Interdomain trust with different WINS servers
in [Samba]
|
Prev: [Samba] smb/cifs share network speed testing
Next: One user can't login on PDC without a network connection
From: tms3 on 26 May 2010 09:10 > > --- Original message --- > Subject: [Samba] Interdomain trust with different WINS servers > From: Juan Asensio Sánchez <okelet(a)gmail.com> > To: <samba(a)lists.samba.org> > Date: Wednesday, 26/05/2010 2:32 AM > > Hi > > I am trying to stablish a relation between two different Samba > domains. Each > domain has two PDCs, all they are WINS servers, and the two domains > are in > different subnets. SNIP > > > Well, I know this is normal because servers of DOM2 don't know > anything > about DOM1. I suppose I will have to add the entries of the two > servers of > DOM1 in lmhosts, and the entry for the own domain, but i can't get it > to > work. Now, my lmhosts is this: According to the online manual, as well as much experience with this, you MUST use the same WINS server for all servers for this to work. Cheers, TMS III > > > > 127.0.0.1 localhost > > 1.1.1.1 DOM1-S1 > 1.1.1.2 DOM1-S2 > > 1.1.1.1 DOM1.CORP > 1.1.1.2 DOM1.CORP > > But the previuos command gives error again. Even if I run nmblookup > querying > the servers or the domain, i get errors: > > DOM2-S1$ nmblookup -R -U localhost 'DOM1.CORP' > added interface ip=1.1.2.1 bcast=1.1.2.255 nmask=255.255.255.0 > querying DOM1.CORP on 127.0.0.1 > name_query failed to find name DOM1.CORP > > Is this the right way to stablish the relationship? How should I add > the > entries to the lmhosts file? > > Regards and thanks in advance. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Gaiseric Vandal on 27 May 2010 08:50 I think the syntax may be the same as for Microsoft lmhosts http://support.microsoft.com/kb/314108 On 05/26/2010 05:35 AM, Juan Asensio Sánchez wrote: > Hi > > I am trying to stablish a relation between two different Samba domains. Each > domain has two PDCs, all they are WINS servers, and the two domains are in > different subnets. They are configured to use LDAP as the user/group/machine > database. First, I will create the relation, being DOM1.CORP the trusted > domain, and DOM2.CORP the trusting domain, so in a server of DOM1.CORP, I > create a user this way: > > DOM1-S1$ /usr/bin/perl -w /opt/ldap/smbldap-tools/bin/smbldap-useradd -W -t > 5 'DOM1.CORP$' > DOM1-S1$ smbpasswd -i DOM1.CORP$ > > The two commands are OK, and the domain account is created in LDAP, in > ou=Computers. I can see the machine in "getent passwd". Now, in a server of > the trusting domain, i run the command: > > DOM2-S1$ net rpc trustdom establish 'DOM1.CORP' > [2010/05/26 11:21:03, 0] utils/net_rpc.c:rpc_trustdom_establish(5647) > Couldn't find domain controller for domain DOM1.CORP > > Well, I know this is normal because servers of DOM2 don't know anything > about DOM1. I suppose I will have to add the entries of the two servers of > DOM1 in lmhosts, and the entry for the own domain, but i can't get it to > work. Now, my lmhosts is this: > > 127.0.0.1 localhost > > 1.1.1.1 DOM1-S1 > 1.1.1.2 DOM1-S2 > > 1.1.1.1 DOM1.CORP > 1.1.1.2 DOM1.CORP > > But the previuos command gives error again. Even if I run nmblookup querying > the servers or the domain, i get errors: > > DOM2-S1$ nmblookup -R -U localhost 'DOM1.CORP' > added interface ip=1.1.2.1 bcast=1.1.2.255 nmask=255.255.255.0 > querying DOM1.CORP on 127.0.0.1 > name_query failed to find name DOM1.CORP > > Is this the right way to stablish the relationship? How should I add the > entries to the lmhosts file? > > Regards and thanks in advance. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Juan Asensio Sánchez on 14 Jun 2010 03:10 I have tried with lots of lmhosts formats, but it looks nmbd is ignoring the lmhosts file when trying to resolve hostnames using nmblookup. nmblookup gives the correct data when the name of the machine is in the DNS server. So now, i wonder if the trust relationship could be done using entries of DNS server, but i don't know what format must have these entries in the ldap server. I know the documentation says that all servers must use the same WINS server, but in our case this is impossible. All we can do is configure Samba so the WINS server all use the same DNS server. Any idea or help how to configure this? Regards. 2010/5/27 Gaiseric Vandal <gaiseric.vandal(a)gmail.com> > I think the syntax may be the same as for Microsoft lmhosts > > http://support.microsoft.com/kb/314108 > > > > > > On 05/26/2010 05:35 AM, Juan Asensio Sánchez wrote: > >> Hi >> >> I am trying to stablish a relation between two different Samba domains. >> Each >> domain has two PDCs, all they are WINS servers, and the two domains are in >> different subnets. They are configured to use LDAP as the >> user/group/machine >> database. First, I will create the relation, being DOM1.CORP the trusted >> domain, and DOM2.CORP the trusting domain, so in a server of DOM1.CORP, I >> create a user this way: >> >> DOM1-S1$ /usr/bin/perl -w /opt/ldap/smbldap-tools/bin/smbldap-useradd -W >> -t >> 5 'DOM1.CORP$' >> DOM1-S1$ smbpasswd -i DOM1.CORP$ >> >> The two commands are OK, and the domain account is created in LDAP, in >> ou=Computers. I can see the machine in "getent passwd". Now, in a server >> of >> the trusting domain, i run the command: >> >> DOM2-S1$ net rpc trustdom establish 'DOM1.CORP' >> [2010/05/26 11:21:03, 0] utils/net_rpc.c:rpc_trustdom_establish(5647) >> Couldn't find domain controller for domain DOM1.CORP >> >> Well, I know this is normal because servers of DOM2 don't know anything >> about DOM1. I suppose I will have to add the entries of the two servers of >> DOM1 in lmhosts, and the entry for the own domain, but i can't get it to >> work. Now, my lmhosts is this: >> >> 127.0.0.1 localhost >> >> 1.1.1.1 DOM1-S1 >> 1.1.1.2 DOM1-S2 >> >> 1.1.1.1 DOM1.CORP >> 1.1.1.2 DOM1.CORP >> >> But the previuos command gives error again. Even if I run nmblookup >> querying >> the servers or the domain, i get errors: >> >> DOM2-S1$ nmblookup -R -U localhost 'DOM1.CORP' >> added interface ip=1.1.2.1 bcast=1.1.2.255 nmask=255.255.255.0 >> querying DOM1.CORP on 127.0.0.1 >> name_query failed to find name DOM1.CORP >> >> Is this the right way to stablish the relationship? How should I add the >> entries to the lmhosts file? >> >> Regards and thanks in advance. >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Tom Reijnders on 14 Jun 2010 03:50 Ehmm, isn't nmblookup ignoring the lmhosts file, like nslookup ignores the hosts file? Juan Asensio Sánchez schreef: > I have tried with lots of lmhosts formats, but it looks nmbd is ignoring the > lmhosts file when trying to resolve hostnames using nmblookup. nmblookup > gives the correct data when the name of the machine is in the DNS server. > > So now, i wonder if the trust relationship could be done using entries of > DNS server, but i don't know what format must have these entries in the ldap > server. > > I know the documentation says that all servers must use the same WINS > server, but in our case this is impossible. All we can do is configure Samba > so the WINS server all use the same DNS server. > > Any idea or help how to configure this? > > Regards. > > > 2010/5/27 Gaiseric Vandal <gaiseric.vandal(a)gmail.com> > > >> I think the syntax may be the same as for Microsoft lmhosts >> >> http://support.microsoft.com/kb/314108 >> >> >> >> >> >> On 05/26/2010 05:35 AM, Juan Asensio Sánchez wrote: >> >> >>> Hi >>> >>> I am trying to stablish a relation between two different Samba domains. >>> Each >>> domain has two PDCs, all they are WINS servers, and the two domains are in >>> different subnets. They are configured to use LDAP as the >>> user/group/machine >>> database. First, I will create the relation, being DOM1.CORP the trusted >>> domain, and DOM2.CORP the trusting domain, so in a server of DOM1.CORP, I >>> create a user this way: >>> >>> DOM1-S1$ /usr/bin/perl -w /opt/ldap/smbldap-tools/bin/smbldap-useradd -W >>> -t >>> 5 'DOM1.CORP$' >>> DOM1-S1$ smbpasswd -i DOM1.CORP$ >>> >>> The two commands are OK, and the domain account is created in LDAP, in >>> ou=Computers. I can see the machine in "getent passwd". Now, in a server >>> of >>> the trusting domain, i run the command: >>> >>> DOM2-S1$ net rpc trustdom establish 'DOM1.CORP' >>> [2010/05/26 11:21:03, 0] utils/net_rpc.c:rpc_trustdom_establish(5647) >>> Couldn't find domain controller for domain DOM1.CORP >>> >>> Well, I know this is normal because servers of DOM2 don't know anything >>> about DOM1. I suppose I will have to add the entries of the two servers of >>> DOM1 in lmhosts, and the entry for the own domain, but i can't get it to >>> work. Now, my lmhosts is this: >>> >>> 127.0.0.1 localhost >>> >>> 1.1.1.1 DOM1-S1 >>> 1.1.1.2 DOM1-S2 >>> >>> 1.1.1.1 DOM1.CORP >>> 1.1.1.2 DOM1.CORP >>> >>> But the previuos command gives error again. Even if I run nmblookup >>> querying >>> the servers or the domain, i get errors: >>> >>> DOM2-S1$ nmblookup -R -U localhost 'DOM1.CORP' >>> added interface ip=1.1.2.1 bcast=1.1.2.255 nmask=255.255.255.0 >>> querying DOM1.CORP on 127.0.0.1 >>> name_query failed to find name DOM1.CORP >>> >>> Is this the right way to stablish the relationship? How should I add the >>> entries to the lmhosts file? >>> >>> Regards and thanks in advance. >>> >>> >>> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >> -- Tom Reijnders TOR Informatica Chopinlaan 27 5242HM Rosmalen Tel: 073 5226191 Fax: 073 5226196 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Juan Asensio Sánchez on 14 Jun 2010 04:50
If I am not wrong, "nmblookup -U" connects to a WINS server, which is configured "name resolve order = lmhosts wins hosts bcast", so i think nmbd will try to find the requested name first in lmhosts, then in the wins database, and so on. I have not said nothing about nslookup, but i think its behavior is like "nmblooup -U" (it does not use directly hosts, as nmblookup dos not use directly lmhosts, or am I wrong?) Regards. 2010/6/14 Tom Reijnders <reijnders(a)tor.nl> > Ehmm, isn't nmblookup ignoring the lmhosts file, like nslookup ignores the > hosts file? > > Juan Asensio Sánchez schreef: > > I have tried with lots of lmhosts formats, but it looks nmbd is ignoring >> the >> lmhosts file when trying to resolve hostnames using nmblookup. nmblookup >> gives the correct data when the name of the machine is in the DNS server. >> >> So now, i wonder if the trust relationship could be done using entries of >> DNS server, but i don't know what format must have these entries in the >> ldap >> server. >> >> I know the documentation says that all servers must use the same WINS >> server, but in our case this is impossible. All we can do is configure >> Samba >> so the WINS server all use the same DNS server. >> >> Any idea or help how to configure this? >> >> Regards. >> >> >> 2010/5/27 Gaiseric Vandal <gaiseric.vandal(a)gmail.com> >> >> >> >>> I think the syntax may be the same as for Microsoft lmhosts >>> >>> http://support.microsoft.com/kb/314108 >>> >>> >>> >>> >>> >>> On 05/26/2010 05:35 AM, Juan Asensio Sánchez wrote: >>> >>> >>> >>>> Hi >>>> >>>> I am trying to stablish a relation between two different Samba domains. >>>> Each >>>> domain has two PDCs, all they are WINS servers, and the two domains are >>>> in >>>> different subnets. They are configured to use LDAP as the >>>> user/group/machine >>>> database. First, I will create the relation, being DOM1.CORP the trusted >>>> domain, and DOM2.CORP the trusting domain, so in a server of DOM1.CORP, >>>> I >>>> create a user this way: >>>> >>>> DOM1-S1$ /usr/bin/perl -w /opt/ldap/smbldap-tools/bin/smbldap-useradd -W >>>> -t >>>> 5 'DOM1.CORP$' >>>> DOM1-S1$ smbpasswd -i DOM1.CORP$ >>>> >>>> The two commands are OK, and the domain account is created in LDAP, in >>>> ou=Computers. I can see the machine in "getent passwd". Now, in a server >>>> of >>>> the trusting domain, i run the command: >>>> >>>> DOM2-S1$ net rpc trustdom establish 'DOM1.CORP' >>>> [2010/05/26 11:21:03, 0] utils/net_rpc.c:rpc_trustdom_establish(5647) >>>> Couldn't find domain controller for domain DOM1.CORP >>>> >>>> Well, I know this is normal because servers of DOM2 don't know anything >>>> about DOM1. I suppose I will have to add the entries of the two servers >>>> of >>>> DOM1 in lmhosts, and the entry for the own domain, but i can't get it to >>>> work. Now, my lmhosts is this: >>>> >>>> 127.0.0.1 localhost >>>> >>>> 1.1.1.1 DOM1-S1 >>>> 1.1.1.2 DOM1-S2 >>>> >>>> 1.1.1.1 DOM1.CORP >>>> 1.1.1.2 DOM1.CORP >>>> >>>> But the previuos command gives error again. Even if I run nmblookup >>>> querying >>>> the servers or the domain, i get errors: >>>> >>>> DOM2-S1$ nmblookup -R -U localhost 'DOM1.CORP' >>>> added interface ip=1.1.2.1 bcast=1.1.2.255 nmask=255.255.255.0 >>>> querying DOM1.CORP on 127.0.0.1 >>>> name_query failed to find name DOM1.CORP >>>> >>>> Is this the right way to stablish the relationship? How should I add the >>>> entries to the lmhosts file? >>>> >>>> Regards and thanks in advance. >>>> >>>> >>>> >>>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> >>> >>> >> > -- > Tom Reijnders > TOR Informatica > Chopinlaan 27 > 5242HM Rosmalen > Tel: 073 5226191 > Fax: 073 5226196 > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |