Bill Ries-Knight
2007-Jul-20 15:08 UTC
[Samba] Sharing AD domain info with 2 SBS2003 servers
When I took over as the IT guy in September, there were 2 separate locations with different domains each managed by a SBS 2003 machine. The connection between them was an OpenVPN tunnel. The network was fine and one could see 2 domains in the network. Local and Local2 are working names. From a workstation on Local one could see Local2 in the Microsoft Windows Network, and vice versa from Local2 one could see Local. Additionally, one could easily browse through the remote network as long as the user permissions were correct. With the same user name and password for the two domains there was no issue with authentication. Teh configuration was this: Local ==> IpTables firewall, FC4, with Samba, OpenVpn, Freshclam, Apache and Sendmail Local2 ==>IpTables firewal, FC4, with Samba, OpenVpn, Freshclam Then we had the firewall hacked on Local. The server was compromised and a NEW drive was put in place and reinstalled with Etch (Debian 4.0) The firewall was restored, different but similar function. The OpenVPN tunnel was restored with the same configuration. All is fine except for the lack of name based browsing. The second domain no longer shows. From local, there is no Local2. From Local2, there is no Local. From Local2 server one can find Local by name, but only because of an entry in the hosts file. Samba was running on the firewall, and is now, but I don't know how to configure it to help with the domains. SBS is, I believe, dumbed down and cannot manage to read another SBS server's information. After a couple more months passed the firewall on Local2 was hacked and the drive replaced and reinstalled, also with Etch. I do have the old drives intact (never throw things away) and accessible. Any thoughts, suggestions, links to solutions and requests for clarification are appreciated.. Regards, Bill -- -- Bill Ries-Knight Stockton, CA Respect the process, Vote.
Felipe Augusto van de Wiel
2007-Jul-23 14:38 UTC
[Samba] Sharing AD domain info with 2 SBS2003 servers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Bill Ries-Knight wrote, On 20-07-2007 12:07: [...]> The firewall was restored, different but similar function. The > OpenVPN tunnel was restored with the same configuration. All is fine > except for the lack of name based browsing. The second domain no > longer shows. From local, there is no Local2. From Local2, there is > no Local. From Local2 server one can find Local by name, but only > because of an entry in the hosts file.[...]> Any thoughts, suggestions, links to solutions and requests for > clarification are appreciated..Do you need AD? If you don't, change for NT4 style with LDAP and you can safely use WINS to share names across the VPN. If you really need AD, you can use WINS and/or winbind (but I'm not sure about the setup, since I avoid the AD for now, until Samba4). I do not have any contact with SBS2003, except testing it to show problems to the IT Team, so I can't really help specific with this, sorry. :-( WINS should solve your name problem and you could use two Sambas only, not sure if you really need the SBS2003. Hope this helps, Kind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGpL1MCj65ZxU4gPQRCP1eAKCia0Ca1Ggsv/rpOTIgoYZkzuMqJACg0Sy+ Q2qGv+AJ8xFi5xT9If9anbs=doEX -----END PGP SIGNATURE-----