May 19, 2014

improving smb_auth.sh under AD2003 and later

Synopsis:
When you use smb_auth.sh under AD 2003 (not-compatible mode with 2000), it doesn't work sometimes, after rebooting AD machine.

Cause:

AD 2003 has 2 <00> entries in different order every time the machine is rebooted.

For instance ... % nmblookup -A ad001

      your-dom-name   <00> group 
      ad001           <00> unque 
      ... 

But smb_auth.sh only takes the 1st entry of <00>

Workaround: 

% vi smb_auth.sh

wrong : dcname=`$SAMBAPREFIX/bin/nmblookup -A $dcip | awk '$2 == "<00>" { print $1 ; exit }'`

right : dcname=`$SAMBAPREFIX/bin/nmblookup -A $dcip | awk '$2 == "<20>" { print $1 ; exit }'`


Fef:
https://code.google.com/p/cacheboy/source/browse/branches/SQUID_2_2/auth_modules/SMB/smb_auth.sh?r=13679
see the line 47

..