Geekly Articles each Day
📜 ⬆️ ⬇️

Upgrading Windows Network Neighborhood

Once again, I made a domain controller from samba and it didn’t work to have a normal network environment on the domain computers.

A little googling, solutions are not something that I did not find, but came across one article that inspired me a lot. Unfortunately, I could not realize the content of the article in my office, because I do not keep office computers in DNS (no need), but there is isc-dhcpd, which has everything that is needed. As a result, a script was born ( link once and link two ) that does the following:
  1. scans the network specified in the $ network variable on port 139 with a connection timeout of 0.01 seconds, which allows you to run over / 24 networks from 255 addresses in a few seconds;
  2. if it detects the address where the port is open, then it asks information at that address through omshell from isc-dhcpd;
  3. if there is information, then add it to samba browse.dat.
As a result, we have:But there is one drawback: in the network environment will not see descriptions of computers: nowhere to get them. If anyone has any idea where to get computer descriptions for the network environment, please write in the comments. As an option, you can take some book and insert random combinations of words from it into the descriptions of computers in the network environment with each new launch. It will be useless, but funny.

In order for all this to take off, you need to enable OMAPI in isc-dhcp. To do this, add the following lines to the config:
 key keyname {algorithm hmac-md5;  secret "keyself";  }
 omapi-port 7911;
 omapi-key keyname;

You can generate the key itself, for example, using the named generator:
  dnssec-keygen -a HMAC-MD5 -b 256 -n HOST keyname

After restarting dhcpd, this daemon should listen, among other things, also port 7911 using the tcp protocol. Now, just in case, let's check how OMAPI works:
 omshell
 > server 192.168.10.2
 > port 7911
 > key keyname keyself
 > connect
 obj: <null>
 > new lease
 obj: lease
 > set ip-address = 192.168.10.99
 obj: lease
 ip-address = c0: a8: 0a: 63
 > open
 obj: lease
 ip-address = c0: a8: 0a: 63
 state = 00: 00: 00: 02
 dhcp-client-identifier = 01: 00: 21: 63: d1: b2: 54
 client-hostname = "rooot"
 subnet = 00: 00: 00: 03
 pool = 00: 00: 00: 04
 hardware address = 00: 21: 63: d1: b2: 54
 hardware-type = 00: 00: 00: 01
 ends = 4b: 0f: c2: 98
 starts = 4b: 0f: c1: 6c
 tstp = 00: 00: 00: 00
 tsfp = 00: 00: 00: 00
 atsfp = 00: 00: 00: 00
 cltt = 00: 00: 00: 00
what is marked with the sign ">" are my commands, the rest is omshell answers. As you can see, I received a record of information about my computer.
')
In addition, the above script writes data to utf-8 in browse.dat, which means that in smb.conf there should be this:
 display charset = utf-8
 unix charset = utf-8
 dos charset = cp866
If in your smb.conf the first two variables have a value different from utf-8, then you need to find the substring "utf-8" in the text of the script and change it to what you use.

And lastly, a brief description of the parameters from the script:
$ network = '192.168.10.0/24'the network that the script will scan
$ dhcp_server = '192.168.10.2'dhcp address of the server that the script will access through omshell
$ dhcp_server_timeout = '1'timeout that is set for responses from dhcpd via omshell
$ dhcp_key = 'maverick dhcp_key'the key that we generated using dnssec-keygen
$ browser_file = '/var/db/samba/browse.dat'the script in this samba file will add the resulting list of computers for the network environment - this is what it was all about
$ browser_domainYour domain name
$ browser_headheader file browse.dat. should usually include a description of the domain and its controller
How to configure isc-dhcpd to distribute addresses and samba as a domain controller will not tell. There are more than enough how-tos on this topic on the net.

Source: https://habr.com/ru/post/76578/

More articles:


All Articles