Upgrading Windows Networking
Once again I made a domain controller from samba and failed to make the domain computers have a normal network environment.
A little google, it’s not that I didn’t find solutions, but I came across one article that inspired me a lot. Unfortunately, I could not realize the contents of the article in my office, because I don’t run office computers in DNS (no need), but there is isc-dhcpd, which has everything that is needed. As a result, a script was born ( link once and link two ), which does the following:
In order for all this to take off, OMAPI must be enabled in isc-dhcp. To do this, add the following lines to the config:
The key itself can be generated, for example, using the generator from named:
After restarting dhcpd, this daemon should listen, among other things, to port 7911 via tcp protocol. Now just in case, let's check how OMAPI works:
In addition, the above script writes data in utf-8 to browse.dat, which means that in smb.conf this should be:
And finally, a brief description of the parameters from the script:
I will not tell how to configure isc-dhcpd for address distribution and samba as a domain controller. There are more than enough how-tos on the net on this subject.
A little google, it’s not that I didn’t find solutions, but I came across one article that inspired me a lot. Unfortunately, I could not realize the contents of the article in my office, because I don’t run office computers in DNS (no need), but there is isc-dhcpd, which has everything that is needed. As a result, a script was born ( link once and link two ), which does the following:
- scans the network specified in the $ network variable on port 139 with a connection timeout of 0.01 seconds, which allows you to run through / 24 networks of 255 addresses in a few seconds;
- if it detects the address where the port is open, then it asks isc-dhcpd for information on this address through omshell;
- if there is information, then it is added to sambovsky browse.dat.
- lack of garbage in a networked environment: all office network computers in one workgroup;
- lack of brakes when opening a network environment;
- any frequency of updating the list of computers in the network environment.
In order for all this to take off, OMAPI must be enabled in isc-dhcp. To do this, add the following lines to the config:
key keyname {algorithm hmac-md5; secret "keyself"; } omapi-port 7911; omapi-key keyname;
The key itself can be generated, for example, using the generator from named:
dnssec-keygen -a HMAC-MD5 -b 256 -n HOST keyname
After restarting dhcpd, this daemon should listen, among other things, to port 7911 via tcp protocol. Now just in case, let's check how OMAPI works:
omshell > server 192.168.10.2 > port 7911 > key keyname keyself > connect obj:what is marked with a ">" are my commands, the rest are omshell answers. As you can see, I received a record of information about my computer.> new lease obj: lease > set ip-address = 192.168.10.99 obj: lease ip-address = c0: a8: 0a: 63 > open obj: lease ip-address = c0: a8: 0a: 63 state = 00: 00: 00: 02 dhcp-client-identifier = 01: 00: 21: 63: d1: b2: 54 client-hostname = "rooot" subnet = 00: 00: 00: 03 pool = 00: 00: 00: 04 hardware-address = 00: 21: 63: d1: b2: 54 hardware-type = 00: 00: 00: 01 ends = 4b: 0f: c2: 98 starts = 4b: 0f: c1: 6c tstp = 00: 00: 00: 00 tsfp = 00: 00: 00: 00 atsfp = 00: 00: 00: 00 cltt = 00: 00: 00: 00
In addition, the above script writes data in utf-8 to browse.dat, which means that in smb.conf this should be:
display charset = utf-8 unix charset = utf-8 dos charset = cp866If in your smb.conf the first two variables have a value different from utf-8, then you need to find the substring “utf-8” in the script text and change it to what is used with you.
And finally, a brief description of the parameters from the script:
$ network = '192.168.10.0/24' | the network the script will scan |
$ dhcp_server = '192.168.10.2' | dhcp server address to which the script will access via omshell |
$ dhcp_server_timeout = '1' | timeout that is set for responses from dhcpd via omshell |
$ dhcp_key = 'maverick dhcp_key' | key that we generated using dnssec-keygen |
$ browser_file = '/var/db/samba/browse.dat' | in this sambov file, the script will add the resulting list of computers for the network environment - for what everything was started |
$ browser_domain | your domain name |
$ browser_head | browse.dat file header. usually should include a description of the domain and its controller |