Hello all,
I'm using samba 2.2.7a with winbind on a RedHat 7.3 (pre-installed by Dell)
server,
with an NT PDC/BDC, with the NT PDC acting as the WINS server.
Everything works fine on the local subnet 192.168.0.xxx, but we
also have an IPSec VPN set up with our western call centre,
and users on the western office subnet 192.168.10.xxx can't login to the
samba shares.
They can login to the NT shares fine, and the login script on our
local (192.168.0.) subnet PDC runs fine when users login over the VPN;
they can ping the samba server;
but when they try to connect to the UNC address \\samba_server\sharename
the are asked for a username/password and can't get past that.
The remote workstns are Win98.
No errors are reported by testparm.
here are the relevant bits of smb.conf:
_________________________________
hosts allow = 192.168.0. 192.168.10. localhost
security = server
# Use password server option only with security = server
# NT PDC and BDC:
password server = EKOSSRV2 EKOSSRV1
encrypt passwords = yes
update encrypted = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes
# Cause this host to announce itself to local subnets here
remote announce = 192.168.0. 192.168.10.
local master = no
domain master = no
wins server = 192.168.0.2
dns proxy = no
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
#============================ Share Definitions
=============================
# this is the share for the edmonton call centre.
[edmonto$]
path = /files/edmonton
public = yes
only guest = no
create mode = 0660
directory mode = 0770
writable = yes
printable = no
# this is the share for the Readonly drive share.
[readonly]
path = /files/readonly
public = yes
only guest = no
create mode = 0664
directory mode = 0775
writable = yes
printable = no
__________________________
A previous poster (see below) has an almost identical problem
(he is using security = domain, I am using security = server)
but I can find no responses to his post.
I've also seen some other posts indicating problems with jumping
subnets, without posted solutions . . . .
As this seems not to be an entirely unique problem, I'll be sure
to document and post any solutions/results back to the list.
Thank you,
-Ken
_________________________________________
Ken Innes
Chief Information Officer
EKOS Research Associates Inc.
99 Metcalfe St., Suite 1100
Ottawa, Ontario
K1P 6L7
www.ekos.com
_______________________________________________________________
Previous similar post:
>From mrautia6@welho.com Sat Jan 11 00:49:20 2003
From: Mikko Rautiainen <mrautia6@welho.com>
Return-Path: <mrautia6@welho.com>
Delivered-To: samba@lists.samba.org
Subject: [Samba] Problem to access sambaserver from another subnet.
Date: Sat Jan 11 00:50:01 2003
Hi,
I have a network that has a NT4 PDC and 2 NT4 BDC plus one linux samba
server.
Then there is a "VPN"subnet routed over ADSL to the main network.
The problem is that I can't connect to the samba sever from the VPN with
either W98 or W2k
I can log on to the domain, can ping the servers, can
see the server in the network neighbourhood.
But I can't login, it says that wrong password or
user name. The samba server is in security = domain mode
and uses winbind to authenticate from the NT4 PDC. And it
works fine in the local network.
The network doesn't have a WINS server set up, can that be the problem?
Can it be some kind of NT4 permission srewup?
Thanks
Mikko