[Samba] Samba over PPP (Linux dials up NT 4 Workstation, which is in secu re NT network)

Oleksiy Kosenkov (EAS) Oleksiy.Kosenkov at eas.ericsson.se
Mon Mar 11 07:44:05 GMT 2002


Base data:

* 1 PC running Linux (Debian), with Ethernet adapter connected to Internet
* 1 PC running NT 4 Workstation, with Ethernet adapter connected to a network with NT domain and high security. You have no rigths to setup the domain controller anyhow. There is a DHCP server in the network
* 1 serial 9pin cable

Task:

Connect Linux to NT with the serial cable, in order to access local disks of NT machine from Linux. Be able to mount a remote volume as a directory somewhere in directory tree of Linux machine. No access required to outside of NT local machine (security reason). Linux dials up NT.

Steps and difficulties:

NT side
---------
0. Pre-WARNING
If you have a service-pack installed, on every new installation of a component (TCP/IP protocol, RAS, ...) after new files are added from NT distributive CD (or, actually, any other available source - I did not have the CD by hands, and downloaded quite promiscuous), BEFORE REBOOT the machine, you ABSOLUTELY __MUST__ re-install current service pack, and only after that you can reboot! Otherwise after reboot your NT could show blue screen even before you see a login screen. Then ERDCommander from Sysinternals is the only your hope, but I don't wish anybody to deal with it ever.

1. Install direct cable connenction modem (Control Panel -> Modems -> Don't search automatically, select from list -> Standard modems -> ...)

1.1
Problem: Control Panel -> Modems applet does not start, Control Panel -> Devices applet fails with error "Not implemented in this version"
Reason: Newer version of .dll in /Winnt/system32 (it seems to me the name of the .dll is something "control"). Search Microsoft site (or Google) for the error description on the exact phrase - error message that applet Control Panel -> Devices produces.
Solution: Replace .dll with original version

1.1.1 
Problem: one can't so easy replace the .dll
Reason: the .dll is system one and used by NT, and therefore the file is locked
Solution: use a special utility InUse to replace locked .dll's

1.1.1.1 
Problem: InUse does not work
Reason: there is a lot of version of InUse, and just the one from current Microsoft site does not work with NT 4
Solution: use version 1.3 (for example, download it from http://www.geocities.com/Athens/6939/hack/inuse13.zip)

2. Configure modem and port settings, namely: flow control = hardware; speed = 115200

3. Install and configure TCP/IP, if not yet

4. Install Remote Access Service on NT machine. Configure it to only accept calls (no dial-out), bind to TCP/IP protocol, and change default option "access entire network" to more secure "access only local machine" (= disable IP forwarding). Let DHCP server assign the IP adress

4.1 
Problem: when select RAS capable device, no modems ever appear in the list. You add a new modem, and it never appears in the list of RAS capable devices. You can only add useless pads.
Reason: Telephony driver used is missing
Solution: Control Panel -> Telephony -> Telephony Drivers -> Unimodem Service Provider must be in the list

5. Manage users, assign appropriate one(s) with dial-up right. Create a share on your disk, add users that have access to it.

Linux side
------------
6. Install PPP daemon and support files. Configure it to dial-up (it's easy, a lot of manuals is available). Setup appropriately flow control = hardware, speed = 115200

7. Install smbfs module (it's installed, if you have smbmount program) 

8. Install Samba-client (you don't need entire Samba server!)  
Setup /etc/samba/smb.conf file, workgroup = NetBIOS name of NT machine (find it in Control Panel -> Network, 1st tab). 
Setup credentials file, 
username = your_NT_dialup_user_name
password = your_NT_dialup_user_password
domain = NetBIOS_name_of_your_NT_machine

7. Run pppd on appropriate port (/dev/ttyS0 for COM1). Try to connect to NT machine with smbclient. Ask me "Why failed???" :)

=== Trick ===

I don't know why. I know, how you can make it working. So,
you have to mention an IP address of your NT machine in smbclient command line (option -I). Probably you put there an IP address, assigned to NT end of your PPP connection by DHCP server in your NT network. The logic is straight: one IP address is assigned to Linux end of PPP link, another one to NT end, you can ping NT end, so you should connect to it with smbclient. And it does not work, I don't know why. You must use the IP address of the Ethernet adaptor on NT machine, and only then smbclient connects!
But you don't see the Ethernet adaptor, because your PPP connection's netmask = 255.255.255.255, so you know only one IP address from NT network, and the address is the NT end of PPP link. Well, use ifconfig ppp0 netmask=a.b.c.d to setup the mask. Your value of a.b.c.d will be your NT subnet mask (learn it from ipconfig for Ethernet adaptor). After subnet is expanded, TCP/IP understands where it should look for the IP address of Ethernet adaptor on NT machine you provide. Now you can ping both eth0 and ppp0 adaptors on NT machine.
Now run smbclient again, and set command line parameter -I to the IP address of Ethernet adaptor on your NT machine (not "the other" end of PPP connection!)  You should succeed.

8. Say thanks to me, I spent many days on this...

Regards,
0Leks1y K0senk0v




More information about the samba mailing list