Hi all! I am from the Windows world and am trying to migrate to Linux and have done a fairly good job so far. My recent challenge is that I have built a Samba file/print server that works very well on my internal network but when I VPN into the network remotely I am unable to access the server via it's server name. What is driving me crazy is the fact that the last of my Windows servers is a file/print server as well and I am able to access it without issues. Is this a simple NetBios Port change or is this something else that I am missing? If anyone has some pointers as to what I can do to resolve this issue I would be grateful. Thank you James Taylor
My VPN Address is in a Virtual Pool on the Firewall I am using. I am able to connect to any other server other than a Samba server. If it was a network related issue would it not be having a problem on all the servers? James -----Original Message----- From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com] Sent: Friday, February 03, 2006 5:11 PM To: James Taylor Subject: RE: [Samba] SAMBA netbois lookup issues Is your VPN server on the same segment? I only ask because in our company, our VPN segment is isolated with it's own DNS servers. My guess is that when you come in via VPN, you are using a different DNS server and you are not registered. Instead, you are using NetBIOS for name resolution. Try putting an A host record on the DNS server used by your VPN server. -----Original Message----- From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org [mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On Behalf Of James Taylor Sent: Friday, February 03, 2006 6:43 PM To: samba@lists.samba.org Subject: [Samba] SAMBA netbois lookup issues Hi all! I am from the Windows world and am trying to migrate to Linux and have done a fairly good job so far. My recent challenge is that I have built a Samba file/print server that works very well on my internal network but when I VPN into the network remotely I am unable to access the server via it's server name. What is driving me crazy is the fact that the last of my Windows servers is a file/print server as well and I am able to access it without issues. Is this a simple NetBios Port change or is this something else that I am missing? If anyone has some pointers as to what I can do to resolve this issue I would be grateful. Thank you James Taylor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Not if they are all in the DNS server and the new samba server is not. -----Original Message----- From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org [mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On Behalf Of James Taylor Sent: Monday, February 06, 2006 2:06 PM To: samba@lists.samba.org Subject: RE: [Samba] SAMBA netbois lookup issues My VPN Address is in a Virtual Pool on the Firewall I am using. I am able to connect to any other server other than a Samba server. If it was a network related issue would it not be having a problem on all the servers? James -----Original Message----- From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com] Sent: Friday, February 03, 2006 5:11 PM To: James Taylor Subject: RE: [Samba] SAMBA netbois lookup issues Is your VPN server on the same segment? I only ask because in our company, our VPN segment is isolated with it's own DNS servers. My guess is that when you come in via VPN, you are using a different DNS server and you are not registered. Instead, you are using NetBIOS for name resolution. Try putting an A host record on the DNS server used by your VPN server. -----Original Message----- From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org [mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On Behalf Of James Taylor Sent: Friday, February 03, 2006 6:43 PM To: samba@lists.samba.org Subject: [Samba] SAMBA netbois lookup issues Hi all! I am from the Windows world and am trying to migrate to Linux and have done a fairly good job so far. My recent challenge is that I have built a Samba file/print server that works very well on my internal network but when I VPN into the network remotely I am unable to access the server via it's server name. What is driving me crazy is the fact that the last of my Windows servers is a file/print server as well and I am able to access it without issues. Is this a simple NetBios Port change or is this something else that I am missing? If anyone has some pointers as to what I can do to resolve this issue I would be grateful. Thank you James Taylor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Yes, the other servers are registered as well. It has to be something simple
that I am missing. I will attach a copy of my global smb.conf config and
maybe you might be able to see something there.
# Global parameters
[global]
workgroup = LASZLOSYSTEMS
realm = INTRANET.CORP.LASZLOSYSTEMS.COM
server string = Intranet Samba Server
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://intranet.corp.laszlosystems.com,
smbpasswd, guest
passwd program = /usr/sbin/smbldap-passwd %u
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmhosts dns host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap cache time = 60
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -c
'Machine Account' -s /bin/false '%u'
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
ldap admin dn = cn=*,dc=*,dc=com
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap passwd sync = Yes
ldap suffix = dc=laszlosystems,dc=com
ldap ssl = no
ldap user suffix = ou=People
winbind use default domain = Yes
printer admin = @adm, root
create mask = 0755
hosts allow = 192.168., 127.
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
inherit permissions = Yes
guest ok = Yes
[pdf-gen]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
printing = bsd
print command = /usr/share/samba/scripts/print-pdf "%s"
"%H"
"//%L/%u" "%m" "%I" "%J" &
lpq command = /bin/true
lprm command = lprm -P'%p' %j
[ILSA]
comment = HP Color LaserJet 5500DN Network Printer
path = /var/spool/samba
guest ok = Yes
printable = Yes
[public]
comment = Laszlo Public Files
path = /home/laszlo/public
valid users = @users
write list = @users
force user = laszlo
force group = users
create mask = 0775
force create mode = 0550
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:26 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Sorry, I didn't realize that the samba server was the DNS server. So
all the other servers have properly registered on this samba/DNS server?
Do you have host records for all the other systems?
It may be a port issue, but that is well out of my range of knowledge
since we have a dedicated network team here.
I still think it is something simple, I just can't put my finger on it
without knowledge of your entire network.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:23 PM
To: Trimble, Ronald D
Subject: RE: [Samba] SAMBA netbois lookup issues
Samba server is the DNS server. I also opened the wins.dat file to make
sure the samba server had it's info registered and it does. Could this
be a
simple port issue?
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:10 AM
To: James Taylor; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not if they are all in the DNS server and the new samba server is not.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Monday, February 06, 2006 2:06 PM
To: samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
My VPN Address is in a Virtual Pool on the Firewall I am using. I am
able
to connect to any other server other than a Samba server. If it was a
network related issue would it not be having a problem on all the
servers?
James
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Friday, February 03, 2006 5:11 PM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Is your VPN server on the same segment? I only ask because in our
company, our VPN segment is isolated with it's own DNS servers. My
guess is that when you come in via VPN, you are using a different DNS
server and you are not registered. Instead, you are using NetBIOS for
name resolution. Try putting an A host record on the DNS server used by
your VPN server.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Friday, February 03, 2006 6:43 PM
To: samba@lists.samba.org
Subject: [Samba] SAMBA netbois lookup issues
Hi all!
I am from the Windows world and am trying to migrate to Linux and have
done
a fairly good job so far.
My recent challenge is that I have built a Samba file/print server that
works very well on my internal network but when I VPN into the network
remotely I am unable to access the server via it's server name. What is
driving me crazy is the fact that the last of my Windows servers is a
file/print server as well and I am able to access it without issues. Is
this a simple NetBios Port change or is this something else that I am
missing?
If anyone has some pointers as to what I can do to resolve this issue I
would be grateful.
Thank you
James Taylor
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Not sure if that is a good thing or not on a crazy config. What I have
tried is using changing the order to include lmhosts file, wins, DNS. Of
course I have modified the LMHOSTS file to include all the servers and that
made no difference. I will try the change to the pam restrictions and see
if that makes a difference.
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:40 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Wow... that is the craziest smb.conf I have ever seen! Nice work. I
don't see anything obvious, but I am curious if you ever tried shuffling
the name resolve order?
Furthermore, I see that you are forcing PAM restrictions... did you try
the configuration with that line commented out. I know PAM can be
complex and tough to figure out some times.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:31 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Yes, the other servers are registered as well. It has to be something
simple
that I am missing. I will attach a copy of my global smb.conf config
and
maybe you might be able to see something there.
# Global parameters
[global]
workgroup = LASZLOSYSTEMS
realm = INTRANET.CORP.LASZLOSYSTEMS.COM
server string = Intranet Samba Server
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://intranet.corp.laszlosystems.com,
smbpasswd, guest
passwd program = /usr/sbin/smbldap-passwd %u
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmhosts dns host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap cache time = 60
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
-c
'Machine Account' -s /bin/false '%u'
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
ldap admin dn = cn=*,dc=*,dc=com
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap passwd sync = Yes
ldap suffix = dc=laszlosystems,dc=com
ldap ssl = no
ldap user suffix = ou=People
winbind use default domain = Yes
printer admin = @adm, root
create mask = 0755
hosts allow = 192.168., 127.
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
inherit permissions = Yes
guest ok = Yes
[pdf-gen]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
printing = bsd
print command = /usr/share/samba/scripts/print-pdf "%s"
"%H"
"//%L/%u" "%m" "%I" "%J" &
lpq command = /bin/true
lprm command = lprm -P'%p' %j
[ILSA]
comment = HP Color LaserJet 5500DN Network Printer
path = /var/spool/samba
guest ok = Yes
printable = Yes
[public]
comment = Laszlo Public Files
path = /home/laszlo/public
valid users = @users
write list = @users
force user = laszlo
force group = users
create mask = 0775
force create mode = 0550
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:26 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Sorry, I didn't realize that the samba server was the DNS server. So
all the other servers have properly registered on this samba/DNS server?
Do you have host records for all the other systems?
It may be a port issue, but that is well out of my range of knowledge
since we have a dedicated network team here.
I still think it is something simple, I just can't put my finger on it
without knowledge of your entire network.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:23 PM
To: Trimble, Ronald D
Subject: RE: [Samba] SAMBA netbois lookup issues
Samba server is the DNS server. I also opened the wins.dat file to make
sure the samba server had it's info registered and it does. Could this
be a
simple port issue?
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:10 AM
To: James Taylor; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not if they are all in the DNS server and the new samba server is not.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Monday, February 06, 2006 2:06 PM
To: samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
My VPN Address is in a Virtual Pool on the Firewall I am using. I am
able
to connect to any other server other than a Samba server. If it was a
network related issue would it not be having a problem on all the
servers?
James
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Friday, February 03, 2006 5:11 PM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Is your VPN server on the same segment? I only ask because in our
company, our VPN segment is isolated with it's own DNS servers. My
guess is that when you come in via VPN, you are using a different DNS
server and you are not registered. Instead, you are using NetBIOS for
name resolution. Try putting an A host record on the DNS server used by
your VPN server.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Friday, February 03, 2006 6:43 PM
To: samba@lists.samba.org
Subject: [Samba] SAMBA netbois lookup issues
Hi all!
I am from the Windows world and am trying to migrate to Linux and have
done
a fairly good job so far.
My recent challenge is that I have built a Samba file/print server that
works very well on my internal network but when I VPN into the network
remotely I am unable to access the server via it's server name. What is
driving me crazy is the fact that the last of my Windows servers is a
file/print server as well and I am able to access it without issues. Is
this a simple NetBios Port change or is this something else that I am
missing?
If anyone has some pointers as to what I can do to resolve this issue I
would be grateful.
Thank you
James Taylor
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Ok, tested the change with PAM and no difference. The message that is
returned to me is:
Windows cannot find '\\Intranet'. Check the spelling and try again, or
try
searching for the item by .... useless Microsoft Jargon...
I am running Samba version 3.0.13. Could it possibly need an upgrade to the
newer version?
Thank you for the compliment, I was worried I might be doing something
somewhat unorthodox. I am trying to get everything to eventually use single
sign-on with LDAP and Samba, hence the LDAP bind info and the smbldap
commands for users. The LDAP bind is working 100% perfect and internal
access works great. All my internal servers are binding to LDAP via PAM
modules at this point in time and that is working very well. So I am almost
there. Once I get Samba to communicate over the VPN properly then I will
setup and make it act as PDC for my Windows clients so they too will begin
using the LDAP database for user access.
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:47 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
It was a compliment...
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:45 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not sure if that is a good thing or not on a crazy config. What I have
tried is using changing the order to include lmhosts file, wins, DNS.
Of
course I have modified the LMHOSTS file to include all the servers and
that
made no difference. I will try the change to the pam restrictions and
see
if that makes a difference.
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:40 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Wow... that is the craziest smb.conf I have ever seen! Nice work. I
don't see anything obvious, but I am curious if you ever tried shuffling
the name resolve order?
Furthermore, I see that you are forcing PAM restrictions... did you try
the configuration with that line commented out. I know PAM can be
complex and tough to figure out some times.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:31 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Yes, the other servers are registered as well. It has to be something
simple
that I am missing. I will attach a copy of my global smb.conf config
and
maybe you might be able to see something there.
# Global parameters
[global]
workgroup = LASZLOSYSTEMS
realm = INTRANET.CORP.LASZLOSYSTEMS.COM
server string = Intranet Samba Server
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://intranet.corp.laszlosystems.com,
smbpasswd, guest
passwd program = /usr/sbin/smbldap-passwd %u
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmhosts dns host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap cache time = 60
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
-c
'Machine Account' -s /bin/false '%u'
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
ldap admin dn = cn=*,dc=*,dc=com
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap passwd sync = Yes
ldap suffix = dc=laszlosystems,dc=com
ldap ssl = no
ldap user suffix = ou=People
winbind use default domain = Yes
printer admin = @adm, root
create mask = 0755
hosts allow = 192.168., 127.
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
inherit permissions = Yes
guest ok = Yes
[pdf-gen]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
printing = bsd
print command = /usr/share/samba/scripts/print-pdf "%s"
"%H"
"//%L/%u" "%m" "%I" "%J" &
lpq command = /bin/true
lprm command = lprm -P'%p' %j
[ILSA]
comment = HP Color LaserJet 5500DN Network Printer
path = /var/spool/samba
guest ok = Yes
printable = Yes
[public]
comment = Laszlo Public Files
path = /home/laszlo/public
valid users = @users
write list = @users
force user = laszlo
force group = users
create mask = 0775
force create mode = 0550
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:26 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Sorry, I didn't realize that the samba server was the DNS server. So
all the other servers have properly registered on this samba/DNS server?
Do you have host records for all the other systems?
It may be a port issue, but that is well out of my range of knowledge
since we have a dedicated network team here.
I still think it is something simple, I just can't put my finger on it
without knowledge of your entire network.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:23 PM
To: Trimble, Ronald D
Subject: RE: [Samba] SAMBA netbois lookup issues
Samba server is the DNS server. I also opened the wins.dat file to make
sure the samba server had it's info registered and it does. Could this
be a
simple port issue?
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:10 AM
To: James Taylor; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not if they are all in the DNS server and the new samba server is not.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Monday, February 06, 2006 2:06 PM
To: samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
My VPN Address is in a Virtual Pool on the Firewall I am using. I am
able
to connect to any other server other than a Samba server. If it was a
network related issue would it not be having a problem on all the
servers?
James
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Friday, February 03, 2006 5:11 PM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Is your VPN server on the same segment? I only ask because in our
company, our VPN segment is isolated with it's own DNS servers. My
guess is that when you come in via VPN, you are using a different DNS
server and you are not registered. Instead, you are using NetBIOS for
name resolution. Try putting an A host record on the DNS server used by
your VPN server.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Friday, February 03, 2006 6:43 PM
To: samba@lists.samba.org
Subject: [Samba] SAMBA netbois lookup issues
Hi all!
I am from the Windows world and am trying to migrate to Linux and have
done
a fairly good job so far.
My recent challenge is that I have built a Samba file/print server that
works very well on my internal network but when I VPN into the network
remotely I am unable to access the server via it's server name. What is
driving me crazy is the fact that the last of my Windows servers is a
file/print server as well and I am able to access it without issues. Is
this a simple NetBios Port change or is this something else that I am
missing?
If anyone has some pointers as to what I can do to resolve this issue I
would be grateful.
Thank you
James Taylor
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
The server is a backup LDAP server, but the bind connects to my master LDAP
server for database changes to stay as current and up to date as possible.
As far as pinging the server, that works 100%, anything related to DNS works
just fine as well. It is just when I go to access via hostname, NetBios,
that is fails.
My local machine is using the Samba server for WINS. I also tried using my
local lmhosts file on my Windows XP machine with no success. I can ping the
name all day but when I try access to the share no go.
I will try changing the port numbers and see what happens.
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 12:01 PM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
That's a nice plan. Do you have a copy of the LDAP database on your
server or are you simply linking to it?
As far as accessing the server goes, let's go back to the basics...
What happens when you try to ping the server by IP address?
Does it work? If so, it is most definitely a name resolution issue and
not something else. At this point, check your own IP config (I am
assuming you are using some flavor of Windows.) What DNS and WINS
servers are you pointing at? Check to see if they have host records for
the new server.
If it doesn't it may point you towards a port issue.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:57 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Ok, tested the change with PAM and no difference. The message that is
returned to me is:
Windows cannot find '\\Intranet'. Check the spelling and try again, or
try
searching for the item by .... useless Microsoft Jargon...
I am running Samba version 3.0.13. Could it possibly need an upgrade to
the
newer version?
Thank you for the compliment, I was worried I might be doing something
somewhat unorthodox. I am trying to get everything to eventually use
single
sign-on with LDAP and Samba, hence the LDAP bind info and the smbldap
commands for users. The LDAP bind is working 100% perfect and internal
access works great. All my internal servers are binding to LDAP via PAM
modules at this point in time and that is working very well. So I am
almost
there. Once I get Samba to communicate over the VPN properly then I
will
setup and make it act as PDC for my Windows clients so they too will
begin
using the LDAP database for user access.
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:47 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
It was a compliment...
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:45 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not sure if that is a good thing or not on a crazy config. What I have
tried is using changing the order to include lmhosts file, wins, DNS.
Of
course I have modified the LMHOSTS file to include all the servers and
that
made no difference. I will try the change to the pam restrictions and
see
if that makes a difference.
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:40 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Wow... that is the craziest smb.conf I have ever seen! Nice work. I
don't see anything obvious, but I am curious if you ever tried shuffling
the name resolve order?
Furthermore, I see that you are forcing PAM restrictions... did you try
the configuration with that line commented out. I know PAM can be
complex and tough to figure out some times.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:31 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Yes, the other servers are registered as well. It has to be something
simple
that I am missing. I will attach a copy of my global smb.conf config
and
maybe you might be able to see something there.
# Global parameters
[global]
workgroup = LASZLOSYSTEMS
realm = INTRANET.CORP.LASZLOSYSTEMS.COM
server string = Intranet Samba Server
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://intranet.corp.laszlosystems.com,
smbpasswd, guest
passwd program = /usr/sbin/smbldap-passwd %u
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmhosts dns host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap cache time = 60
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
-c
'Machine Account' -s /bin/false '%u'
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
ldap admin dn = cn=*,dc=*,dc=com
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap passwd sync = Yes
ldap suffix = dc=laszlosystems,dc=com
ldap ssl = no
ldap user suffix = ou=People
winbind use default domain = Yes
printer admin = @adm, root
create mask = 0755
hosts allow = 192.168., 127.
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
inherit permissions = Yes
guest ok = Yes
[pdf-gen]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
printing = bsd
print command = /usr/share/samba/scripts/print-pdf "%s"
"%H"
"//%L/%u" "%m" "%I" "%J" &
lpq command = /bin/true
lprm command = lprm -P'%p' %j
[ILSA]
comment = HP Color LaserJet 5500DN Network Printer
path = /var/spool/samba
guest ok = Yes
printable = Yes
[public]
comment = Laszlo Public Files
path = /home/laszlo/public
valid users = @users
write list = @users
force user = laszlo
force group = users
create mask = 0775
force create mode = 0550
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:26 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Sorry, I didn't realize that the samba server was the DNS server. So
all the other servers have properly registered on this samba/DNS server?
Do you have host records for all the other systems?
It may be a port issue, but that is well out of my range of knowledge
since we have a dedicated network team here.
I still think it is something simple, I just can't put my finger on it
without knowledge of your entire network.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:23 PM
To: Trimble, Ronald D
Subject: RE: [Samba] SAMBA netbois lookup issues
Samba server is the DNS server. I also opened the wins.dat file to make
sure the samba server had it's info registered and it does. Could this
be a
simple port issue?
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:10 AM
To: James Taylor; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not if they are all in the DNS server and the new samba server is not.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Monday, February 06, 2006 2:06 PM
To: samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
My VPN Address is in a Virtual Pool on the Firewall I am using. I am
able
to connect to any other server other than a Samba server. If it was a
network related issue would it not be having a problem on all the
servers?
James
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Friday, February 03, 2006 5:11 PM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Is your VPN server on the same segment? I only ask because in our
company, our VPN segment is isolated with it's own DNS servers. My
guess is that when you come in via VPN, you are using a different DNS
server and you are not registered. Instead, you are using NetBIOS for
name resolution. Try putting an A host record on the DNS server used by
your VPN server.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Friday, February 03, 2006 6:43 PM
To: samba@lists.samba.org
Subject: [Samba] SAMBA netbois lookup issues
Hi all!
I am from the Windows world and am trying to migrate to Linux and have
done
a fairly good job so far.
My recent challenge is that I have built a Samba file/print server that
works very well on my internal network but when I VPN into the network
remotely I am unable to access the server via it's server name. What is
driving me crazy is the fact that the last of my Windows servers is a
file/print server as well and I am able to access it without issues. Is
this a simple NetBios Port change or is this something else that I am
missing?
If anyone has some pointers as to what I can do to resolve this issue I
would be grateful.
Thank you
James Taylor
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Got it! It was the port that was causing the problem. I should have known
right away. I read through my config and found that using 445, 139. I
added port 135 to the mix and voila!
Thank you for your help!
James
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:40 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Wow... that is the craziest smb.conf I have ever seen! Nice work. I
don't see anything obvious, but I am curious if you ever tried shuffling
the name resolve order?
Furthermore, I see that you are forcing PAM restrictions... did you try
the configuration with that line commented out. I know PAM can be
complex and tough to figure out some times.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:31 PM
To: Trimble, Ronald D; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Yes, the other servers are registered as well. It has to be something
simple
that I am missing. I will attach a copy of my global smb.conf config
and
maybe you might be able to see something there.
# Global parameters
[global]
workgroup = LASZLOSYSTEMS
realm = INTRANET.CORP.LASZLOSYSTEMS.COM
server string = Intranet Samba Server
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://intranet.corp.laszlosystems.com,
smbpasswd, guest
passwd program = /usr/sbin/smbldap-passwd %u
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmhosts dns host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap cache time = 60
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
-c
'Machine Account' -s /bin/false '%u'
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
ldap admin dn = cn=*,dc=*,dc=com
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap passwd sync = Yes
ldap suffix = dc=laszlosystems,dc=com
ldap ssl = no
ldap user suffix = ou=People
winbind use default domain = Yes
printer admin = @adm, root
create mask = 0755
hosts allow = 192.168., 127.
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
inherit permissions = Yes
guest ok = Yes
[pdf-gen]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
printing = bsd
print command = /usr/share/samba/scripts/print-pdf "%s"
"%H"
"//%L/%u" "%m" "%I" "%J" &
lpq command = /bin/true
lprm command = lprm -P'%p' %j
[ILSA]
comment = HP Color LaserJet 5500DN Network Printer
path = /var/spool/samba
guest ok = Yes
printable = Yes
[public]
comment = Laszlo Public Files
path = /home/laszlo/public
valid users = @users
write list = @users
force user = laszlo
force group = users
create mask = 0775
force create mode = 0550
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:26 AM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Sorry, I didn't realize that the samba server was the DNS server. So
all the other servers have properly registered on this samba/DNS server?
Do you have host records for all the other systems?
It may be a port issue, but that is well out of my range of knowledge
since we have a dedicated network team here.
I still think it is something simple, I just can't put my finger on it
without knowledge of your entire network.
-----Original Message-----
From: James Taylor [mailto:jtaylor@laszlosystems.com]
Sent: Monday, February 06, 2006 2:23 PM
To: Trimble, Ronald D
Subject: RE: [Samba] SAMBA netbois lookup issues
Samba server is the DNS server. I also opened the wins.dat file to make
sure the samba server had it's info registered and it does. Could this
be a
simple port issue?
JT
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Monday, February 06, 2006 11:10 AM
To: James Taylor; samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
Not if they are all in the DNS server and the new samba server is not.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Monday, February 06, 2006 2:06 PM
To: samba@lists.samba.org
Subject: RE: [Samba] SAMBA netbois lookup issues
My VPN Address is in a Virtual Pool on the Firewall I am using. I am
able
to connect to any other server other than a Samba server. If it was a
network related issue would it not be having a problem on all the
servers?
James
-----Original Message-----
From: Trimble, Ronald D [mailto:Ronald.Trimble@unisys.com]
Sent: Friday, February 03, 2006 5:11 PM
To: James Taylor
Subject: RE: [Samba] SAMBA netbois lookup issues
Is your VPN server on the same segment? I only ask because in our
company, our VPN segment is isolated with it's own DNS servers. My
guess is that when you come in via VPN, you are using a different DNS
server and you are not registered. Instead, you are using NetBIOS for
name resolution. Try putting an A host record on the DNS server used by
your VPN server.
-----Original Message-----
From: samba-bounces+ronald.trimble=unisys.com@lists.samba.org
[mailto:samba-bounces+ronald.trimble=unisys.com@lists.samba.org] On
Behalf Of James Taylor
Sent: Friday, February 03, 2006 6:43 PM
To: samba@lists.samba.org
Subject: [Samba] SAMBA netbois lookup issues
Hi all!
I am from the Windows world and am trying to migrate to Linux and have
done
a fairly good job so far.
My recent challenge is that I have built a Samba file/print server that
works very well on my internal network but when I VPN into the network
remotely I am unable to access the server via it's server name. What is
driving me crazy is the fact that the last of my Windows servers is a
file/print server as well and I am able to access it without issues. Is
this a simple NetBios Port change or is this something else that I am
missing?
If anyone has some pointers as to what I can do to resolve this issue I
would be grateful.
Thank you
James Taylor
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba