Login Failure

Seth Thornberry stm at greeny.org
Mon Mar 26 02:38:03 GMT 2001


]Subject: RE: Login Failure
]
]Seth Thornberry writes:
]
]> ]Well not knowing anything about the setup, the standard answer is
]> ]workstations having DHCP addresses without forward and reverse
]> ]DNS entries and using 'hosts allow' and 'hosts deny' in the
]> ]smb.conf file.
]>
]> How is that an answer? Or is that just a description of the problem? Does
]> samba not support that kind of set up? Why does samba have to
]have the DNS
]> names of the computers accessing it? Shouldn't samba be using
]netbios names?
]> Is this documented somewhere that I'm missing?
]
]OK - when host machines connect to Samba and the 'hosts allow'
]and 'hosts deny' options are present, Samba needs to determine
]the DNS name to work out whether to allow the connection.  If the
]host does not have a reverse IP then it is automatically rejected
]as Samba cannot determine whether to allow or deny the
]connection.  This is because the code is based on the tcp wrapper
]code and netbios names are too easy to spoof.

How certain are you of this? I've used the hosts allow option for a few
weeks now, no reverse lookup on my local network, and it worked fine. The
errors started happening when I added a specific share (my only guess is
that the share has a large of amount of files in it (my mp3 collection, :) )
The part that really confuses me is that once I remove the share, it still
has the problems.

So, am I doing something wrong, or is this a bug?

]
]Er, I don't think it is actually documented anywhere.  )-:

Should it go in the FAQ then?


Q: What do I need to use samba?
A: A network with reverse lookup for every host.

??

stm
stm at greeny.org
http:/chaos.greeny.org/~stm





More information about the samba mailing list