Hi, I have a setup where my samba server is located at my main office and I need to provide remote access to a branch office. I already have the conection part operational and the branch office (remote) uses a frame-relay connection to my office (local). I have linux machine with multiple ethernets serving as a firewall at each point (remote and local). The clients will be windows. What do I need to change in my samba conf in order to allow the remote clients to "mount" the shares ? Which traffic (protocol/port) should I allow to pass ? Regards. __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com
> > Hi, > > I have a setup where my samba server is located at my > main office and I need to provide remote access to a > branch office. > > I already have the conection part operational and the > branch office (remote) uses a frame-relay connection > to my office (local). > > I have linux machine with multiple ethernets serving > as a firewall at each point (remote and local). > > The clients will be windows. > > What do I need to change in my samba conf in order to > allow the remote clients to "mount" the shares ? > Which traffic (protocol/port) should I allow to pass ? >If assume you want the traffic to be encrypted. So if you're into browsing the net IMHO VPN is the only way. OTOH if all you want is to mount a share on THE remote samba server there is a simple and elegant trick you can perform: ignore name resolution and forward only 139 via ssh! E.g. all the remote windows clients will run ssh 139:IP.Of.Remote:139 user@ip.of.remote. Then on the remote Windows WS define in lmhosts 127.0.0.1 remotesambaname ... Do a nbtstat -R and that's it. Windows WS will be able to do in explorer \\remotesambaname\share. After a initial short delay you'll be prompted for a name and passwd. Openssh for windows is free.
Greetings all .. I'm trying to understand the usage of things like 'idmap' and group maps in Samba. If there's someone out there patient enough to explain it .. it'll be great. Is it possible to use 'idmap' alone without winbind/pam/nsswitch? When would someone do that? What use are gourp maps for? Is it only used if Samba is the domain controller? If yes, how can it be usefull if shares can't be specified by the NT group membership not unix's? If Samba is't acting as a domain controller can group maps still be usefull? how? Last, and probably a silly one, why is winbind a daeomon? Isn't a PAM library engough to do the job? I mean, if no authentication requests are being served, what does winbind set there and do all the time? Many thanks .. __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com