[Samba] Debian Lenny 5.04 and DMS in Windows 2000 Native Domain + Forest with Samba 3.2.5
Alexander Stein
ajs67 at georgetown.edu
Thu Mar 3 12:31:26 MST 2011
Hello All,
I have been struggling with this for a long, long time. I came here
looking for answers. So, I have a VM running Debian Lenny. I install
the apt package samba, which installs 3.2.5. I work in a large
university with an extensive Active Directory environment, both forest
and domain running in Win2k native mode. There is a NetApp filer which
houses all our admin files, scripts, and installers. Nothing really
special. The computer, FILESERVER, is in the child domain of the
forest, whose root domain is DOMAIN.FOREST.UNIVERSITY.TLD. The root
domain is FOREST.UNIVERSITY.TLD. Now, can I mount this without joining
the domain? I have tried reading the documentation, and I think this is
telling me no.
> Use of raw SMB over TCP/IP (No NetBIOS layer) can be done only with Active Directory domains. Samba is not an Active Directory domain controller: ergo, it is not possible to run Samba as a domain controller and at the same time not use NetBIOS. Where Samba is used as an Active Directory domain member server (DMS) it is possible to configure Samba to not use NetBIOS over TCP/IP. A Samba DMS can integrate fully into an Active Directory domain, however, if NetBIOS over TCP/IP is disabled, it is necessary to manually create appropriate DNS entries for the Samba DMS because they will not be automatically generated either by Samba, or by the ADS environment. [0]
So if I do not need to join this Debian VM to the domain, what is the
proper config and/or command structure? I have toyed with "disable
netbios = yes" and "security = ads", but it still does now work well.
When I run smbclient, I can pull up a connection just fine, browse
files, and even upload.
> smbclient -L \\\\fileserver.domain.forest.university.tld\\PubShare0 -W DOMAIN.FOREST.UNIVERSITY.TLD -U my_ad_account
However, mounting it never, ever works. It mentions NBT being disabled
when getting a share list, among all the shares listed.
> Domain=[DOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
>
> Sharename Type Comment
> --------- ---- -------
> IPC$ IPC Remote IPC
> ETC$ Disk Remote Administration
> C$ Disk Remote Administration
> Data$ Disk
> PubShare0 Disk
> PubShare1 Disk
> PubShare2 Disk
> PubShare3 Disk
> PubShare5 Disk
> PubShare5 Disk
> Connection to fileserver.domain.forest.university.tld failed (Error NT_STATUS_CONNECTION_REFUSED)
> NetBIOS over TCP disabled -- no workgroup available
When I mount, I envitably get an IO error.
> BACC-UTIL-VM:/home/me# whoami
> root
> BACC-UTIL-VM:/home/me# smbmount //fileserver.domain.forest.university.tld/PubShare0 /mnt/fileserver/pubshare0/ --verbose -o domain=DOMAIN.FOREST.UNIVERSITY.TLD,user=my_ad_account
> Password:
>
> mount.cifs kernel mount options: unc=//fileserver.domain.forest.university.tld\share,ip=10.XXX.XX.XX,ver=1,domain=GEORGETOWN.MEI.GEORGETOWN.EDU,user=ajs67,pass=********mount error 5 = Input/output error
> Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)
> BACC-UTIL-VM:/home/me#
Why is this? Will it go away if and when I join the domain? The IP
address is accurate and their are proper DNS entries. None of the
variations I try work. As someone clued me in on IRC, NBT is probably
the culprit here, so I want to better understand the underlying
principle, and then figure out the correct config for the future. Sorry
for the outrageously long email, but I love my Linux and hate my
Windows. This will make my transition much, much easier.
Best,
_AJS
[0]http://samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2580798
More information about the samba
mailing list