Chapter 7. Name Resolution and Browsing

Browsing +was developed by Microsoft to help users find shared resources on the +network. In a networked computing environment where users can add or +remove shares at any time, it is important to have some automatic +means of keeping track of the shared resources and allowing users to +"browse" through them to find the +ones they wish to use.

Before browsing was added to SMB networking, when anyone added a new +share, the people with whom they wished to share the data or printer +would have to be informed of the share's UNC, using +some relatively low-tech method such as speaking to them in person or +over the phone, or sending email. Already, this was very inconvenient +in large organizations. To further complicate matters, the users +working on client computers had to type in the +share's UNC to connect to it. The only way to get +around typing in the share's UNC every time it was +used was to map a network drive to it, and with a large number of +shares on the network, this could easily get out of hand.

Browsing in a Windows Network

To keep things simple, we will +first describe network browsing in a network that contains only +Windows systems and then show you how to add a Samba server.

The basic way browsing works is that one computer in the network +takes on the role of the master +browser (also +called local master +browser, browse +master, or +browse server) and +keeps a list of all the computers on the local subnet that are acting +as SMB servers. The list of computers is called the browse +list and includes all Samba servers, Windows +NT/2000/XP systems, and any Windows 95/98/Me systems that have the +"File and printer sharing for Microsoft +Networks" networking component installed. The browse +list also contains the names of all workgroups and domains. At this +level, browsing is limited to the local subnet because the browsing +protocol depends on broadcast packets, which are typically not +forwarded to other subnets by routers.

A user at any Windows system can view the browse list by opening up +the Network Neighborhood (or My Network Places), as we showed you in +Chapter 1. Or, the net +view command can be used from a Windows +command prompt:

C:\>net view
+Server Name            Remark
+
+-------------------------------------------------------------------------------
+\\MAYA                 Windows 98
+\\MIXTEC               Samba 2.2.5
+\\OLMEC                Windows XP Pro on Pentium/ASUS
+\\TOLTEC               Samba 2.2.5
+\\YAQUI                Windows 95 on mixtec/VMware
+\\ZAPOTEC
+The command completed successfully.

Then, net view can be used with a computer name +as an argument to contact a server directly and list the resources it +is sharing:

C:\>net view \\maya
+Shared resources at \\maya
+
+Windows 98
+
+Share name   Type         Used as  Comment
+
+-------------------------------------------------------------------------------
+D            Disk
+E            Disk
+HP           Print
+The command completed successfully.

The computers on the network involved in browsing are more than just +the master browser and its clients. There are also backup browsers, +which maintain copies of the browse list and respond to client +requests for it. Backup browsers are therefore able to take over the +role of master browser seamlessly in case it fails. The master +browser usually doesn't serve the browse list +directly to clients. Instead, its job is mainly to keep the master +copy of the browse list up-to-date, and also periodically update the +backup browsers. Clients are expected to get their copies of the +browse list from backup browsers, selecting among them randomly to +help to distribute the load on the backup browsers more evenly. +Ideally, the interaction between any client and the master browser is +limited to the client announcing when it joins or leaves the network +(if it is a server) and requesting a list of backup browsers.

There can be more than one backup browser. A workgroup will have a +backup browser if two or more computers are running Windows 95/98/Me +or Windows NT Workstation (or another nonserver version of Windows +NT/2000/XP) on the subnet. For every 32 additional computers, another +backup browser is added.

In a Windows NT domain, the primary domain controller is +always the local master browser, and if it fails, another Windows +NT/2000 server (if one exists) will take over the role of local +master browser. Other versions of Windows can function as backup +browsers, but will never become a master browser if a Windows NT/2000 +server is available.

In addition to acting as the local master browser, the primary domain +controller also acts as the domain master +browser, which ties subnets together and allows +browse lists to be shared between master and backup browsers on +separate subnets. This is how browsing is extended to function beyond +the local subnet. Each subnet functions as a separate browsing +entity, and the domain master browser synchronizes the master +browsers of each subnet. In a Windows-only network, browsing cannot +function across subnets unless a Windows NT/2000 PDC exists on the +network. Samba can act as a domain master browser and can perform +that task even in a workgroup network, which means that the Windows +PDC is not required for this task. (It is also possible to use the +remote browse +sync parameter to configure a Samba server to +synchronize its browse list with a Samba server on another subnet. In +this case, each server must be acting as the local master browser of +its subnet.)

Unless it is configured never to act as a browser, each computer on +the subnet is considered a potential browser +and can be ordered by the browse master to become a backup browser, +or it can identify itself as a backup browser and accept the role on +its own.

Browser Elections

When no master browser is running on +the subnet, potential browsers choose a new master browser among +themselves in a process called an election. An +election is started by a computer in the subnet when it discovers +that no master browser is currently running. If a master browser is +shut down gracefully, it will broadcast an election request datagram, +initiating an election by the remaining computers. If the master +browser fails, the election can be started by a client computer that +requests a list of backup browsers from the master browser or by a +backup browser that requests to have its browse list updated from the +master browser. In each case, the system fails to receive a reply +from the master browser and initiates the election.

Browser elections are decided in multiple rounds of self-elimination. +During each round, potential browsers broadcast election request +datagrams containing their qualifications to notify other potential +browsers that an election is happening and that if the recipient is +more qualified, it should also broadcast a bid. When a potential +browser receives an election request datagram from a more qualified +opponent, it drops out, disqualifying itself from becoming the master +browser. Otherwise, it responds with its own election request +datagram. After a few rounds, only one potential browser is left in +the election. After an additional four rounds of sending out an +election request datagram and receiving no response, it becomes the +master browser and sends a broadcast datagram announcing itself as +the local master browser for the subnet. It then assigns runners-up +in the election as backup browsers, as needed.

A potential browser's qualifications include the +following:

If the potential browser has lost an election recently, it +immediately disqualifies itself. The version of the election protocol +it is running is checked, but so far, all Windows systems (and Samba) +use the same election protocol, so the check is not very meaningful. +The election criteria are usually what determine which computer +becomes the local master browser. There are two parts to the election +criteria, shown in Tables Table 7-2 and Table 7-3.

+
Whether it has recently lost an election
+
+
The version of the election protocol it is running
+
+
Its election criteria
+
+
The amount of time the system has been up
+
+
The computer's NetBIOS name
+

+ +

Table 7-2. Operating-system values in an election

+ + + + + + + + + + + + + + + + + + + + + + + + + + +

+ Operating system +	+ Value +
+ Windows NT/2000 Server, running as PDC +	+ 32 +
+ Windows NT/2000/XP, if not the PDC +	+ 16 +
+ Windows 95/98/Me +	+ 1 +
+ Windows for Workgroups +	+ 1 +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Table 7-3. Computer-role settings in an election

+ Role +	+ Value +
+ Domain master browser +	+ 128 +
+ WINS client +	+ 32 +
+ Preferred master +	+ 8 +
+ Running master +	+ 4 +
+ Recent backup browser +	+ 2 +
+ Backup browser +	+ 1 +

The operating-system type is compared first, and the system with the +highest value wins. The values have been chosen to cause the primary +domain controller, if there is one, to become the local master +browser. Otherwise, a Windows NT/2000/XP system will win over a +Windows for Workgroups or Windows 95/98/Me system.

When an operating-system type comparison results in a tie, the role +of the computer is compared. A computer can have more than one of the +values in Table 7-3, in which case the values are +added.

+ +

A domain master browser has a role value of 128 to weight the +election so heavily in its favor that it will also become the local +master browser on its own subnet. Although the primary domain +controller (which is always the domain master browser) will win the +election based solely on its operating system value, sometimes there +is no primary domain controller on the network, and the domain master +browser would not otherwise be distinguished from other potential +browsers.

+ +

Systems that are using a WINS server for name resolution are weighted +heavily over ones that use broadcast name resolution with a role +value of 32.

+ +

A preferred master is a computer that has been +selected and configured manually by a system administrator to be +favored as the choice master browser. When a preferred master starts +up, it forces a browser election, even if an existing master browser +is still active. A preferred master has a role value of 8, and the +existing master browser gets a value of 4.

+ +

A backup browser that has recently been a master browser and still +has an up-to-date browse list is given a role value of 2, and a +potential browser that has been running as a backup browser gets a +value of 1.

+ +

If comparing the operating-system type and role results in a tie, the +computer that has been running the longest wins. In the unlikely +event that the two have been up for the same amount of time, the +computer that wins is the one with the NetBIOS name that sorts first +alphabetically.

+ +

You can tell if a machine is a local master browser by using the +Windows nbtstat command. Place the NetBIOS name of the +machine you wish to check after the -a option:

C:\>nbtstat -a toltec
+
+Local Area Connection:
+Node IpAddress: [172.16.1.4] Scope Id: []
+
+           NetBIOS Remote Machine Name Table
+
+       Name               Type         Status
+    ---------------------------------------------
+    TOLTEC         <00>  UNIQUE      Registered
+    TOLTEC         <03>  UNIQUE      Registered
+    TOLTEC         <20>  UNIQUE      Registered
+    ..__MSBROWSE__.<01>  GROUP       Registered
+    METRAN         <00>  GROUP       Registered
+    METRAN         <1B>  UNIQUE      Registered
+    METRAN         <1C>  GROUP       Registered
+    METRAN         <1D>  UNIQUE      Registered
+    METRAN         <1E>  GROUP       Registered
+
+    MAC Address = 00-00-00-00-00-00

The resource entry that you're looking for is +.._ _MSBROWSE_ _.<01>. This indicates +that the server is currently acting as the local master browser for +the current subnet. If the machine is a Samba server, you can check +the Samba nmbd log file for an entry such as:

nmbd/nmbd_become_lmb.c:become_local_master_stage2(406)
+*****
+Samba name server TOLTEC is now a local master browser for
+workgroup METRAN on subnet 172.16.1.0

Or, you can use the +nmblookup command with the +-M option and the workgroup or domain name on +any Samba server to find the IP address of the local master:

$ nmblookup -M metran
+querying metran on 172.16.1.255
+172.16.1.1 metran<1d>

Server Announcements

After +the master browser election is decided, each server on the network +announces itself to the network to allow the master and backup +browsers to build their browse lists. At first, the server +announcements happen every minute, but the interval is gradually +stretched out to every 12 minutes. When a server is shut down +gracefully, it sends an announcement that it is going offline to +allow the master and backup browsers to remove it from the browse +list. However, when a server goes offline by crashing or by some +other failure, the master browser notices its disappearance only +because it stops receiving server announcements. The master browser +waits for three of the server's announcement periods +before deciding that it is offline, which can take up to 36 minutes. +Because backup browsers have their browse lists updated from the +master browser once every 15 minutes, it can take up to 51 minutes +for clients to be informed of a failed server.

For more detailed information on Microsoft's +browsing protocols, consult the Microsoft documents +Browsing and Windows 95 +Networking and +CIFS/E Browser Protocol. You can find these by +searching for the titles on the Microsoft web site at http://www.microsoft.com.

+ +

More information on configuring Samba for browsing can be found in +BROWSING.txt and +BROWSING-Config.txt in the Samba +distribution's docs/textdocs +directory.

Configuring Samba for Browsing

Samba has full support for browsing +and can participate as a master browser, a backup browser, a domain +master browser, a potential browser, or just a server that +doesn't participate in browsing elections. If you +want to make sure your Samba server never becomes a master or backup +browser, simply set:

[global]
+    local master = no

Usually, you will want Samba to be available as a local master or at +least a backup browser. In the simplest case, you +don't need to do anything because +Samba's default is to participate in browsing +elections with its operating system value set to 20, which will beat +any Windows system less than a Windows NT/2000 primary domain +controller (see Table 7-2). The operating-system +value Samba reports for itself in browser elections can be set using +the os level +parameter:

[global]
+    os level = 33

The preceding value will allow Samba to beat even a Windows 2000 +Advanced Server acting as a primary domain controller. As we show in +the following section, though, forcing Samba to win this way is not +recommended.

If you want to allow a Windows XP Professional system to be the +master browser, you would need to set Samba lower:

[global]
+    os level = 8

The maximum value for os level +is 255 because it is handled as an 8-bit unsigned integer. Supposing +we wanted to make absolutely sure our Samba server will be the local +master browser at all times, we might say:

[global]
+    local master = yes
+    os level = 255
+    preferred master = yes

The addition of the +preferred +master parameter causes Samba to start a browser +election as soon as it starts up, and the os +level of 255 allows it to beat any other system on +the network. This includes other Samba servers, assuming they are +configured properly! If another server is using a similar +configuration file (with os +level = 255 +and preferred master += yes), the two will fight each +other for the master browser role, winning elections based on minor +criteria, such as uptime or their current role. To avoid this, other +Samba servers should be set with a lower os +level and not configured to be the preferred +master.

Samba as the Domain Master Browser

Previously we mentioned that for a Windows +workgroup or domain to extend into multiple subnets, one system would +have to take the role of the domain master browser. The domain master +browser propagates browse lists across each subnet in the workgroup. +This works because each local master browser periodically +synchronizes its browse list with the domain master browser. During +this synchronization, the local master browser passes on the name of +any server that the domain master browser does not have in its browse +list, and vice versa. Each local master browser eventually holds the +browse list for the entire domain.

There is no election to determine which machine assumes the role of +the domain master browser. Instead, the administrator has to set it +manually. By Microsoft design, however, the domain master browser and +the PDC both register a resource type of <1B>, so the +roles—and the machines—are inseparable.

If you have a Windows NT server on the network acting as a PDC, we +recommend that you do not try to use Samba to become the domain +master browser. The reverse is true as well: if Samba is taking on +the responsibilities of a PDC, we recommend making it the domain +master browser as well. Although it is possible to split the roles +with Samba, this is not a good idea. Using two different machines to +serve as the PDC and the domain master browser can cause random +errors to occur in a Windows workgroup.

Samba can assume the role of a domain master browser for all subnets +in the workgroup with the following options:

[global]
+    domain master = yes
+    preferred master = yes
+    local master = yes
+    os level = 255

The final three parameters ensure that the server is also the local +master browser, which is vital for it to work properly as the domain +master browser. You can verify that a Samba machine is in fact the +domain master browser by checking the +nmbd log file:

nmbd/nmbd_become_dmb.c:become_domain_master_stage2(118)
+*****
+Samba name server TOLTEC is now a domain master browser for
+workgroup METRAN on subnet 172.16.1.0

Or you can use the +nmblookup command that comes with the Samba +distribution to query for a unique <1B> resource type in the +workgroup:

# nmblookup METRAN#1B
+Sending queries to 172.16.1.255
+172.16.1.1 METRAN<1b>

Multiple subnets

You must +remember three rules when creating a +workgroup/domain +that spans more than one subnet:

Samba has some additional features you can use if you +don't have or want a domain master browser on your +network and still need to have cross-subnet browsing. Consider the +subnets shown in Figure 7-1.

+
You must have either a Windows NT/2000 or Samba server acting as a +local master browser on each subnet in the workgroup/domain.
+
+
You must have a Windows NT/2000 Server edition or a Samba server +acting as a domain master browser somewhere in the workgroup/domain.
+
+
A WINS server should be on the network, with each system on the +network configured to use it for name resolution.
+

+ +

Figure 7-1. Multiple subnets with Samba servers

First, a Samba server that is a local master browser can use the +remote announce +configuration option to make sure that computers in different subnets +are sent broadcast announcements about the server. This has the +effect of ensuring that the Samba server appears in the browse lists +of foreign subnets. To achieve this, however, the directed broadcasts +must reach the local master browser on the other subnet. Be aware +that many routers do not allow directed broadcasts by default; you +might have to change this setting on the router for the directed +broadcasts to get through to its subnet.

With the remote announce +option, list the subnets and the workgroup that should receive the +broadcast. For example, to ensure that machines in the 172.16.2 and +172.16.3 subnets and the METRAN workgroup are sent broadcast +information from our Samba server, we could specify the following:

[global]
+    remote announce = 172.16.2.255/METRAN \
+        172.16.3.255/METRAN

Instead of supplying a broadcast address of the remote subnet, you +are allowed to specify the exact address where broadcasts should be +sent if the local master browser on the foreign subnet is guaranteed +to always have the same IP address.

A Samba local master browser can synchronize its browse list directly +with one or more Samba servers, each acting as a local master browser +on a different subnet. This is another way to implement browsing +across subnets. For example, let's assume that Samba +is configured as a local master browser, and Samba local master +browsers exist at 172.16.2.130 and 172.16.3.120. We can use the +remote browse +sync option to sync directly with the Samba +servers, as follows:

[global]
+    remote browse sync = 172.16.2.130 172.16.3.120

For this to work, the other Samba machines must also be local master +browsers. You can also use directed broadcasts with this option if +you do not know specific IP addresses of local master browsers.

Making a Share Invisible

You can keep a share from being in the +browse list by using the +browsable option. This Boolean option +prevents a share from being seen in the Network Neighborhood or My +Network Places. For example, to prevent the [data] +share from being visible, we could write:

[data]
+    path = /export/samba/userdata
+    browsable = no

Although you typically don't want to do this to an +ordinary disk share, the browsable option is +useful in the event that you need to create a share with contents +that you do not want others to see, such as a +[netlogon] share for storing logon scripts +for Windows domain control (see Chapter 4 for more +information on logon scripts).

+ +

Another example is the +[homes] share. This share is often marked +nonbrowsable so that a share named [homes] +won't appear when its machine's +resources are browsed. However, if a user alice +logs on and looks at the machine's shares, an +[alice] share will appear under the machine.

What if we wanted to make sure +alice's share appeared to +everyone before she logs on? This could be done with the global +auto services +option. This option preloads shares into the browse list to ensure +that they are always visible:

[global]
+    auto services = alice

Browsing Options

Table 7-4 shows +options that define how Samba handles browsing tasks.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Table 7-4. Browsing configuration options

+ Option +	+ Parameters +	+ Function +	+ Default +	+ Scope +
+ `announce as` +	+ string +	+ Operating system that Samba will announce itself as. +	+ `N T Server` +	+ Global +
+ `announce` `version` +	+ numeric +	+ Version of the operating system that Samba will announce itself as. +	+ `4.5` +	+ Global +
+ `browsable` `(browseable)` +	+ Boolean +	+ Allows share to be displayed in list of machine resources. +	+ `yes` +	+ Share +
+ `browse list` +	+ Boolean +	+ If `yes`, allows Samba to provide a browse list on +this server. +	+ `yes` +	+ Global +
+ `auto services` `(preload)` +	+ string (share list) +	+ List of shares that will always appear in the browse list. +	+ None +	+ Global +
+ `default` `service (default)` +	+ string (share name) +	+ Name of a share (service) that will be provided if the client +requests a share not listed in smb.conf. +	+ None +	+ Global +
+ `local master` +	+ Boolean +	+ If `yes`, allows Samba to participate in browsing +elections. +	+ `yes` +	+ Global +
+ `lm announce` +	+ `yes`, `no`, or +`auto` +	+ Enables or disables LAN Manager-style host announcements. +	+ `auto` +	+ Global +
+ `lm interval` +	+ numeric +	+ Frequency in seconds that LAN Manager announcements will be made if +activated. +	+ `60` +	+ Global +
+ `preferred` `master (prefered +master)` +	+ Boolean +	+ If `yes`, allows Samba to use the preferred master +browser bit to attempt to become the local master browser. +	+ `no` +	+ Global +
+ `domain master` +	+ Boolean +	+ If `yes`, allows Samba to become the domain browser +master for the workgroup or domain. +	+ `no` +	+ Global +
+ `os level` +	+ numeric +	+ Operating system level of Samba in an election for local master +browser. +	+ `0` +	+ Global +
+ `remote browse` `sync` +	+ string (list of IP addresses) +	+ Samba servers to synchronize browse lists with. +	+ None +	+ Global +
+ `remote` `announce` +	+ string (IP address/workgroup pairs) +	+ Subnets and workgroups to send directed broadcast packets to, +allowing Samba to appear in their browse lists. +	+ None +	+ Global +

announce as

This global configuration option specifies the type of operating +system that Samba announces to other machines on the network. The +default value for this option is N T +Server, which causes Samba to masquerade as a +Windows NT Server operating system. Other possible values are +NT, NT +Workstation, Win95, and +W f W for a Windows for Workgroup operating +system. You can override the default value with the following:

[global]
+    announce as = Win95

We recommend against changing the default value of this configuration +option.

announce version

This global option is frequently used with the +announce as configuration +option; it specifies the version of the operating system that Samba +announces to other machines on the network. The default value of this +option is 4.5, which places Samba above Windows NT Version 4.0, but +below Windows 2000. You can specify a new value with a global entry +such as the following:

[global]
+    announce version = 4.3

We recommend against changing the default value of this configuration +option.

browsable

The browsable option (also spelled +browseable) indicates whether the share referenced +should appear in the list of available resources for the system on +which it resides. This option is always set to yes +by default. If you wish to prevent the share from being seen in a +client's browser, you can reset this option to +no.

Note that this does not prevent someone from accessing the share +using other means, such as specifying a UNC location (e.g., +\\server\accounting) in Windows Explorer. It only +prevents the share from being listed under the +system's resources when being browsed.

browse list

You should never need to change this parameter from its default value +of yes. If your Samba server is acting as a local +master browser (i.e., it has won the browsing election), you can use +the global browse list option +to instruct Samba to provide or withhold its browse list to all +clients. By default, Samba always provides a browse list. You can +withhold this information by specifying the following:

[global]
+    browse list = no

If you disable the browse list, clients cannot browse the names of +other machines, their services, and other domains currently available +on the network. Note that this won't make any +particular machine inaccessible; if someone knows a valid machine +name/address and a share on that machine, he can still connect to it +explicitly using the Windows net use command or +by mapping a drive letter to it using Windows Explorer. It simply +prevents information in the browse list from being retrieved by any +client that requests it.

auto services

The global auto +services option, which is also called +preload , ensures that the specified +shares are always visible in the browse list. One common use for this +option is to advertise specific user or printer shares that are +created by the [homes] or +[printers] shares, but are not otherwise +browsable.

This option works best with disk shares. If you wish to force each of +your system printers (i.e., those listed in the printer capabilities +file) to appear in the browse list, we recommend using the +load printers option instead.

Shares listed with the auto +services option will not be displayed if the +browse list option is set to +no.

default service

The global default +service option (sometimes called +default) names a +"last-ditch" share. The value is +set to an existing share name without the enclosing brackets. When a +client requests a nonexistent disk or printer share, Samba will +attempt to connect the user to the share specified by this option +instead. The option is specified as follows:

[global]
+    default service = helpshare

When Samba redirects the requested, nonexistent service to the +service specified by default +service, the %S option takes on +the value of the requested service, with any underscores ( +_ ) in the requested service replaced by forward slashes +(/).

local master

This global option specifies whether Samba will attempt to become the +local master browser for the subnet when it starts up. If this option +is set to yes, Samba will participate in +elections. However, setting this option by itself does not guarantee +victory. (Other parameters, such as preferred +master and os +level, help Samba win browsing elections.) If this +option is set to no, Samba will lose all browsing +elections, regardless of which values are specified by the other +configuration options. The default value is yes.

lm announce

The global lm +announce option tells Samba's +nmbd whether to send LAN Manager host +announcements on behalf of the server. These host announcements might +be required by older clients, such as IBM's OS/2 +operating system. This announcement allows the server to be added to +the browse lists of the client. If activated, Samba will announce +itself repetitively at the number of seconds specified by the +lm interval option.

You can specify the option as follows:

[global]
+    lm announce = yes

This configuration option takes the standard Boolean values, +yes and no, which enable or +disable LAN Manager announcements, respectively. In addition, a third +option, auto, causes nmbd to +listen passively for LAN Manager announcements, but not to send any +of its own initially. If LAN Manager announcements are detected for +another machine on the network, nmbd will start +sending its own LAN Manager announcements to ensure that it is +visible. The default value is auto. You probably +won't need to change this value from its default.

lm interval

This option, which is used in conjunction with lm +announce, indicates the number of seconds +nmbd will wait before repeatedly broadcasting +LAN Manager-style announcements. LAN Manager announcements must be +enabled for this option to work. The default value is 60 seconds. If +you set this value to 0, Samba will not send any LAN Manager host +announcements, regardless of the value of the lm +announce option. You can reset the value of this +option as follows:

[global]
+    lm interval = 90

preferred master

The preferred +master option requests that Samba set the +preferred master bit when participating in an election. This gives +the server a higher preferred status in the workgroup than other +machines at the same operating-system level. If you are configuring +your Samba machine to become the local master browser, it is wise to +set the following value:

[global]
+    preferred master = yes

Otherwise, you should leave it set to its default, +no. If Samba is configured as a preferred master +browser, it will force an election when it first comes online.

domain master

If Samba is the primary domain controller for your workgroup or NT +domain, it should also be made the domain master browser. The domain +master browser is a special machine that has the NetBIOS resource +type <1B> and is used to propagate browse lists to and from +each local master browser in individual subnets across the domain. To +force Samba to become the domain master browser, set the following in +the [global] section of the +smb.conf:

[global]
+    domain master = yes

If you have a Windows NT server on the network acting as a primary +domain controller (PDC), we recommend that you do not use Samba to +become the domain master browser. The reverse is true as well: if +Samba is taking on the responsibilities of a PDC, we recommend making +it the domain master browser. Splitting the PDC and the domain master +browser will cause unpredictable errors to occur on the network.

os level

The global os level option +defines the operating-system value with which Samba will masquerade +during a browser election. If you wish to have Samba win an election +and become the master browser, set the os +level higher than that of any other system on the +subnet. The values are shown in Table 7-2. The +default level is 20, which means that Samba will win elections +against all versions of Windows, except Windows NT/2000 if it is +operating as the PDC. If you wish Samba to win all elections, you can +set its operating system value as follows:

+ +

[global]
+    os level = 255

+ + +

+ + + +

remote browse sync

The global remote +browse sync option specifies +that Samba should synchronize its browse lists with local master +browsers in other subnets. However, the synchronization can occur +only with other Samba servers and not with Windows computers. For +example, if your Samba server were a master browser on the subnet +172.16.235, and Samba local master browsers existed on other subnets +located at 172.16.234.92 and 172.16.236.2, you would specify the +following:

[global]
+    remote browse sync = 172.16.234.92 172.16.236.2

The Samba server would then directly contact the other machines on +the address list and synchronize browse lists. You can also say:

[global]
+    remote browse sync = 172.16.234.255 172.16.236.255

This forces Samba to broadcast queries to determine the IP addresses +of the local master browser on each subnet, with which it will then +synchronize browse lists. This works, however, only if your router +doesn't block directed broadcast requests ending in +255.

remote announce

Samba servers are capable of providing browse lists to foreign +subnets with the remote +announce option. This is typically sent to the +local master browser of the foreign subnet in question. However, if +you do not know the address of the local master browser, you can do +the following:

[global]
+    remote announce = 172.16.234.255/ACCOUNTING \       
+                        172.16.236.255/ACCOUNTING

With this, Samba will broadcast host announcements to all machines on +subnets 172.16.234 and 172.16.236, which will hopefully reach the +local master browser of the subnet.

You can also specify exact IP addresses, if they are known, but this +works only if the systems are guaranteed to maintain the role of +master browser on their subnets. By appending a workgroup or domain +name to the IP address, Samba announces that it is in that workgroup +or domain. If this is left out, the workgroup set by the +workgroup parameter is used.