Upgrading Windows Networking

    Once again I made a domain controller from samba and failed to make the domain computers have a normal network environment.

    A little google, it’s not that I didn’t find solutions, but I came across one article that inspired me a lot. Unfortunately, I could not realize the contents of the article in my office, because I don’t run office computers in DNS (no need), but there is isc-dhcpd, which has everything that is needed. As a result, a script was born ( link once and link two ), which does the following:
    1. scans the network specified in the $ network variable on port 139 with a connection timeout of 0.01 seconds, which allows you to run through / 24 networks of 255 addresses in a few seconds;
    2. if it detects the address where the port is open, then it asks isc-dhcpd for information on this address through omshell;
    3. if there is information, then it is added to sambovsky browse.dat.
    As a result, we have:
    • lack of garbage in a networked environment: all office network computers in one workgroup;
    • lack of brakes when opening a network environment;
    • any frequency of updating the list of computers in the network environment.
    But there is one drawback: in a networked environment you will not see descriptions of computers: there is nowhere to get them. If anyone has ideas where to get descriptions of computers for a networked environment, please write in the comments. As an option, you can take a book and insert random combinations of words from it into the descriptions of computers in a network environment with each new start. It will be useless, but funny.

    In order for all this to take off, OMAPI must be enabled in isc-dhcp. To do this, add the following lines to the config:
    key keyname {algorithm hmac-md5; secret "keyself"; }
    omapi-port 7911;
    omapi-key keyname;
    

    The key itself can be generated, for example, using the generator from named:
    dnssec-keygen -a HMAC-MD5 -b 256 -n HOST keyname

    After restarting dhcpd, this daemon should listen, among other things, to port 7911 via tcp protocol. Now just in case, let's check how OMAPI works:
    omshell
    > server 192.168.10.2
    > port 7911
    > key keyname keyself
    > connect
    obj: 
    > new lease
    obj: lease
    > set ip-address = 192.168.10.99
    obj: lease
    ip-address = c0: a8: 0a: 63
    > open
    obj: lease
    ip-address = c0: a8: 0a: 63
    state = 00: 00: 00: 02
    dhcp-client-identifier = 01: 00: 21: 63: d1: b2: 54
    client-hostname = "rooot"
    subnet = 00: 00: 00: 03
    pool = 00: 00: 00: 04
    hardware-address = 00: 21: 63: d1: b2: 54
    hardware-type = 00: 00: 00: 01
    ends = 4b: 0f: c2: 98
    starts = 4b: 0f: c1: 6c
    tstp = 00: 00: 00: 00
    tsfp = 00: 00: 00: 00
    atsfp = 00: 00: 00: 00
    cltt = 00: 00: 00: 00
    
    what is marked with a ">" are my commands, the rest are omshell answers. As you can see, I received a record of information about my computer.

    In addition, the above script writes data in utf-8 to browse.dat, which means that in smb.conf this should be:
    display charset = utf-8
    unix charset = utf-8
    dos charset = cp866
    
    If in your smb.conf the first two variables have a value different from utf-8, then you need to find the substring “utf-8” in the script text and change it to what is used with you.

    And finally, a brief description of the parameters from the script:
    $ network = '192.168.10.0/24'the network the script will scan
    $ dhcp_server = '192.168.10.2'dhcp server address to which the script will access via omshell
    $ dhcp_server_timeout = '1'timeout that is set for responses from dhcpd via omshell
    $ dhcp_key = 'maverick dhcp_key'key that we generated using dnssec-keygen
    $ browser_file = '/var/db/samba/browse.dat'in this sambov file, the script will add the resulting list of computers for the network environment - for what everything was started
    $ browser_domainyour domain name
    $ browser_headbrowse.dat file header. usually should include a description of the domain and its controller
    I will not tell how to configure isc-dhcpd for address distribution and samba as a domain controller. There are more than enough how-tos on the net on this subject.

    Also popular now: