their homesite.
>
> Therefore I wanted to make an general lmhosts file which has the Netbios
> names of all the logon servers for
> all the domains. This file would be placed on each logon server in
> /etc/lmhosts. On all the logon servers I would
> also have "name resolve order = lmhosts wins bcast".
>
> Example lmhosts file:
>
> a.b.c.d    server1#20 (domain logon server for site1)
> a.b.c.d    domain1#1b
> e.f.g.h    server2#20 (domain logon server for site2)
> e.f.g.h    domain2#1b
>
> The windows clients (win98) are configured according to the specific site.
> Network Neigbourhood: Enable Wins-resolution, wins-server = server1 for
> clients in site1
>
>     wins-server = server 2 for clients in site 2
>
> So a user wants to logon to server2 but who is fysically in site1 (where
> the clients refer to the wins-server of site1).
> He fills in his userid and password and types in his domain (in the
> Client for Microsoft Networks) and tries to logon. THIS FAILS
> Error ==>No domain server was available to validate your password.
>
> TEST: If we change the configuration of the Windows client in site1:
> wins-server = wins-server of site2. Then it is possible to logon
> from site1 to the server in site2. The logon script is being executed.
> This seems evident because the logon server2 is found in the
> WINS database.
>
> My question:
> What's wrong with my lmhosts file? Why is the logon server not found?
Or
> other configuration settings?
> I also tried adding "a.b.c.d    domain1#1c" to the lmhosts file
but this
> did not help either.
>
>
> Any information would be greatly appricated,
>
> Werner Maes
> LUDIT-KULeuven
>
>
>
>
>

Why we don't want to use one central WINS-server?
We have several departements who still want to work (logon)
when the central WINS server is down or when the network connection to the
WINS server is down. When you have one central WINS server for all the domain
servers, you have a 'single point of failure'.

Someone told me that there is a patch available that allows a WINS server
to interact (query) other WINS servers. Have you heard of this?

Thanks alot,

Werner Maes
LUDIT-KULeuven



At 07:35 26/01/2001 -0500, Curtis Maurand wrote:
>That scheme is why WINS was developed in the first place.  All machines on
>the network should be talking to the same WINS server regardless of the
>domain.  that will solve your problem.  The WINS server could be halfway
>around the world.  As long as hosts on your network can query it, it'll
>work.
>
>Curtis

The "remote announce" and "remote browse sync" should allow
a samba
server to communicate its information to another samba server.  

You could use this functionality, it seems, with the notion of a central
WINS server.  When you specify your WINS configuration, you can specify
more than one WINS server.  Configure all of your "local" WINS servers
to "remote announce" themselves to the central server.  Then,
configure
all of your clients to use the central WINS server first.  If that
server is down or they cannot connect to it, then they should fall back
to the secondary WINS server, which you could configure to be the local
WINS server (e.g. server2 for site2).

The remote announce command(s) might look like this..

remote announce = 135.91.10.51/CDomain
remote browse sync = 135.91.10.51

135.91.10.51 should be the ip address of your central WINS server and
"CDomain" should be the domain name of the domain that your central
WINS
server lives in.

I've not actually done this on a large scale.  But, I have used the
remote announce and remote browse sync directives before and they do
work (between Samba WINS servers).   

best of luck,

Bob

werner maes wrote:
> 
>   Hello,
> 
> I would like to use an lmhosts file to solve the following problem:
> 
> At our university we have different sites with Samba servers. They all
> serve as domain logon servers (and WINS-servers) for several
> domains. People from one departement log on to the Samba server of their
> domain. The problem occurs when
> they go (fysically) to another site where they would like to log on and
> obtain their shares from their homesite.
> 
> Therefore I wanted to make an general lmhosts file which has the Netbios
> names of all the logon servers for
> all the domains. This file would be placed on each logon server in
> /etc/lmhosts. On all the logon servers I would
> also have "name resolve order = lmhosts wins bcast".
> 
> Example lmhosts file:
> 
> a.b.c.d    server1#20 (domain logon server for site1)
> a.b.c.d    domain1#1b
> e.f.g.h    server2#20 (domain logon server for site2)
> e.f.g.h    domain2#1b
> 
> The windows clients (win98) are configured according to the specific site.
> Network Neigbourhood: Enable Wins-resolution, wins-server = server1 for
> clients in site1
> 
>     wins-server = server 2 for clients in site 2
> 
> So a user wants to logon to server2 but who is fysically in site1 (where
> the clients refer to the wins-server of site1).
> He fills in his userid and password and types in his domain (in the
> Client for Microsoft Networks) and tries to logon. THIS FAILS
> Error ==>No domain server was available to validate your password.
> 
> TEST: If we change the configuration of the Windows client in site1:
> wins-server = wins-server of site2. Then it is possible to logon
> from site1 to the server in site2. The logon script is being executed.
> This seems evident because the logon server2 is found in the
> WINS database.
> 
> My question:
> What's wrong with my lmhosts file? Why is the logon server not found?
Or
> other configuration settings?
> I also tried adding "a.b.c.d    domain1#1c" to the lmhosts file
but this
> did not help either.
> 
> Any information would be greatly appricated,
> 
> Werner Maes
> LUDIT-KULeuven
--

Saint Joseph's College --  bobd@saintjoe.edu | http://www.saintjoe.edu
-----------------------------------------------------------------------
Administrative Computing Center, Bob Dusek...  219-866-6371

"Always the dullness of the fool is the whetstone of the wits."

		-- William Shakespeare, "As You Like It"

Hello,

This option only seems to work in one direction.
If you enable this option on the local WINS servers and direct
the information towards the central server, you can see that the
central server suddenly is aware of the local servers and holds their
information.
But the opposite is not true: the local servers do not contain the 
information of the central server. It would be great if you have one
central server and several local servers all containing the same WINS
information.

Is it perhaps necessary to also enable the following options on the central
server? I think so...

remote announce = a.b.c.d/Domain1 e.f.g.h/Domain2 ...
remote browse sync = a.b.c.d e.f.g.h ...

Does anybody have an idea about the correct format of the lmhosts file?
I gave an example but I am not sure if it is correct:

a.b.c.d    server1#20 (domain logon server for site1)
a.b.c.d
domain1#1b
e.f.g.h    server2#20 (domain logon server for site2)
e.f.g.h
domain2#1b

Werner

At 07:33 26/01/2001 -0600, Bob Dusek wrote:
>The "remote announce" and "remote browse sync" should
allow a samba
>server to communicate its information to another samba server.  
>
>You could use this functionality, it seems, with the notion of a central
>WINS server.  When you specify your WINS configuration, you can specify
>more than one WINS server.  Configure all of your "local" WINS
servers
>to "remote announce" themselves to the central server.  Then,
configure
>all of your clients to use the central WINS server first.  If that
>server is down or they cannot connect to it, then they should fall back
>to the secondary WINS server, which you could configure to be the local
>WINS server (e.g. server2 for site2).
>
>The remote announce command(s) might look like this..
>
>remote announce = 135.91.10.51/CDomain
>remote browse sync = 135.91.10.51
>
>135.91.10.51 should be the ip address of your central WINS server and
>"CDomain" should be the domain name of the domain that your
central WINS
>server lives in.
>
>I've not actually done this on a large scale.  But, I have used the
>remote announce and remote browse sync directives before and they do
>work (between Samba WINS servers).   
>
>best of luck,
>
>Bob