[Samba] access my created share in smb.conf Only by Ip
L.P.H. van Belle
belle at bazuin.nl
Mon Nov 5 03:56:34 MST 2012
Hai,
This is in your DNS. dit you try removing the forwarders.
forwarders {
> 4.2.2.4
>};
Now it forwarding first and i bet you dont have internal ipnummers in your external dns server.
Im doing about the same here.
In bind, remove the forwarders. ( not needed )
set resolve.conf up like this.
domain internal.domain.tld
search internal.domain.tld internal1.domain.tld internal2.domain.tld internal3.domain.tld
## if running use own bind first
nameserver 127.0.0.1
## localnet DNS servers
nameserver 192.168.xxx.xxx
nameserver 192.168.xxx.xxx
## Provider DNS
nameserver Ip dns provider
nameserver
i have in smb.conf
name resolve order = wins host lmhosts bcast
dns proxy = yes
Louis
>-----Oorspronkelijk bericht-----
>Van: lamp.mia at gmail.com [mailto:samba-bounces at lists.samba.org]
>Namens Mohammad Ebrahim Abravi
>Verzonden: maandag 5 november 2012 5:54
>Aan: Rowland Penny; samba-technical at lists.samba.org;
>samba at lists.samba.org
>Onderwerp: Re: [Samba] access my created share in smb.conf Only by Ip
>
>*samba4 provision line : *
>provision --realm=hum-office.xxx.xx.xx --domain=HUM-Office
>--adminpass='p4$$word' --server-role=dc
>
>*smb.conf :*
>===============================================================
>=============================
># Global parameters
>[global]
> workgroup = HUM-OFFICE
> realm = hum-office.xxx.xx.xx
> netbios name = HUM-AD
> server role = active directory domain controller
> passdb backend = samba4
>
>
>[netlogon]
> path =
>/usr/local/samba/var/locks/sysvol/hum-office.xxx.xx.xx/scripts
> read only = No
>
>[sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
>[profiles]
> path =
>/usr/local/samba/var/locks/sysvol/hum-office.xxx.xx.xx/profiles
> browseable = yes
> read only = no
>
>[ShareDir]
> path = /ShareDir
> read only = No
> create mask = 0600
> directory mask = 0700
>===============================================================
>=============================
>
>
>*Bind bind-9.9.1-P2 : *
>
>built with '--with-gssapi=/usr/include/gssapi' '--prefix=/usr'
>'--mandir=/usr/share/man' '--infodir=/usr/share/info'
>'--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads'
>'--enable-largefile' '--with-libtool' '--enable-shared'
>'--enable-static'
>'--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld'
>'--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing'
>'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
>'--with-dlz-dlopen=yes' '--with-dlopen=yes'
>
>
>
>============================
>*named.conf*======================================
>include "/etc/bind/named.conf.options";
>include "/usr/local/samba/private/named.conf";
>===============================================================
>==============
>
>=============================
>*named.conf.options*=================================
>options {
> directory "/var/cache/bind";
>tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
>
>allow-recursion {
>192.168.25.0/24;127.0.0.1;192.168.113.0/24;192.168.112.0/24;};
>allow-query {
>192.168.25.0/24;127.0.0.1;192.168.113.0/24;192.168.112.0/24; };
>allow-query-cache{
>192.168.25.0/24;127.0.0.1;192.168.113.0/24;192.168.112.0/24;};
>
>forwarders {
> 4.2.2.4
>};
> dnssec-validation yes;
>
> auth-nxdomain no; # conform to RFC1035
> listen-on-v6 { any; };
>};
>server ::/0 {
> edns no;
>};
>
>server 0.0.0.0/0 {
> edns no;
>};
>===============================================================
>==============
>
>On Wed, Oct 31, 2012 at 2:22 PM, Rowland Penny <repenny at f2s.com> wrote:
>
>> Can you please give us your samba4 provision line, a copy of
>your smb.conf
>> and tell us if bind9 is running on the samba4 server.
>>
>> Without this information, nobody can start to help you sort out your
>> problem.
>>
>> Rowland
>>
>>
>> On 31/10/12 09:56, Mohammad Ebrahim Abravi wrote:
>>
>>> Hello
>>>
>>> Upgrade to samba4 rc4 But this problem not solved !!!!
>>>
>>> On Sat, Oct 20, 2012 at 12:40 PM, Rowland Penny
><rpenny at f2s.com> wrote:
>>>
>>> On 20/10/12 08:20, Mohammad Ebrahim Abravi wrote:
>>>>
>>>> Hello
>>>>>
>>>>> use your recommendations , Results:
>>>>>
>>>>> samba4 rc3
>>>>> *s4-ad -> samba server Host name
>>>>> test.s4.com -> domain name*
>>>>> *Dns Server -> Samba Internal DNS server , Bind 9.9.1-P2*
>>>>> *win xp*
>>>>>
>>>>> \\test.s4.com no access
>>>>> \\192.168.1.6 -> no access
>>>>>
>>>>> \\test.s4.com\myshare -> no access
>>>>> \\192.168.1.6\myshare -> no access
>>>>>
>>>>>
>>>>> *Note*: this options set for change mandatory profile owner to
>>>>>
>>>>> AdministratorS :
>>>>> server services = +smb -s3fs
>>>>> dcerpc endpoint servers = +winreg +srvsvc
>>>>>
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>> On Wed, Oct 17, 2012 at 6:54 PM, Carlos R. Pena Evertsz <
>>>>> carlosrpevertsz at gmail.com> wrote:
>>>>>
>>>>> Let Mohammad try my recommendations and them we will
>talk about it.
>>>>>
>>>>>>
>>>>>>
>>>>>> On 10/17/2012 9:07 AM, Rowland Penny wrote:
>>>>>>
>>>>>> On 17/10/12 15:20, Carlos R. Pena Evertsz wrote:
>>>>>>
>>>>>>> Hi Mohammad,
>>>>>>>
>>>>>>>> I had the same problem like many others, so I think
>samba should
>>>>>>>> include a note like mine in their documentation.
>>>>>>>>
>>>>>>>> This is the trick for successfully access the share with the
>>>>>>>> hostname..
>>>>>>>>
>>>>>>>> Be sure you have the following lines in the smb.conf:
>>>>>>>>
>>>>>>>> netbios name = yourhostname
>>>>>>>>
>>>>>>>> This is set by default
>>>>>>>>
>>>>>>> wins support = yes
>>>>>>> This turns on the wins server, you should only turn
>this on if it is
>>>>>>> the
>>>>>>> only one.
>>>>>>>
>>>>>>>
>>>>>>> Find the "name resolve order" directive and be sure
>you have it in
>>>>>>> the
>>>>>>>
>>>>>>>> following order.
>>>>>>>>
>>>>>>>> name resolve order = wins lmhosts hosts bcast
>>>>>>>>
>>>>>>>>
>>>>>>>> Add the following line:
>>>>>>>>
>>>>>>>> hosts allow = the host ip / mask
>>>>>>>>
>>>>>>>> Where the host ip is your server ip.
>>>>>>>> the mask is the mask you are using in
>all your windows
>>>>>>>> clients.
>>>>>>>>
>>>>>>>> If you set it like this, the only machine that will
>be able to
>>>>>>>> connect
>>>>>>>>
>>>>>>> would be the server itself. It should be, from data supplied,
>>>>>>> 192.168.1.0/255.255.255.0 This would allow any computer
>on the subnet
>>>>>>> to
>>>>>>> connect.
>>>>>>>
>>>>>>> This is the most important thing. For example If you
>have in your
>>>>>>> server
>>>>>>>
>>>>>>> the mask 255.255.0.0 then all your clients must have
>the same network
>>>>>>>> mask.
>>>>>>>> Windows clients with the same mask of the server will
>see the server
>>>>>>>> on the
>>>>>>>> network with it hostname otherwise you need to access
>the server by
>>>>>>>> its ip
>>>>>>>> number. I think this is a Windows issue but they have
>left it in this
>>>>>>>> way
>>>>>>>> so we have to live with it.
>>>>>>>>
>>>>>>>> I hope this can help you.
>>>>>>>>
>>>>>>>> I doubt it.
>>>>>>>>
>>>>>>>> Rowland
>>>>>>>
>>>>>>> Carlos
>>>>>>>
>>>>>>> Santo Domingo, Dominican Republic
>>>>>>>> On 10/17/2012 6:55 AM, Mohammad Ebrahim Abravi wrote:
>>>>>>>>
>>>>>>>> Hello
>>>>>>>>
>>>>>>>>> samba4 rc3
>>>>>>>>> *s4-ad -> samba server Host name
>>>>>>>>> test.s4.com -> domain name*
>>>>>>>>> *Dns Server -> Samba Internal DNS server , Bind 9.9.1-P2*
>>>>>>>>> *win xp*
>>>>>>>>>
>>>>>>>>> have access to default share such as sysvol by dns name (\\
>>>>>>>>> test.s4.com
>>>>>>>>> \sysvol)
>>>>>>>>>
>>>>>>>>> but if created a share in smb.conf Only access by
>IP such as :
>>>>>>>>>
>>>>>>>>> \\test.s4.com\myshare -> no access and ask me for user and
>>>>>>>>> password !
>>>>>>>>> \\192.168.1.6\myshare -> access
>>>>>>>>>
>>>>>>>>> If using *s4-ad.test.s4.com* my share accessible !!!
>>>>>>>>>
>>>>>>>>> \\test.s4.com\myshare -> no access !
>>>>>>>>> \\s4-ad.s4.com <http://test.s4.com>\myshare -> access !
>>>>>>>>>
>>>>>>>>> \\test.s4.com\sysvol -> access !
>>>>>>>>> \\*s4-ad* <http://test.s4.com>.
><http://test.s4.com>test.s4.****
>>>>>>>>> **com<
>>>>>>>>>
>>>>>>>>> http://test.s4.com>\sysvol
>>>>>>>>>
>>>>>>>>> ->
>>>>>>>>> access !
>>>>>>>>>
>>>>>>>>> Note:
>>>>>>>>> In *\\test.s4.com* seen all the shared directory, but not
>>>>>>>>> accessible
>>>>>>>>>
>>>>>>>>> in *samba alpha17* no need type *s4-ad*
>>>>>>>>>
>>>>>>>>> what happened ?
>>>>>>>>>
>>>>>>>>> This is Bug in samba4 rc3 ?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>
>>>>>> To unsubscribe from this list go to the following URL
>and read the
>>>>>> instructions:
>https://lists.samba.org/******mailman/options/samba<https://lis
>ts.samba.org/****mailman/options/samba>
>>>>>>
><https://**lists.samba.org/**mailman/**options/samba<https://li
>sts.samba.org/**mailman/options/samba>
>>>>>> >
>>>>>>
><https://**lists.samba.org/**mailman/**options/samba<http://lis
>ts.samba.org/mailman/**options/samba>
>>>>>>
><https:**//lists.samba.org/mailman/**options/samba<https://list
>s.samba.org/mailman/options/samba>
>>>>>> >
>>>>>>
>>>>>> Hello again, how did you provision the samba4 server?
>Please provide
>>>>>>
>>>>> the smb.conf from the samba4 server.
>>>>
>>>> Rowland
>>>>
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:
>https://lists.samba.org/****mailman/options/samba<https://lists
>.samba.org/**mailman/options/samba>
>>>>
><https://**lists.samba.org/mailman/**options/samba<https://list
>s.samba.org/mailman/options/samba>
>>>> >
>>>>
>>>>
>>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list