From 4a090ba06a54f5da179ac02bb307cc03d08831bf Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 16 Jul 2003 05:34:56 +0000 Subject: trying to get HEAD building again. If you want the code prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad) --- .../smbdotconf/protocol/nameresolveorder.xml | 24 ++++++++++++++++------ docs/docbook/smbdotconf/protocol/usespnego.xml | 2 +- 2 files changed, 19 insertions(+), 7 deletions(-) (limited to 'docs/docbook/smbdotconf/protocol') diff --git a/docs/docbook/smbdotconf/protocol/nameresolveorder.xml b/docs/docbook/smbdotconf/protocol/nameresolveorder.xml index 897d04ad1c..4e88495489 100644 --- a/docs/docbook/smbdotconf/protocol/nameresolveorder.xml +++ b/docs/docbook/smbdotconf/protocol/nameresolveorder.xml @@ -5,7 +5,8 @@ This option is used by the programs in the Samba suite to determine what naming services to use and in what order - to resolve host names to IP addresses. The option takes a space + to resolve host names to IP addresses. Its main purpose to is to + control how netbios name resolution is performed. The option takes a space separated string of name resolution options. The options are: "lmhosts", "host", @@ -16,7 +17,8 @@ lmhosts : Lookup an IP address in the Samba lmhosts file. If the line in lmhosts has - no name type attached to the NetBIOS name (see the lmhosts(5) for details) then + no name type attached to the NetBIOS name (see the lmhosts(5) for details) then any name type matches for lookup. @@ -26,9 +28,10 @@ , NIS, or DNS lookups. This method of name resolution is operating system depended for instance on IRIX or Solaris this may be controlled by the /etc/nsswitch.conf - file. Note that this method is only used if the NetBIOS name - type being queried is the 0x20 (server) name type, otherwise - it is ignored. + file. Note that this method is used only if the NetBIOS name + type being queried is the 0x20 (server) name type or 0x1c (domain controllers). + The latter case is only useful for active directory domains and results in a DNS + query for the SRV RR entry matching _ldap._tcp.domain. @@ -50,9 +53,18 @@ Default: name resolve order = lmhosts host wins bcast Example: name resolve order = lmhosts bcast host - + This will cause the local lmhosts file to be examined first, followed by a broadcast attempt, followed by a normal system hostname lookup. + + When Samba is functioning in ADS security mode (security = ads) + it is advised to use following settings for name resolve order: + + name resolve order = wins bcast + + DC lookups will still be done via DNS, but fallbacks to netbios names will + not inundate your DNS servers with needless querys for DOMAIN<0x1c> lookups. + diff --git a/docs/docbook/smbdotconf/protocol/usespnego.xml b/docs/docbook/smbdotconf/protocol/usespnego.xml index 88c9f1df7a..7dddbd3f74 100644 --- a/docs/docbook/smbdotconf/protocol/usespnego.xml +++ b/docs/docbook/smbdotconf/protocol/usespnego.xml @@ -5,7 +5,7 @@ This variable controls controls whether samba will try to use Simple and Protected NEGOciation (as specified by rfc2478) with - WindowsXP and Windows2000sp2 clients to agree upon an authentication mechanism. + WindowsXP and Windows2000 clients to agree upon an authentication mechanism. Unless further issues are discovered with our SPNEGO implementation, there is no reason this should ever be disabled. -- cgit