[plug] Samba as a PDC

Jon Miller jlmiller at mmtnetworks.com.au
Mon Dec 12 10:23:39 WST 2005

Have a read of this:
Browser Elections

When no master browser is running on the subnet, potential browsers choose a new master browser among themselves in a process called an election. An election is started by a computer in the subnet when it discovers that no master browser is currently running. If a master browser is shut down gracefully, it will broadcast an election request datagram, initiating an election by the remaining computers. If the master browser fails, the election can be started by a client computer that requests a list of backup browsers from the master browser or by a backup browser that requests to have its browse list updated from the master browser. In each case, the system fails to receive a reply from the master browser and initiates the election.

Browser elections are decided in multiple rounds of self-elimination. During each round, potential browsers broadcast election request datagrams containing their qualifications to notify other potential browsers that an election is happening and that if the recipient is more qualified, it should also broadcast a bid. When a potential browser receives an election request datagram from a more qualified opponent, it drops out, disqualifying itself from becoming the master browser. Otherwise, it responds with its own election request datagram. After a few rounds, only one potential browser is left in the election. After an additional four rounds of sending out an election request datagram and receiving no response, it becomes the master browser and sends a broadcast datagram announcing itself as the local master browser for the subnet. It then assigns runners-up in the election as backup browsers, as needed.

A potential browser's qualifications include the following:


      Whether it has recently lost an election

      The version of the election protocol it is running

      Its election criteria

      The amount of time the system has been up

      The computer's NetBIOS name

If the potential browser has lost an election recently, it immediately disqualifies itself. The version of the election protocol it is running is checked, but so far, all Windows systems (and Samba) use the same election protocol, so the check is not very meaningful. The election criteria are usually what determine which computer becomes the local master browser. There are two parts to the election criteria, shown in Tables 7-2 and 7-3.

Table 7-2: Operating-system values in an election

Operating system                                     Value
Windows NT/2000 Server, running as PDC  32

Windows NT/2000/XP, if not the PDC          16

Windows 95/98/Me                                    1

Windows for Workgroups                            1

Table 7-3: Computer-role settings in an election

Role                                      Value

Domain master browser             128

WINS client                                32

Preferred master                           8

Running master                            4

Recent backup browser                 2

Backup browser                            1

The operating-system type is compared first, and the system with the highest value wins. The values have been chosen to cause the primary domain controller, if there is one, to become the local master browser. Otherwise, a Windows NT/2000/XP system will win over a Windows for Workgroups or Windows 95/98/Me system.

When an operating-system type comparison results in a tie, the role of the computer is compared. A computer can have more than one of the values in Table 7-3, in which case the values are added.

A domain master browser has a role value of 128 to weight the election so heavily in its favor that it will also become the local master browser on its own subnet. Although the primary domain controller (which is always the domain master browser) will win the election based solely on its operating system value, sometimes there is no primary domain controller on the network, and the domain master browser would not otherwise be distinguished from other potential browsers.

Systems that are using a WINS server for name resolution are weighted heavily over ones that use broadcast name resolution with a role value of 32.

A preferred master is a computer that has been selected and configured manually by a system administrator to be favored as the choice master browser. When a preferred master starts up, it forces a browser election, even if an existing master browser is still active. A preferred master has a role value of 8, and the existing master browser gets a value of 4.

A backup browser that has recently been a master browser and still has an up-to-date browse list is given a role value of 2, and a potential browser that has been running as a backup browser gets a value of 1.

If comparing the operating-system type and role results in a tie, the computer that has been running the longest wins. In the unlikely event that the two have been up for the same amount of time, the computer that wins is the one with the NetBIOS name that sorts first alphabetically.

You can tell if a machine is a local master browser by using the Windows nbtstat command. Place the NetBIOS name of the machine you wish to check after the -a option:

C:\>nbtstat -a toltec

Local Area Connection:
Node IpAddress: [] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    TOLTEC         <00>  UNIQUE      Registered
    TOLTEC         <03>  UNIQUE      Registered
    TOLTEC         <20>  UNIQUE      Registered
    .._  _MSBROWSE_ _.<01>    GROUP       Registered
    METRAN         <00>  GROUP       Registered
    METRAN         <1B>  UNIQUE      Registered
    METRAN         <1C>  GROUP       Registered
    METRAN         <1D>  UNIQUE      Registered
    METRAN         <1E>  GROUP       Registered

    MAC Address = 00-00-00-00-00-00

The resource entry that you're looking for is .._ _MSBROWSE_ _.<01>. This indicates that the server is currently acting as the local master browser for the current subnet. If the machine is a Samba server, you can check the Samba nmbd log file for an entry such as:

Samba name server TOLTEC is now a local master browser for
workgroup METRAN on subnet

Or, you can use the nmblookup command with the -M option and the workgroup or domain name on any Samba server to find the IP address of the local master:

$ nmblookup -M metran
querying metran on metran<1d> 

>>> something.rotten at gmail.com 1:47:38 pm 9/12/2005 >>>
I can access the server by going \\server from windows no problem but
I just cant get the domain control to work yet.

I have been struggling to find good docs, if you know of any, let me know!!

On 12/9/05, Walter HILL <regfrem at connect.net.au> wrote:
> On Tue, 2005-12-06 at 11:34 +0800, Chris Watt wrote:
> > Still having trouble.
> >
> > Have reformatted XP Machine 3 times to try and get it to connect but
> > no luck.  Was waiting on a new method but no one got back to me.  If I
> > could get hold of a copy of that manual that'd be fantastic.
> >
> > ~Chris
> >
> According to the SAMBA manual it should be done six times - joking..
> I used a Fedora Core 3 box as a PDC. Can the Windows box see the Domain.
> Can you "net view" the Linux box from the Windows host?
> Interestingly I've just set up an OS X server as a PDC (Apple use SAMBA)
> and it worked very well after ironing out a few permission issues.
> With the Fedora PDC I created machine accounts first with OS X it was
> done on the fly. I can't remember which version of SAMBA came with Core
> 2. There were specific instructions for creating machine accounts and
> the naming convention of the machines.
> Have you got name resolution working on your network?
> _______________________________________________
> PLUG discussion list: plug at plug.org.au 
> http://www.plug.org.au/mailman/listinfo/plug 
> Committee e-mail: committee at plug.linux.org.au 
PLUG discussion list: plug at plug.org.au 
Committee e-mail: committee at plug.linux.org.au

More information about the plug mailing list