On 01/04/12 23:53, Anton Aylward wrote:
lynn said the following on 04/01/2012 04:53 PM:
Windows clients have something that we do not. What is it?
What are the names of the Windows hosts?
How does DNS respond when queried on their addresses? How are those names assigned?
Here is a win 7 client called LYNN-PC12@hh3.site. It has its address to be obtained automatically and has 192.168.1.2 hh1.hh3.site set as the only nameserver. Here is the request for the machine ticket. There must have been some communication betwen the DHCP server at 192.16.1.1, LYNN-PC12 and the KDC. LYNN-PC12 was allocated IP 192.168.1.27 but next boot, it will be different. Kerberos: AS-REQ LYNN-PC12$@HH3.SITE from ipv4:192.168.1.27:59048 for krbtgt/HH3.SITE@HH3.SITE Kerberos: Client sent patypes: encrypted-timestamp, 128 Kerberos: Looking for PKINIT pa-data -- LYNN-PC12$@HH3.SITE Kerberos: Looking for ENC-TS pa-data -- LYNN-PC12$@HH3.SITE Kerberos: ENC-TS Pre-authentication succeeded -- LYNN-PC12$@HH3.SITE using arcfour-hmac-md5 Kerberos: AS-REQ authtime: 2012-04-02T09:31:37 starttime: unset endtime: 2012-04-02T19:31:37 renew till: 2012-04-09T09:31:37 And here is the domain admin logging into the domain. here she requests a cifs ticket: Kerberos: TGS-REQ Administrator@HH3.SITE from ipv4:192.168.1.27:59064 for cifs/hh1.hh3.site@HH3.SITE [canonicalize, renewable, forwardable] Kerberos: TGS-REQ authtime: 2012-04-02T09:41:49 starttime: 2012-04-02T09:41:59 endtime: 2012-04-02T19:41:49 renew till: 2012-04-09T09:41:49 host LYNN-PC12 LYNN-PC12.hh3.site has address 192.168.1.27 host 192.168.1.27 Host 27.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) ping 192.168.1.27 PING 192.168.1.27 (192.168.1.27) 56(84) bytes of data. 64 bytes from 192.168.1.27: icmp_seq=1 ttl=128 time=7.30 ms
Ditto for the Linux hosts. How are names assigned?
Here is an openSUSE 12.1 client called LXDE2.hh3.site. Here, the same DHCP server has allocated 192.168.1.22 The machine ticket request: Kerberos: AS-REQ LXDE2$@HH3.SITE from ipv4:192.168.1.22:41947 for krbtgt/HH3.SITE@HH3.SITE Kerberos: Client sent patypes: encrypted-timestamp, 149 Kerberos: Looking for PKINIT pa-data -- LXDE2$@HH3.SITE Kerberos: Looking for ENC-TS pa-data -- LXDE2$@HH3.SITE Kerberos: ENC-TS Pre-authentication succeeded -- LXDE2$@HH3.SITE using arcfour-hmac-md5 Kerberos: AS-REQ authtime: 2012-04-02T09:53:14 starttime: unset endtime: 2012-04-02T19:53:14 renew till: 2012-04-03T09:53:12 A user request for her /home folder nfs upon login: Kerberos: TGS-REQ LXDE2$@HH3.SITE from ipv4:192.168.1.22:57654 for nfs/hh1.hh3.site@HH3.SITE [canonicalize, renewable] Kerberos: TGS-REQ authtime: 2012-04-02T09:53:14 starttime: 2012-04-02T09:53:14 endtime: 2012-04-02T19:53:14 renew till: 2012-04-03T09:53:12 Kerberos: TGS-REQ steve2@HH3.SITE from ipv4:192.168.1.22:48518 for nfs/hh1.hh3.site@HH3.SITE [canonicalize, renewable, forwardable] All OK so far. Now here is where the windows and linux clients differ: host LXDE2 Host LXDE2 not found: 3(NXDOMAIN) host lxde2.hh3.site Host lxde2.hh3.site not found: 3(NXDOMAIN) host lxde2 Host lxde2 not found: 3(NXDOMAIN) host 192.168.1.22 Host 22.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) ping 192.168.1.22 PING 192.168.1.22 (192.168.1.22) 56(84) bytes of data. 64 bytes from 192.168.1.22: icmp_seq=1 ttl=64 time=0.724 ms
As far as DHCP goes, either machines "know" their names and use that when asking for an IP address from the DHCP server, or they are given there names by the server, along with router, gateway, and all the other information that they should if you have DHCP set up properly.
In this setup, the machine names are fixed. The DHCP is set to allocate addreses only.
If you read the man page for the DHCP client (dhcpcd(8) you will find
<quote> If the hostname is currenly blank, (null) or localhost then dhcpcd will set the hostname to the one supplied by the DHCP server, or look it up in DNS if none supplied. </quote> and <quote> -h, --hostname hostname By default, dhcpcd will send the current hostname to the DHCP server so it can register in DNS. You can use this option to specify the hostname sent, or an empty string to stop any hostname from being sent. </quote>
So: unless you are forcing a name from the client, it is supplied buy the DHCP server ... We are forcing the client name. The DHCP server does not allocate a name. EITHER The DHCP server hands out names along with ip addresses OR The DHCP server can query the DNS server for a name to go along with the IP address. This requires a pre-defined RR for the reverse lookup.
You may care to look at the settings in /etc/sysconfig/network/dhcp and read the comments there.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org