[Samba]Samba not working outside the domain
Peter Peltonen
peter.peltonen at fivetec.com
Mon Jan 28 15:08:03 GMT 2002
The samba server is running with "security = domain" and it's password
server is a Win2k server in the same network acting as a PDC for the
domain.
Inside the 192.168.0.0 network I can access the samba server's shares fine
with my Win2k domain account. But if I try it from a Win2k client over
my VPN, I get prompted for a username and password: I give my Win2k
domain account and pasword, but access is denied ("Incorrect password or
unknown username for \\fileserv"). In Samba's logs I see:
--<snip>--
[2002/01/29 00:46:44, 0] passdb/smbpass.c:startsmbfilepwent_internal(87)
startsmbfilepwent_internal: unable to open file /etc/samba/smbpasswd.
Error was No such file or directory
[2002/01/29 00:46:44, 0] passdb/passdb.c:iterate_getsmbpwnam(149)
unable to open smb password database.
[2002/01/29 00:46:44, 1] smbd/password.c:pass_check_smb(505)
Couldn't find user 'peter' in smb_passwd file.
[2002/01/29 00:46:44, 1] smbd/reply.c:reply_sesssetup_and_X(929)
Rejecting user 'peter': authentication failed
--</snip>--
Why is my Samba trying to authenticate from the smbpasswd file and not
from the Win2k server???
My VPN looks like this:
samba server -- freeswan -- internet -- masq fw -- ssh sentinel win2k
192.168.0.4 172.16.1.4
And my smb.conf:
--<snip>--
# Global parameters
[global]
workgroup = NTDOMAIN
netbios name = FILESERV
server string = Samba %v on (%L)
security = DOMAIN
password server = HAVANNA
encrypt passwords = yes
log file = /var/log/samba/log.%m
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
remote announce = 192.168.0.255
os level = 0
local master = no
[homes]
comment = Home Directories
writeable = Yes
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = yes
browseable = no
valid users = @fileserv
[share1]
path = /fileserv/disk1
writeable = yes
valid users =
valid users = @fileserv
create mask = 0770
directory mask = 0770
inherit permissions = yes
--</snip>--
I'm running samba-2.0.10-2 under Red Hat Linux 7.1.
Regards,
Peter
More information about the samba
mailing list