[Samba] Loosing Samba Shares Across Segments

Kimsey-Hickman, Brian Brian.Kimsey-Hickman at occompt.com
Thu Jun 6 05:46:03 GMT 2002 

I have two Samba servers configure similarly.  One shares fine across our
entire network and the other only works within its own segment.  I have
poured over the smb.conf files and cannot see what it preventing the one
from crossing segments.  These both are Debian 2.2 boxes and I am just
modifying the default smb.conf files.  I am hoping a fresh pair of eyes will
help.  Any help would be greatly appreciated.

Thanks,

Brian



Good Server with shares that cross the segment:

;
; /etc/smb.conf
;
; Sample configuration file for the Samba suite for Debian GNU/Linux
;
; Please see the manual page for smb.conf for detailed description of
;	every parameter.
;

[global]
   printing = bsd
   printcap name = /etc/printcap
   load printers = yes
   guest account = nobody
   invalid users = root

; "security = user" is always a good idea. This will require a Unix account
;	in this server for every user accessing the server.
;  security = user
   security = domain

   password server = compt-401p

; Change this for the workgroup your Samba server will part of
   workgroup = COMPTROLLER

    server string = Debian GNU/Linux
;   server string = %h server (Samba %v)

; If you want Samba to log though syslog only then set the following
;	parameter to 'yes'. Please note that logging through syslog in
;	Samba is still experimental.
   syslog only = no

; We want Samba to log a minimum amount of information to syslog. Everything
;	should go to /var/log/{smb,nmb} instead. If you want to log through
;	syslog you should set the following parameter to something higher.
   syslog = 0;

; This socket options really speed up Samba under Linux, according to my
;	own tests.
   socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096

; Passwords are encrypted by default. This way the latest Windows 95 and NT
;	clients can connect to the Samba server with no problems.
   encrypt passwords = yes

; It's always a good idea to use a WINS server. If you want this server
;	to be the WINS server for your network change the following
parameter
;	to "yes". Otherwise leave it as "no" and specify your WINS server
; 	below (note: only one Samba server can be the WINS server).
;	Read BROWSING.txt for more details.
   wins support = no

; If this server is not the WINS server then specify who is it and uncomment
;	next line.
   wins server = 172.30.4.8

; Please read BROWSING.txt and set the next four parameters according
;	to your network setup. There is no valid default so they are
commented
;	out.
;   os level = 0
;   domain master = no
;   local master = no
;   preferred master = no

; What naming service and in what order should we use to resolve host names
;	to IP addresses
   name resolve order = lmhosts host wins bcast

; This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

; Name mangling options

   preserve case = yes
   short preserve case = yes

; This boolean parameter controlls whether Samba attempts to sync. the Unix
;	password with the SMB password when the encrypted SMB password in
the
;	/etc/samba/smbpasswd file is changed.
   unix password sync = false

; For Unix password sync. to work on a Debian GNU/Linux system, the
following
;	parameters must be set (thanks to Augustin Luton
;	<aluton at hybrigenics.fr> for sending the correct chat script for
;	the passwd program in Debian Potato).
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .

; The following parameter is useful only if you have the linpopup package
;	installed. The samba maintainer and the linpopup maintainer are
;	working to ease installation and configuration of linpopup and
samba.
;   message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

; The default maximum log file size is 5 MBytes. That's too big so this
;	next parameter sets it to 1 MByte. Currently, Samba rotates log
;	files (/var/log/{smb,nmb} in Debian) when these files reach 1000
KBytes.
;	A better solution would be to have Samba rotate the log file upon
;	reception of a signal, but for now on, we have to live with this.
   max log size = 1000


[homes]
   comment = Home Directories
   browseable = no

; By default, the home directories are exported read only. Change next
;	parameter to "no" if you want to be able to write to them.
   read only = yes

; File creation mask is set to 0700 for security reasons. If you want to
;	create files with group=rw permissions, set next parameter to 0775.
   create mask = 0700

; Directory creation mask is set to 0700 for security reasons. If you want
to
;	create dirs. with group=rw permissions, set next parameter to 0775.
   directory mask = 0700

[printers]
   comment = All Printers
   browseable = no
   path = /tmp
   printable = yes
   public = no
   writable = no
   create mode = 0700

; A sample share for sharing your CD-ROM with others.
[cdrom]
   comment = Samba server's CD-ROM
   writable = no
   locking = no
   path = /cdrom
   public = yes
;
; The next two parameters show how to auto-mount a CD-ROM when the
;	cdrom share is accesed. For this to work /etc/fstab must contain
;	an entry like this:
;
;       /dev/scd0   /cdrom  iso9660 defaults,noauto,ro,user   0 0
;
; The CD-ROM gets unmounted automatically after the connection to the
;
; If you don't want to use auto-mounting/unmounting make sure the CD
;	is mounted on /cdrom
;
;   preexec = /bin/mount /cdrom
;   postexec = /bin/umount /cdrom
[Landrew]
path = /home/landrew
comment = Landrew Files
read only = yes
public = yes
writable = yes
create mask = 744

Bad Server with Sares that Cannot Cross the Segment 

;
; /etc/smb.conf
;
; Sample configuration file for the Samba suite for Debian GNU/Linux
;
; Please see the manual page for smb.conf for detailed description of
;	every parameter.
;

[global]
   printing = bsd
   printcap name = /etc/printcap
   load printers = yes
   guest account = nobody
   invalid users = root

; "security = user" is always a good idea. This will require a Unix account
;	in this server for every user accessing the server.
;   security = user

    security = domain
    password server = compt-401p
    domain logons = no

; Change this for the workgroup your Samba server will part of
;   workgroup = WORKGROUP

    workgroup = COMPTROLLER 

;   server string = %h server (Samba %v)

    server string = Alpha FTP Server

; If you want Samba to log though syslog only then set the following
;	parameter to 'yes'. Please note that logging through syslog in
;	Samba is still experimental.
   syslog only = no

; We want Samba to log a minimum amount of information to syslog. Everything
;	should go to /var/log/{smb,nmb} instead. If you want to log through
;	syslog you should set the following parameter to something higher.
   syslog = 0;

; This socket options really speed up Samba under Linux, according to my
;	own tests.
   socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096

; Passwords are encrypted by default. This way the latest Windows 95 and NT
;	clients can connect to the Samba server with no problems.
   encrypt passwords = yes

; It's always a good idea to use a WINS server. If you want this server
;	to be the WINS server for your network change the following
parameter
;	to "yes". Otherwise leave it as "no" and specify your WINS server
; 	below (note: only one Samba server can be the WINS server).
;	Read BROWSING.txt for more details.
   wins support = no

; If this server is not the WINS server then specify who is it and uncomment
;	next line.

   wins server = 172.30.4.8

; Please read BROWSING.txt and set the next four parameters according
;	to your network setup. There is no valid default so they are
commented
;	out.
   os level = 0
   domain master = no
   local master = no
   preferred master = no

; What naming service and in what order should we use to resolve host names
;	to IP addresses
   name resolve order = lmhosts host wins bcast

; This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

; Name mangling options

   preserve case = yes
   short preserve case = yes

; This boolean parameter controlls whether Samba attempts to sync. the Unix
;	password with the SMB password when the encrypted SMB password in
the
;	/etc/samba/smbpasswd file is changed.
   unix password sync = false

; For Unix password sync. to work on a Debian GNU/Linux system, the
following
;	parameters must be set (thanks to Augustin Luton
;	<aluton at hybrigenics.fr> for sending the correct chat script for
;	the passwd program in Debian Potato).
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .

; The following parameter is useful only if you have the linpopup package
;	installed. The samba maintainer and the linpopup maintainer are
;	working to ease installation and configuration of linpopup and
samba.
;   message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

; The default maximum log file size is 5 MBytes. That's too big so this
;	next parameter sets it to 1 MByte. Currently, Samba rotates log
;	files (/var/log/{smb,nmb} in Debian) when these files reach 1000
KBytes.
;	A better solution would be to have Samba rotate the log file upon
;	reception of a signal, but for now on, we have to live with this.
   max log size = 1000


;[homes]
;   comment = Home Directories
;   browseable = no

; By default, the home directories are exported read only. Change next
;	parameter to "no" if you want to be able to write to them.
;   read only = yes

; File creation mask is set to 0700 for security reasons. If you want to
;	create files with group=rw permissions, set next parameter to 0775.
;   create mask = 0700

; Directory creation mask is set to 0700 for security reasons. If you want
to
;	create dirs. with group=rw permissions, set next parameter to 0775.
;   directory mask = 0700

; [printers]
;   comment = All Printers
;   browseable = no
;   path = /tmp
;   printable = yes
;   public = no
;   writable = no
;   create mode = 0700
;
; A sample share for sharing your CD-ROM with others.
;[cdrom]
;   comment = Samba server's CD-ROM
;   writable = no
;   locking = no
;   path = /cdrom
;   public = yes
;
[ordata]
   comment = OR Database
   writable = yes
   path = /sdc1/ftp/ordata
   public = yes
   browseable = yes
   create mode = 770
   volume = "ordata"

; The next two parameters show how to auto-mount a CD-ROM when the
;	cdrom share is accesed. For this to work /etc/fstab must contain
;	an entry like this:
;
;       /dev/scd0   /cdrom  iso9660 defaults,noauto,ro,user   0 0
;
; The CD-ROM gets unmounted automatically after the connection to the
;
; If you don't want to use auto-mounting/unmounting make sure the CD
;	is mounted on /cdrom
;
;   preexec = /bin/mount /cdrom
;   postexec = /bin/umount /cdrom

More information about the samba mailing list