[Samba]Samba not working outside the domain

Peter Peltonen peter.peltonen at fivetec.com
Mon Jan 28 15:08:03 GMT 2002 

The samba server is running with "security = domain" and it's password
server is a Win2k server in the same network acting as a PDC for the
domain.

Inside the 192.168.0.0 network I can access the samba server's shares fine
with my Win2k domain account. But if I try it from a Win2k client over
my VPN, I get prompted for a username and password: I give my Win2k
domain account and pasword, but access is denied ("Incorrect password or 
unknown username for \\fileserv"). In Samba's logs I see:

--<snip>--
[2002/01/29 00:46:44, 0] passdb/smbpass.c:startsmbfilepwent_internal(87)
  startsmbfilepwent_internal: unable to open file /etc/samba/smbpasswd.
Error was No such file or directory
[2002/01/29 00:46:44, 0] passdb/passdb.c:iterate_getsmbpwnam(149)
  unable to open smb password database.
[2002/01/29 00:46:44, 1] smbd/password.c:pass_check_smb(505)
  Couldn't find user 'peter' in smb_passwd file.
[2002/01/29 00:46:44, 1] smbd/reply.c:reply_sesssetup_and_X(929)
  Rejecting user 'peter': authentication failed
--</snip>--

Why is my Samba trying to authenticate from the smbpasswd file and not
from the Win2k server???

My VPN looks like this:

samba server -- freeswan -- internet -- masq fw -- ssh sentinel win2k
192.168.0.4                                        172.16.1.4

And my smb.conf:

--<snip>--
# Global parameters
[global]
        workgroup = NTDOMAIN
        netbios name = FILESERV
        server string = Samba %v on (%L)
        security = DOMAIN
        password server = HAVANNA
        encrypt passwords = yes
        log file = /var/log/samba/log.%m
        max log size = 0
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = No
        remote announce = 192.168.0.255
        os level = 0
        local master = no 

[homes]
        comment = Home Directories
        writeable = Yes
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = yes
        browseable = no
        valid users = @fileserv
        
[share1]
        path = /fileserv/disk1
        writeable = yes
        valid users = 
        valid users = @fileserv
        create mask = 0770
        directory mask = 0770
        inherit permissions = yes
--</snip>--

I'm running samba-2.0.10-2 under Red Hat Linux 7.1.

Regards,
Peter

More information about the samba mailing list