Problems with access outside domain
Wayne Stout
waynestout at hantover.com
Mon Feb 26 09:03:55 GMT 2001
Greetings, everyone.
I've got a RH 6.2 / Samba 2.0.7 file server with which I am having
difficulties. Our network consists of the following:
1 NT4 domain (Hantkc), 1 PDC (APS02) and 1 BDC (APS01). All pc's that
validate to the domain are NT4 Workstation.
8 Workgroups that do *not* validate to the Hantkc domain. These are
mainly Win95 machines, with a few NT machines scattered in for good
measure. These are workgroups, not actual domains.
Samba is set up with "security = domain", which is probably part of the
problem.
PC's that validate to the domain can view the Samba shares with no
trouble. NT machines that are not in the domain can see the shares only
if I specify the "no-password" option on their smbuser account. (I use
Webmin for this)
However, I can't get the 95 machines to see all of the shares. If I log
into a Win95 machine as myself, I can see files in 3 out of the 5
shares, cannot access my personal share, and can see folders in the
Public share, but no files appear and I cannot copy a file to the share.
In the logs, I get the following errors:
[2001/02/22 15:57:20, 1] smbd/service.c:close_cnum(583)
creative (128.2.1.50) closed connection to service public
[2001/02/22 15:58:01, 0]
rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_NO_SUCH_USER
[2001/02/22 15:58:01, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user wayne in
domain M
ARKETING to Domain controller APS02. Error was NT_STATUS_NO_SUCH_USER.
[2001/02/22 15:58:01, 1] smbd/service.c:make_connection(550)
creative (128.2.1.50) connect to service public as user wayne
(uid=819, gid=10
1) (pid 23270)
My /etc/smb.conf looks like this:
[global]
workgroup = HANTKC
netbios name = CPQ350
server string = Samba Server
hosts allow = 128.2. 127.
printcap name = /etc/printcap
load printers = no
log file = /var/log/samba/log.%m
max log size = 50
security = domain
password server = APS02,APS01
domain master = no
local master = no
preferred master = no
os level = 0
encrypt passwords = yes
smb passwd file = /etc/smbpasswd
root preexec = /usr/local/bin/smblog.sh %u
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
remote browse sync = 128.2.0.0
remote announce = 128.2.255.255
name resolve order = hosts lmhosts bcast
dns proxy = no
[homes]
comment = Home Directories
path = /s2/%m
browseable = no
writable = yes
[public]
printable = no
comment = Public Stuff
case sensitive = yes
short preserve case = yes
preserve case = yes
writable = yes
path = /s1/public
public = yes
directory mask = 0777
[vsiweb]
comment = VSI Fax webserver directory
path = /usr/vsifax3/webserver
valid users = wayne,doug
public = no
writable = yes
printable = no
[mis]
comment = MIS share
path = /s1/mis
valid users = @mis
public = no
writable = yes
printable = no
[rpt]
comment = Reports
path = /s1/rpt
[sales]
path = /s1/sales
I don't understand why I can see the Mis, Rpt, and vsiweb shares fine,
but cannot see the Public and home share.
Anyone have any ideas? I was hoping to use Domain security, but I am
beginning to think I won't be able to.
Thanks in advance.
Wayne
More information about the samba-ntdom
mailing list