[Samba] Loosing Samba Shares Across Segments
Jason Stewart
jstewart at rtl.org
Thu Jun 6 05:51:07 GMT 2002
Can you ping the WINS server from the 'bad' Samba server? Can you actually
see the 'bad' machine while broswing the network and just cant connect to
the share, or is it not visible at all from the other network segment?
Good Luck,
Jason
At 08:41 AM 6/6/2002 -0400, Kimsey-Hickman, Brian wrote:
>I have two Samba servers configure similarly. One shares fine across our
>entire network and the other only works within its own segment. I have
>poured over the smb.conf files and cannot see what it preventing the one
>from crossing segments. These both are Debian 2.2 boxes and I am just
>modifying the default smb.conf files. I am hoping a fresh pair of eyes will
>help. Any help would be greatly appreciated.
>
>Thanks,
>
>Brian
>
>
>
>Good Server with shares that cross the segment:
>
>;
>; /etc/smb.conf
>;
>; Sample configuration file for the Samba suite for Debian GNU/Linux
>;
>; Please see the manual page for smb.conf for detailed description of
>; every parameter.
>;
>
>[global]
> printing = bsd
> printcap name = /etc/printcap
> load printers = yes
> guest account = nobody
> invalid users = root
>
>; "security = user" is always a good idea. This will require a Unix account
>; in this server for every user accessing the server.
>; security = user
> security = domain
>
> password server = compt-401p
>
>; Change this for the workgroup your Samba server will part of
> workgroup = COMPTROLLER
>
> server string = Debian GNU/Linux
>; server string = %h server (Samba %v)
>
>; If you want Samba to log though syslog only then set the following
>; parameter to 'yes'. Please note that logging through syslog in
>; Samba is still experimental.
> syslog only = no
>
>; We want Samba to log a minimum amount of information to syslog. Everything
>; should go to /var/log/{smb,nmb} instead. If you want to log through
>; syslog you should set the following parameter to something higher.
> syslog = 0;
>
>; This socket options really speed up Samba under Linux, according to my
>; own tests.
> socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
>
>; Passwords are encrypted by default. This way the latest Windows 95 and NT
>; clients can connect to the Samba server with no problems.
> encrypt passwords = yes
>
>; It's always a good idea to use a WINS server. If you want this server
>; to be the WINS server for your network change the following
>parameter
>; to "yes". Otherwise leave it as "no" and specify your WINS server
>; below (note: only one Samba server can be the WINS server).
>; Read BROWSING.txt for more details.
> wins support = no
>
>; If this server is not the WINS server then specify who is it and uncomment
>; next line.
> wins server = 172.30.4.8
>
>; Please read BROWSING.txt and set the next four parameters according
>; to your network setup. There is no valid default so they are
>commented
>; out.
>; os level = 0
>; domain master = no
>; local master = no
>; preferred master = no
>
>; What naming service and in what order should we use to resolve host names
>; to IP addresses
> name resolve order = lmhosts host wins bcast
>
>; This will prevent nmbd to search for NetBIOS names through DNS.
> dns proxy = no
>
>; Name mangling options
>
> preserve case = yes
> short preserve case = yes
>
>; This boolean parameter controlls whether Samba attempts to sync. the Unix
>; password with the SMB password when the encrypted SMB password in
>the
>; /etc/samba/smbpasswd file is changed.
> unix password sync = false
>
>; For Unix password sync. to work on a Debian GNU/Linux system, the
>following
>; parameters must be set (thanks to Augustin Luton
>; <aluton at hybrigenics.fr> for sending the correct chat script for
>; the passwd program in Debian Potato).
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
>*Retype\snew\sUNIX\spassword:* %n\n .
>
>; The following parameter is useful only if you have the linpopup package
>; installed. The samba maintainer and the linpopup maintainer are
>; working to ease installation and configuration of linpopup and
>samba.
>; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
>
>; The default maximum log file size is 5 MBytes. That's too big so this
>; next parameter sets it to 1 MByte. Currently, Samba rotates log
>; files (/var/log/{smb,nmb} in Debian) when these files reach 1000
>KBytes.
>; A better solution would be to have Samba rotate the log file upon
>; reception of a signal, but for now on, we have to live with this.
> max log size = 1000
>
>
>[homes]
> comment = Home Directories
> browseable = no
>
>; By default, the home directories are exported read only. Change next
>; parameter to "no" if you want to be able to write to them.
> read only = yes
>
>; File creation mask is set to 0700 for security reasons. If you want to
>; create files with group=rw permissions, set next parameter to 0775.
> create mask = 0700
>
>; Directory creation mask is set to 0700 for security reasons. If you want
>to
>; create dirs. with group=rw permissions, set next parameter to 0775.
> directory mask = 0700
>
>[printers]
> comment = All Printers
> browseable = no
> path = /tmp
> printable = yes
> public = no
> writable = no
> create mode = 0700
>
>; A sample share for sharing your CD-ROM with others.
>[cdrom]
> comment = Samba server's CD-ROM
> writable = no
> locking = no
> path = /cdrom
> public = yes
>;
>; The next two parameters show how to auto-mount a CD-ROM when the
>; cdrom share is accesed. For this to work /etc/fstab must contain
>; an entry like this:
>;
>; /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
>;
>; The CD-ROM gets unmounted automatically after the connection to the
>;
>; If you don't want to use auto-mounting/unmounting make sure the CD
>; is mounted on /cdrom
>;
>; preexec = /bin/mount /cdrom
>; postexec = /bin/umount /cdrom
>[Landrew]
>path = /home/landrew
>comment = Landrew Files
>read only = yes
>public = yes
>writable = yes
>create mask = 744
>
>Bad Server with Sares that Cannot Cross the Segment
>
>;
>; /etc/smb.conf
>;
>; Sample configuration file for the Samba suite for Debian GNU/Linux
>;
>; Please see the manual page for smb.conf for detailed description of
>; every parameter.
>;
>
>[global]
> printing = bsd
> printcap name = /etc/printcap
> load printers = yes
> guest account = nobody
> invalid users = root
>
>; "security = user" is always a good idea. This will require a Unix account
>; in this server for every user accessing the server.
>; security = user
>
> security = domain
> password server = compt-401p
> domain logons = no
>
>; Change this for the workgroup your Samba server will part of
>; workgroup = WORKGROUP
>
> workgroup = COMPTROLLER
>
>; server string = %h server (Samba %v)
>
> server string = Alpha FTP Server
>
>; If you want Samba to log though syslog only then set the following
>; parameter to 'yes'. Please note that logging through syslog in
>; Samba is still experimental.
> syslog only = no
>
>; We want Samba to log a minimum amount of information to syslog. Everything
>; should go to /var/log/{smb,nmb} instead. If you want to log through
>; syslog you should set the following parameter to something higher.
> syslog = 0;
>
>; This socket options really speed up Samba under Linux, according to my
>; own tests.
> socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
>
>; Passwords are encrypted by default. This way the latest Windows 95 and NT
>; clients can connect to the Samba server with no problems.
> encrypt passwords = yes
>
>; It's always a good idea to use a WINS server. If you want this server
>; to be the WINS server for your network change the following
>parameter
>; to "yes". Otherwise leave it as "no" and specify your WINS server
>; below (note: only one Samba server can be the WINS server).
>; Read BROWSING.txt for more details.
> wins support = no
>
>; If this server is not the WINS server then specify who is it and uncomment
>; next line.
>
> wins server = 172.30.4.8
>
>; Please read BROWSING.txt and set the next four parameters according
>; to your network setup. There is no valid default so they are
>commented
>; out.
> os level = 0
> domain master = no
> local master = no
> preferred master = no
>
>; What naming service and in what order should we use to resolve host names
>; to IP addresses
> name resolve order = lmhosts host wins bcast
>
>; This will prevent nmbd to search for NetBIOS names through DNS.
> dns proxy = no
>
>; Name mangling options
>
> preserve case = yes
> short preserve case = yes
>
>; This boolean parameter controlls whether Samba attempts to sync. the Unix
>; password with the SMB password when the encrypted SMB password in
>the
>; /etc/samba/smbpasswd file is changed.
> unix password sync = false
>
>; For Unix password sync. to work on a Debian GNU/Linux system, the
>following
>; parameters must be set (thanks to Augustin Luton
>; <aluton at hybrigenics.fr> for sending the correct chat script for
>; the passwd program in Debian Potato).
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
>*Retype\snew\sUNIX\spassword:* %n\n .
>
>; The following parameter is useful only if you have the linpopup package
>; installed. The samba maintainer and the linpopup maintainer are
>; working to ease installation and configuration of linpopup and
>samba.
>; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
>
>; The default maximum log file size is 5 MBytes. That's too big so this
>; next parameter sets it to 1 MByte. Currently, Samba rotates log
>; files (/var/log/{smb,nmb} in Debian) when these files reach 1000
>KBytes.
>; A better solution would be to have Samba rotate the log file upon
>; reception of a signal, but for now on, we have to live with this.
> max log size = 1000
>
>
>;[homes]
>; comment = Home Directories
>; browseable = no
>
>; By default, the home directories are exported read only. Change next
>; parameter to "no" if you want to be able to write to them.
>; read only = yes
>
>; File creation mask is set to 0700 for security reasons. If you want to
>; create files with group=rw permissions, set next parameter to 0775.
>; create mask = 0700
>
>; Directory creation mask is set to 0700 for security reasons. If you want
>to
>; create dirs. with group=rw permissions, set next parameter to 0775.
>; directory mask = 0700
>
>; [printers]
>; comment = All Printers
>; browseable = no
>; path = /tmp
>; printable = yes
>; public = no
>; writable = no
>; create mode = 0700
>;
>; A sample share for sharing your CD-ROM with others.
>;[cdrom]
>; comment = Samba server's CD-ROM
>; writable = no
>; locking = no
>; path = /cdrom
>; public = yes
>;
>[ordata]
> comment = OR Database
> writable = yes
> path = /sdc1/ftp/ordata
> public = yes
> browseable = yes
> create mode = 770
> volume = "ordata"
>
>; The next two parameters show how to auto-mount a CD-ROM when the
>; cdrom share is accesed. For this to work /etc/fstab must contain
>; an entry like this:
>;
>; /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
>;
>; The CD-ROM gets unmounted automatically after the connection to the
>;
>; If you don't want to use auto-mounting/unmounting make sure the CD
>; is mounted on /cdrom
>;
>; preexec = /bin/mount /cdrom
>; postexec = /bin/umount /cdrom
>
>
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: http://lists.samba.org/mailman/listinfo/samba
Jason Stewart
Systems Administrator/Programmer
Right to Life of Michigan
Tel: (616)532-2300
Fax: (616)532-3461
To find out where Michigan Gubernatorial Candidate Jennifer Granholm really
stands, please visit http://www.granholmgarble.com/
More information about the samba
mailing list