Table of Contents for
Linux in a Windows World

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Linux in a Windows World by Roderick W Smith Published by O'Reilly Media, Inc., 2005
  1. Cover
  2. Linux in a Windows World
  3. Dedication
  4. Preface
  5. Contents of This Book
  6. Conventions Used in This Book
  7. Using Code Examples
  8. Comments and Questions
  9. Safari Enabled
  10. Acknowledgments
  11. I. Linux’s Place in a Windows Network
  12. 1. Linux’s Features
  13. Linux as a Server
  14. Linux on the Desktop
  15. Comparing Linux and Windows Features
  16. Summary
  17. 2. Linux Deployment Strategies
  18. Linux Desktop Migration
  19. Linux and Thin Clients
  20. Summary
  21. II. Sharing Files and Printers
  22. 3. Basic Samba Configuration
  23. The Samba Configuration File Format
  24. Identifying the Server
  25. Setting Master Browser Options
  26. Setting Password Options
  27. Summary
  28. 4. File and Printer Shares
  29. Printing with CUPS
  30. Creating a Printer Share
  31. Delivering Printer Drivers to Windows Clients
  32. Example Shares
  33. Summary
  34. 5. Managing a NetBIOS Network with Samba
  35. Enabling NBNS Functions
  36. Assuming Master Browser Duties
  37. Summary
  38. 6. Linux as an SMB/CIFS Client
  39. Accessing File Shares
  40. Printing to Printer Shares
  41. Configuring GUI Workgroup Browsers
  42. Summary
  43. III. Centralized Authentication Tools
  44. 7. Using NT Domains for Linux Authentication
  45. Samba Winbind Configuration
  46. PAM and NSS Winbind Options
  47. Winbind in Action
  48. Summary
  49. 8. Using LDAP
  50. Configuring an OpenLDAP Server
  51. Creating a User Directory
  52. Configuring Linux to Use LDAP for Login Authentication
  53. Configuring Windows to Use LDAPfor Login Authentication
  54. Summary
  55. 9. Kerberos Configuration and Use
  56. Linux Kerberos Server Configuration
  57. Kerberos Application Server Configuration
  58. Linux Kerberos Client Configuration
  59. Windows Kerberos Tools
  60. Summary
  61. IV. Remote Login Tools
  62. 10. Remote Text-Mode Administration and Use
  63. SSH Server Configuration
  64. Telnet Server Configuration
  65. Windows Remote-Login Tools
  66. Summary
  67. 11. Running GUI Programs Remotely
  68. Using Remote X Access
  69. Encrypting X by SSH Tunneling
  70. VNC Configuration and Use
  71. Running Windows Programs from Linux
  72. Summary
  73. 12. Linux Thin Client Configurations
  74. Hardware Requirements
  75. Linux as a Server for Thin Clients
  76. Linux as a Thin Client
  77. Summary
  78. V. Additional Server Programs
  79. 13. Configuring Mail Servers
  80. Configuring Sendmail
  81. Configuring Postfix
  82. Configuring POP and IMAP Servers
  83. Scanning for Spam, Worms, and Viruses
  84. Supplementing a Microsoft Exchange Server
  85. Using Fetchmail
  86. Summary
  87. 14. Network Backups
  88. Backing Up the Linux System
  89. Backing Up with Samba
  90. Backing Up with AMANDA
  91. Summary
  92. 15. Managing a Network with Linux
  93. Delivering Names with DNS
  94. Keeping Clocks Synchronized with NTP
  95. Summary
  96. VI. Appendixes
  97. A. Configuring PAM
  98. The PAM Configuration File Format
  99. PAM Modules
  100. Sample PAM Configurations
  101. Summary
  102. B. Linux on the Desktop
  103. Configuring Applications and Environments
  104. Running Windows Programs in Linux
  105. File and Filesystem Compatibility
  106. Font Handling
  107. Summary
  108. Index
  109. Colophon

Assuming Master Browser Duties

Windows networks use a system known as the master browser to help maintain browse lists—lists of computers, the workgroups or domains to which they belong, and the types of services they offer. This may sound a lot like the duty of the NBNS system, but it’s not quite the same. The master browser’s list doesn’t include mappings to IP addresses; it’s used by clients to present lists of computers on the local network in network browsers.

In fact, there are two types of master browser: the domain master browser and the local master browser . The domain master browser is most often associated with networks that use an NT domain configuration, and in such configurations, the domain controller takes on this role. If you use a workgroup configuration, chances are you won’t have a domain master browser. All NetBIOS networks have local master browsers, though. Samba provides configuration options that affect its ability to function in both roles.

The Role of the Master Browser

Master browsers maintain lists of computers and the services they offer. In this context, services refers to the types of SMB/CIFS duties they perform, such as file server, NBNS system, and so on. Master browsers don’t maintain lists of the specific shares offered on particular servers; for that detail, clients must contact the servers themselves.

As mentioned earlier, two types of master browsers exist: local master browsers and domain master browsers. Domain master browsers normally also function as local master browsers. Both types deliver basically the same information, but domain master browsers add more methods of operation.

Local master browsers serve just one subnet on a LAN. The computers on a single subnet automatically determine which system is to function as the local master browser via an election , in which each computer broadcasts a set of credentials to the entire subnet, and the system with the best credentials claims victory. Because of this automatic selection system, you can’t simply set a Samba parameter or two and be sure the system will become a local master browser. You can, however, set Samba parameters that will make it more or less likely to win—ideally, so likely to win that it’s all but a sure thing, if that’s what you desire. You can also tell Samba not to participate in elections, if you like. The next section describes configuring a system to win or lose local master browser elections.

Domain master browsers integrate information from local master browsers on multiple subnets, providing a way to enable browsing across subnets. They’re usually part of an NT domain configuration, although you can configure a domain master browser in a workgroup. You must explicitly configure one computer as a domain master browser; they aren’t selected through an election process. The Section 5.3.3 describes how to do this.

No client-side configuration is required to point clients at either type of master browser. Clients should be able to find local master browsers by using broadcasts. Domain master browsers can be found via any NetBIOS name lookup method.

Winning (or Not Winning) Local Master Browser Elections

The local master browser election process is designed to give local master browser status to the computer that’s best able to handle this duty. Election criteria include the OS version, whether the computer is functioning as a domain controller, whether the computer is functioning as an NBNS system, and so on. The most important factor is the OS version, so adjusting this detail is a critical step in “rigging” an election that you want a Samba server to win. Several other factors are important as well, though. Overall, you should consider these global parameters:

local master

This Boolean parameter tells Samba whether it should participate in local master browser elections. The default value is Yes, so you should change this parameter only if you want to ensure that a server doesn’t become the local master browser.

os level

This parameter sets the OS version. It takes an integer as a value, with higher values making the server more likely to win. OS levels for Microsoft OSs vary; for instance, Windows 9x/Me is 1, Windows 2000 Professional is 16, and Windows 2000 Server is 32—the highest value of any Microsoft OS, at least as of late 2004. Samba’s default os level is 20, so Samba will win over Windows 9x/Me or Windows 2000 Professional by default, but it will lose against Windows 2000 Server. If you want Samba to acquire local master browser status, you should set this value to 33 or above. If your network contains only one Samba server, any value above 32 should work fine. Inexpertly managed Samba servers may have higher values set by mistake, though, so you may need to use a higher value. This may also be necessary to win against future versions of Windows or other OSs. The highest value this parameter accepts is 255.

domain logons

This Boolean parameter is described earlier in this chapter, in Section 5.1.2. The local master browser election procedure gives an edge to domain controllers, but this factor is less important than the OS level.

wins support

This Boolean parameter is also described earlier in this chapter, in Section 5.2.2. A domain master browser doesn’t have to be an NBNS system, but the election criteria give these systems a slight edge.

preferred master

If this Boolean parameter is set to Yes, nmbd calls for an election whenever it’s started, and periodically thereafter. This setting also gives the server a slight boost in the election. The default value is No.

Warning

Setting preferred master = Yes inappropriately can cause problems because master browser elections take time, during which browsing ceases to function. Therefore, you should be sure that you don’t use this setting on a system unless you’re reasonably sure it will win the election (by setting a high os level value).

browse list

The default for this Boolean parameter is Yes, which causes Samba to maintain a browse list for the network. Maintaining the browse list does no harm if the computer doesn’t function as a master browser, so there’s normally no need to change this option. If you do set it to No, the system won’t participate in browser elections.

The os level parameter trumps all the others, aside from local master and browse list. That is, in a contest between computers with os level parameters set to say, 32 and 33, the system with os level = 33 will win every master browser election, even if the other system is configured with domain logons = Yes, wins support = Yes, and preferred master = Yes. Overall, you can be fairly certain that a system will function as a local master browser if you set options like these in the [global] section of smb.conf:

local master = Yes
preferred master = Yes
os level = 64

If your network has some Samba systems with inappropriately high os level parameters, you may need to increase that value. (On the other hand, tracking down the offending systems and fixing their configurations may be a preferable solution.) If the computer also functions as a domain controller or NBNS system, you may need to set appropriate options for those functions, too. These settings shouldn’t be necessary to have the system take on local master browser duties, though.

Configuring Samba Domain Master Browser Features

The domain master browser isn’t elected by all the computers on the network; it’s assigned by a network administrator. For this reason, Samba provides a parameter that tells Samba to take on this duty: domain master. This parameter is a global Boolean, and you should be careful about setting it. Don’t set this parameter to Yes if you’re not certain the system should be functioning as a domain master browser; do set it to Yes if the computer takes on this role.

Normally, the domain controller takes on domain master browser duties. Some workgroup configurations also use domain master browsers, even though they don’t have domain controllers. This configuration can be helpful if your network spans multiple subnets, but you don’t want to use a full domain configuration.

You should be sure to configure a domain master browser to win the local master browser election for its subnet, as described in the previous section. That section describes some options related to domain controller status as factors in browser elections; however, these factors are small ones, and they’re completely irrelevant if two systems’ OS levels don’t match. Thus, you should be sure your domain controller has the highest os level parameter of any computer on the network.