similar to: security=user and remote networks

Hello, I have set up an IPSec tunnel to create a VPN. It works well, I can ping and telnet back and forth with no problems. I am, however, struggling to get Samba to work. The setup: Samba 2.0.7 running on Sparc Solaris 2.6 The VPN tunnel is between a OpenBSD 2.7 server and a Netopia R9100 router. The tunnel is negotiated using IKE. The server running Samba receives NetBIOS packets, I can see

Hi, I'm newbie with Samba. I'm using Samba-3.0 directly installed with Fedora core. I've made a PDC linux server with Samba-3.0, openldap-2.1.22 with pam_ldap everything seems to be good but not with net groupmap. when using command: "net groupmap list" I have the following error : [2003/12/15 17:52:15, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2048) ldapsam_setsamgrent:

I am trying shorewall as my previous post With alisias on eth1 loc and 4 pptp client vpns. The odd thing is when I enter one of the vpns in interfaces such as vpn1 it works. But if I enter the vpn in the hosts file shorewall blocks the vpns. shorewall/hosts #ZONE HOST(S) OPTIONS loc eth1:192.168.25.0/24 loctw eth1:192.168.50.0/24 locsa eth1:192.168.75.0/24 vpntw

Hi all, I need a suggestion or just to know if it's even possible to achieve the following. There is a "central" vpn server which is my main network. I have a few other gateways (customers) which should connect to this central server (there's a firewall on this machine too) which have behind the customer network. Then I have a few single servers which still connect to my

List, I upgraded to 3.0.10 the other day, and completely missed the fact that the samba.schema for openldap had to be upgraded as well. I learnt that this was the case when passwords could no longer be changed... Searching the web revealed that the only thing to do was to "copy over samba.schema" and everything would be fine. So I backed up the previous copy of samba.schema, copied the

Hello, I am trying to figure out how to implement a samba domain in a number of remote offices around the world with partly bad and often interrupted WAN connections/VPNs. The goal is to administer the directory from the central data center. My obvious choice would be to set up a central server with SAMBA+OpenLDAP+smbldap-tools and in each remote office a SAMBA server with OpenLDAP as a

Hi, I use shorewall on 2 computers and I''m really happy with it. But now I came over a special case where my wisdom ends. I have 2 VPNs running via FreeS/WAN on the firewall host, and now I want to replace my hand made setup with shorewall. I use the same FreeS/WAN setup as it is working already. I read through the documentation but there are only examples of 1 static net2net VPN and 3

I use 3 Ubuntu server 14.04 as KVM guest. Now I run 5 tinc vpns in switch mode. I use the same key for every vpn. Every kvm has connect to the two other servers. I need 5 vpns to have 5 networks connected but seperated. 1 vpn was running fine, but now that I run 5 vpns, my kvm crashes sometimes. Especially when I stop tinc. I used tinc 1.0.26 from repo. Now I tried tinc 1.1 pre, same problem but

I have clients, which connectin to Internet through vpn. I want to dynamically share bandwith between vpn connections, so if there few connections, then they get all bandwith, if more then they get their minimal guaranteed bandwith. my idea is: ip-up.local: tc class add dev $DEV parent 1:1 classid 1:2${1/ppp/} htb rate $[$RATEUP/$VPNS]kbit ceil ${RATEUP}kbps tc filter add dev $DEV protocol ip

I will shortly be replacing a couple of proprietary VPN boxes with a FreeBSD solution. Section 10.10 of the Handbook has a detailed description of how to do this. However I remember a lot of discussion about a year ago about whether the gif interface was necessary to set up VPNs like this or whether it was just a convenience, for "getting the routing right". A number of people said

Have you set in the slapd.conf on the slaves something like updateref ldap://master.ldap The slave / consumers need to redirect the request to the master ldap database. It may also be a good idea to have samba use fail over for the ldap backend. You would need to set this in your ldap.conf as too. for pdc / ldap master passdb backend =ldapsam:"ldap://master.ldap ldap://slave.ldap"

Dear Help, Here is my situation: We have offices located in several areas around the country, all of which can communicate with each other through VPNs we have established. I have set up a Samba domain in which the PDC is located here in our home office, and there are BDCs for the same domain in each of the remote offices. I have been able to successfully join machines here in our home office

Hello samba people, I have samba 2.0.3 compiled from source on a Linux box, in order to setup SMB sharenames to access the Linux box from an NT client. I have swat set up in order to configure Samba, and my conf file is as follows: # Samba config file created using SWAT # from 10.65.8.20 (10.65.8.20) # Date: 1999/03/19 15:31:59 # Global parameters workgroup = [xxx] netbios name

Definitely considered that. Running different VPNs and even running different instances of the daemon on different ports. But, as you rightly pointed out: *additional complexity*. It basically comes down to: what if you have a bad actor who needs credentials revoked immediately? We have a way of doing this already, but it can take up to 5 minutes to cycle through every machine on the network -

IPsec Pre Shared Key for enterprise wireless is worse than PPTP according to https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ . Make sure IPsec is used with certificates instead. tinc is an educational project sponsored by a university aiming to grow awareness of encryption over the public internet. It does not have a marketing department. Criticism is welcome. Think of

Whatever I want to do with wine is displayed with a very small font in italics. I need a magnifying glass to read any text. How can I change this for larger font and normal text? John

Just spotted a minor typo in winbindd: s/privilage/privilege/ . The attached patch corrects this. David -------------- next part -------------- --- winbindd.8.orig 2005-01-31 23:02:11.678460000 +0100 +++ winbindd.8 2005-01-31 23:02:46.803379000 +0100 @@ -289,8 +289,8 @@ The UNIX pipe over which clients communicate with the \fBwinbindd\fR program\&. For security reasons, the winbind

List, I am deploying a number of Samba servers across a WAN. To date I have manually uploaded printer drivers from an XP client to the Samba server. But it's slow, and I systematically upload the same drivers over and over again. I'm not quite sure of the recipe, but I'm sure there must be a way of replicating all the drivers, from a central point, out to the remote servers. Copying

List, I have a client PC that is able to connect to my network via a VPN tunnel. When the client PC comes back to the mother ship, it acquires an ordinary network address via DHCP. In this situation, the PC is currently having problems viewing Samba printers... the printer folder takes several minutes to open all the printers, and requesting a print from an application takes a couple of minutes

Hello, At FOSDEM 2011 (http://fosdem.org/2011), we will be part of the devroom "New Challenges in Virtualization" (http://nciv2011.v2.cs.unibo.it/). You are invited to come by and discuss tinc, VPNs and other virtualization issues here. FOSDEM 2011 will take place on February 5 and 6 in Brussels, Belgium. If you would like to meet at FOSDEM with me or other persons using or developing