Bug 36089 - Add "name resolve order" to smb.conf
Add "name resolve order" to smb.conf
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Samba4
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.2-2-errata
Assigned To: Jannik Ahlers
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-10-07 17:11 CEST by Arvid Requate
Modified: 2017-10-18 12:02 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
requate: Patch_Available+


Attachments
Set "name resolve order" in smb.conf via samba.conf.d/10global (827 bytes, patch)
2016-09-15 09:27 CEST, Lukas Oyen
Details | Diff
Set "name resolve order" in smb.conf via new ucr variable samba/name/resolve/order (2.15 KB, patch)
2016-09-15 09:28 CEST, Lukas Oyen
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2014-10-07 17:11:24 CEST
In samba 4.2 the default for the parameter "name resolve order" was changed to match the manual page:

Before it was "wins host bcast", now it is "lmhosts wins host bcast".

Ad debug level 4 this results in the following messages when running any samba relates tool (univention-s4search etc.):

==============================================================================
resolve_lmhosts: Attempting lmhosts lookup for name master50.ar40i1.qa<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
==============================================================================

This is just a minor thing, but reading the manapage shows another:
==============================================================================
       When Samba is functioning in ADS security mode (security = ads) it is advised to use following settings for name resolve order:

       name resolve order = wins bcast

       DC lookups will still be done via DNS, but fallbacks to netbios names will not inundate your DNS servers with needless querys for DOMAIN<0x1c> lookups.
==============================================================================

So maybe we should configure this parameter accordingly:

* Samba4 DC:  name resolve order = wins host bcast
* Samba/AD member joined with security=ADS: name resolve order = wins bcast
Comment 1 Stephan Hendl 2016-07-04 14:44:28 CEST
Well, there should be a new UCR variable introduced in order to distribute this configuration via a policy.
Comment 2 Lukas Oyen univentionstaff 2016-09-15 09:27:40 CEST
Created attachment 8009 [details]
Set "name resolve order" in smb.conf via samba.conf.d/10global
Comment 3 Lukas Oyen univentionstaff 2016-09-15 09:28:18 CEST
Created attachment 8010 [details]
Set "name resolve order" in smb.conf via new ucr variable samba/name/resolve/order
Comment 4 Jannik Ahlers univentionstaff 2017-09-28 11:14:30 CEST
applied patch from Comment 3.
Comment 5 Felix Botner univentionstaff 2017-10-10 13:41:58 CEST
updated to univention-samba4 package from errata4.2-2 but no samba/name/resolve/order ucr var

debian/changelog has not been updated !!!!

seems that the univention-samba4 package has not been built with the changes 

Please keep in mind, every time you merge something to the ucs branch (4.2-2 in this case) the debian/changelog has to be updated (new package version) and you have to import/build the package
Comment 6 Jannik Ahlers univentionstaff 2017-10-16 09:50:19 CEST
updated debian/changelog and built the package
Comment 7 Felix Botner univentionstaff 2017-10-16 13:50:21 CEST
OK - template
OK - defaults
OK - ucr description
OK - yaml
Comment 8 Arvid Requate univentionstaff 2017-10-18 12:02:40 CEST
<http://errata.software-univention.de/ucs/4.2/200.html>