thanks for the responses. each one of them is telling me that i don't
have a technical solution to this problem. does anyone disagree that
there is *no* technical solution to this problem? (i am expanding the
cross-post to another group to see of there might be someone who has
found a *technical* solution to this problem)
> The master browser is not connected to login in domains. master browsers are
> not used if you use DNS instead of wins.
"Network Neighborhood" window.
Is that a known fact?Quote:> There is also no way to stop other systems to steal the master browser from a
> windows box, so where is the point?
Would a Windoze 2000 server also lose the domain master status to his
laptop?
i.e. WINS can ensure that NetBIOS name resolution passes through myQuote:> > BTW i added WINS to the dhcpd.conf by adding "netbios-name-servers
> > [addr of samba server" in the hopes that it would override any other
> > rogue browser server trying to answer NETBIOS requests from the
> > windoze machines.
> It will only be used on those clients which have no wins browser set.
> But this can easyly be enforced. Make shure it is company policy to use wins
> and do not support PCs which do not use wins.
SAMBA server. However, how does this ensure that the SAMBA server
maintains its master browser status and is the server of choice for
logins? in my understanding, a WINS server is not necessarily a
master browser.
i need a second opinion, doc.Quote:> You problem has no technical solution.
> regardless of the OSlevel and preferred attributes and want to
> become local master browser, which seems to annoy samba (2.2.3a now)
> so that it refuses to become domain master after a restart of the nmbd
> service. I cannot do anything else but unplug the Wfwg from the
> network for a while ....
smbd and nmbd every 24 hours. if i discontinue this practice, will a
machine booting up to oslevel = 65 still be able to abduct the master
browser service?
He is a manager and has the authority to do as he pleases withoutQuote:> >BTW i added WINS to the dhcpd.conf by adding "netbios-name-servers
> >[addr of samba server" in the hopes that it would override any other
> >rogue browser server trying to answer NETBIOS requests from the
> >windoze machines.
> Yes, but this only works if he does use the dhcp in his local
> settings. Otherwise don't give him a IP :)
advising us. He feels he needs to "test" us. He has full support of
management, who are not technical.
> > the guy is a network engineer who deliberately did this to show that
> > Linux Samba cannot handle this kind of situation and maintain its
> > master browser status (says he). he is also a manager.
> Not really: This is not a "Linux Samba" problem. It's a Microsoft problem
> that Samba can't fix.
But the question was, how does a legitimate NMB master (the LINUXQuote:> It is the client machines that select the master
> browser, *NOT* the servers themselves.
server) prevent the * of *master* login server for the NMB
Domain?
This question might be similar to asking how a DNS server prevents a
rogue machine from abducting the DNS queries.
Am i close to an answer here? is there a way to hardcode a *node
number* or some other *unique identifier* into the NMB requests to
prevent this?
i am thinking of something along the lines of an ether address or a
logical network node address. Can we do this in NetBIOS (i am
assuming NMB == NetBIOS)
i agree, but:Quote:> He should try that on a Micro$not run network and watch the primary domain
> controller explode. Also, if he did this without warning, he should try it
> from the unemployment line: it's like throwing a cherry bomb in the company
> toilet and saying "See? We're at risk from dumb kids!"
they are the leaders.
we are the engineers.
we are the slaves of the ignorant.
i must begin with the premise that they provide.
i cannot alter the fantasy world that they have created for themselves
in the workplace.
it's actually the other way around: he is a good friend of the CEO andQuote:> > If there is no way to prevent another machine from using oslevel = 65
> > and obtaining the master status, then this could be the end of the
> > LINUX machine handling the 70 GIG of data as our fileserver.
> As I said, there is apparently no defense for Micro$not servers, either.
> Consider firing this idiot.
a newcomer to the company and is now the CIO. Me and the other UNIX
guy are preparing our resumes. We refuse to convert any servers to
Windows and if they are converted we cannot be responsible for them
since we do not understand Windows 2000 "secrets." (Who does?)
off-topic: i have a good friend who was an AIX sysadmin at Prudential
and i heard that they fired their UNIX staff and replaced the systems
with Windows 2000. (disclaimer: i do not attest to the true or false
nature of this rumor)
how is it that technical and security "officers" (i as yet do not know
the qualifications of a so-called CIO nor what he actually knows or
does not know nor what his role should be) prefer proprietary systems
which they *cannot* know how they actually work over open source
systems? these are probably the same people who want encryption keys
for the entire world stored in escrow. [end of off-topic paroxysm]