Colleagues-
I'm experiencing a very odd problem that seems to be the root of some
cross-subnet domain logon / browsing problems I am experiencing.
Basically, I have a Samba 3.0.8 box acting as a PDC and WINS server for
an NT style domain that is primarily on one subnet, but has a few users
on others. On subnets other than the one the server resides on, domain
logons fail sporadically. Sometimes it takes 3-4 tries before it will
logon, but once it does, it works fine. The error that the users get is
that their password is incorrect or logon has been denied, or that a
domain server cannot be found.
I have discovered that in the wins.dat file on this machine the entries
for itself and for the domain it is processing logons for contains some
IP addresses that do not exist. Here are the relevant entries from
wins.dat (with the real IP replaced with x.x.x.x):
"OAK#00" 1107196727 x.x.x.x 192.168.0.3 192.168.0.1 66R
"OAK#03" 1107196727 x.x.x.x 192.168.0.3 192.168.0.1 66R
"OAK#20" 1107196727 x.x.x.x 192.168.0.3 192.168.0.1 66R
"SLSD#1b" 1107196727 x.x.x.x 192.168.0.3 64R
"SLSD#1c" 1107196727 x.x.x.x 192.168.0.1 e4R
"SLSD" is the domain, and "OAK" is the logon server for that
domain.
Other than replacing my real IP with x.x.x.x, those lines are untouched.
Any idea where these 192.168.0.x addresses might be coming from? I only
use that IP range on a heavily firewalled subnet in my shop, and this
machine should have nothing to do with it. I am hoping that if I can get
rid of the spurious WINS entries that my domain logons in other subnets
will become more reliable. Does it look like this might be the right
track? I tried manually removing those addresses from the file, but they
re-appeared after restarting nmbd...
--
-Best Regards-
-Quentin Hartman-
Technology Coordinator
South Lane School District 45j3
Cottage Grove, Oregon
(541)767-3778
http://www.slane.k12.or.us