Michael Tokarev
2014-Dec-07 09:24 UTC
[Samba] Runnung samba4 as classic domain controller, win7 thinks it is AD
07.12.2014 11:00, Andrew Bartlett wrote:> On Sat, 2014-12-06 at 21:17 +0300, Michael Tokarev wrote:[]>> Possible, domain name "TLS" is a NetBIOS-name of the domain. >> Verify that the name is correctly registered in WINS.[]>> Now I wonder if samba4 really supports classic NT4-style domains. > > It really is still expected to, and no intentional changes have been > made to that. I suspect a genuine netbios name resolution issue, rather > than something bigger.I asked around about classic NT-style domain support before upgrading samba, and got positive replies. Speaking of netbios name resolution - it's been years (>10) since this setup is working, back at the time I knew various details but not anymore. What name should be registered in wins for the domain to work? I examined browse.dat files on a samba3 DC and this my samba4 DC (both are set up the same way, I just haven't upgraded samba3 yet), and both shows the same name, like this: "TLS" c0001000 "FS" "TLS" "FS" 408d9b0b "tsrv samba server 4.1.11" "TLS" ... Is this c0001000 enough? Speaking of name resolution -- this is a single subnet, 192.168.177.1/26, all machines receive configuration over dhcp, with the following info: netbios-nodetype 2 (peer to peer) netbios-ns $samba-server netbios-dd $samba-server Again, this worked for years, it only broke after I upgraded samba from samba 3.6 to 4.1. So far, only joining domain does not work, at least I haven't seen anything else is broken (well, except of the fix for https://bugzilla.samba.org/show_bug.cgi?id=10297 which broke another use-case around this, I made comments in that bug report). With netbios-nodetype=2, I think it is effectively all or none -- either all registered names works or none. Thanks, /mjt
Michael Tokarev
2014-Dec-07 10:34 UTC
[Samba] (SOLVED) Runnung samba4 as classic domain controller, win7 thinks it is AD
Ok. The prob was, as usual, as stupid as ever possible. My nmbd process hasn't been restarted for a very long time, even if I stopped and restarted samba multiple times. It looks like a prob in the startup script or in samba handling of pidfiles or something -- because `stop' action is unable to find a running "old" nmbd (and there's no pidfile of it), and new nmbd can't be started because it can't bind to the sokets. nmbd logfile is empty for a long time too. So basically I have a stray nmbd which did not do anything useful but prevented real nmbd from starting. Killing it manually and starting real nmbd helped, and now I successfully joined a win7 machine to a classic NT4-style domain running by samba4. So Andrew's suspicion was exactly right. But the cause was, well, fun. Thank you very much for the help! /mjt
Michael Tokarev
2014-Dec-07 10:35 UTC
[Samba] (SOLVED) Runnung samba4 as classic domain controller, win7 thinks it is AD
Ok. The prob was, as usual, as stupid as ever possible. My nmbd process hasn't been restarted for a very long time, even if I stopped and restarted samba multiple times. It looks like a prob in the startup script or in samba handling of pidfiles or something -- because `stop' action is unable to find a running "old" nmbd (and there's no pidfile of it), and new nmbd can't be started because it can't bind to the sokets. nmbd logfile is empty for a long time too. So basically I have a stray nmbd which did not do anything useful but prevented real nmbd from starting. Killing it manually and starting real nmbd helped, and now I successfully joined a win7 machine to a classic NT4-style domain running by samba4. So Andrew's suspicion was exactly right. But the cause was, well, fun. Thank you very much for the help! /mjt
Helmut Hullen
2014-Dec-07 12:22 UTC
[Samba] (SOLVED) Runnung samba4 as classic domain controller, win7 thinks it is AD
Hallo, Michael, Du meintest am 07.12.14:> My nmbd process hasn't been restarted for a very long time, > even if I stopped and restarted samba multiple times. It > looks like a prob in the startup script or in samba handling > of pidfiles or something -- because `stop' action is unable > to find a running "old" nmbd (and there's no pidfile of it), > and new nmbd can't be started because it can't bind to the > sokets. nmbd logfile is empty for a long time too.I use pgrep -l nmbd for such problems. And then killall nmbd (under real linux ...) Viele Gruesse! Helmut