[Dnsmasq-discuss] samba and workgroups with dhcp

Adam Hardy adam.ant at cyberspaceroad.com
Tue Oct 14 08:58:28 BST 2008

Rune Kock on 13/10/08 20:21, wrote:
> I don't think that the Samba-settings you mention matter much for
> whether your network works.
> Windows networking is rather arcane magic, sometimes it works and
> sometimes it doesn't.
> The central problem is how the workstations/servers locate each other.
>  And that will be very different depending on whether you run a small,
> simple lan, or a huge organisation with many network segments.
> There are three mechanisms that can be used:
> 1) Ethernet broadcast.  This is the way that usually "just works".
> However, all machines must be on the same network, and it sometimes
> takes a few minutes from the machine starts until it is visible on the
> net.  Be sure that all machines have unique names.
> 2) WINS server.  You set up one WINS server (Samba can do that), and
> then let your DHCP-server tell the IP-address of the WINS-server to
> the clients.  This is an old fashioned solution, but simple to set up
> and it works well for small/medium size networks.  Again, be sure that
> all machines have unique names.
> 3) DNS.  You set up a Microsoft DNS server, and have all your machines
> register in that.  Non-MS DNS servers can be used, but then the
> machines cannot register themselves, you'll need to configure
> everything.  A basic setup will work with Samba, but you'll need MS
> servers to go all the way (or perhaps Samba 4).  The way that MS
> designed this, it seems that they assumed that every machine has a
> public IP-address; it is very hard to grasp how this is properly
> combined with NAT.  However, it is probably the only way to run a
> really huge setup.
> To elaborate a bit about the settings you mention:
>> workgroup = SAMBA_WORK_GROUP
>> domain master = yes
> These two settings say that Samba should be the Domain Controller of a
> Windows NT domain called SAMBA_WORK_GROUP.
> Windows NT domains are not related to DNS in any way (though Windows
> 2000 domains are).  They are used 1) to allow an administrator to
> centrally configure all participating machines, and 2) to allow a user
> to log on to every participation machine with the same account.  The
> clients must be joined to the domain to get these two advantages.
> If you don't want to use the NT domain functions, you should set
> domain master to no.  Workgroup must still be set -- probably you'll
> want to set it to the same as the workgroup that you have set the
> clients to (My Computer, Properties, Computer Name in Win XP).
>> local master = yes
>> preferred master = yes
> These are related to the way that broadcast is handled, see above.
> The master is a machine that collects the various broadcasted
> information so that a newly booted client has a quick way to get it.
> The machines on the lan vote about who should be the master; local
> master allows Samba to run for master, while preferred master will
> make Samba fight to get chosen.  When you run an NT domain, it is a
> good idea for the domain controller to be master as well.  These
> settings look OK.
> ... hope that I managed to confuse you as much as MS has managed to
> confuse me....

Yes it is more confusing, thanks... :)

Setting "domain master = no" seems to get me a big step further, so I'll keep it 
like that. I have "local master = yes" and "preferred master = yes" but I don't 
think changing them helped much so I'll leave them on "yes".

The 'fighting to be master' issue did manifest itself I think, because for a 
while I could get a connection which would then die after a minute, confusingly. 
But that was before I had configured any of the 'master' options.

Most importantly though you clarified this workgroup thang - I have now set up a 
proper workgroup, although it is funny that this Windows NT feature is so 
important to the Mac. It also seems to get the domain name wrong, thinking its 
hostname is 'sylvie at local' when DHCP should have told it to be 
'sylvie at localdomain', for instance (that's the Mac).

You're probably thinking "what the hell's he's doing?", but it does seem to be a 
bit more controlled now, rather than just randomly functional.

Best regards

More information about the Dnsmasq-discuss mailing list