[Samba] Access to shares from within and outside of a Domain
r.booth at ulcc.ac.uk
Thu Jul 31 10:00:44 GMT 2003
Guess what I'm really trying to do is make my share available to systems
within our domain *and* to stand alone workstations (ie *not* in the
domain). Unless I'm missing something obvious, it seems that you can do
one or the other, but not both at the same time (although, i can't
believe there's not a way of doing this)!
The Domain and workstations also sit on different networks, hence the 2
I've looked into smb.conf settings using both "security = user" and
"security = share" (from the documentation, it would also appear that
"security = domain" will essentially provide the same type of
authentication as "security = user").
If I use "share" I get to the share from the workstations, without
authenticating, but cannot map the share from the domain.
If I use "users" I can get to the shares from our domain, with a valid
account, but get asked to authenticate from the stand alone machines.
This situation has arisen, as we need to backup systems within our
domain and some stand alone workstations. I want to be able to provide a
share that is available without authentication to either group of systems.
Do you or any one in the samba community have any suggestions? Is this
possible with samba?
>Your problem is not samba but domain controller on eth2 subnet.
>W2k users on this net is joined to domain and samba not. Try create acount
>for samba on machine control panel W2k PDC as standalone NT server. Or
>simply join samba to domain from samba by smbpasswd -j ...
>----- Original Message -----
>From: "Richard Booth" <r.booth at ulcc.ac.uk>
>To: <samba at lists.samba.org>
>Sent: Tuesday, July 29, 2003 4:28 PM
>Subject: [Samba] Access to shares via two NIC
>>I have the following problem with samba:
>>The set up:
>>Redhat 9.0 system, with two NIC's (eth1/2) for two networks.
>><eth1># smbclient -L \\\\TEST28 -U%
>><eth2># smbclient -L \\\\TEST25 -U%
>>Both give -
>>added interface ip=184.108.40.206 bcast=220.127.116.11 nmask=255.255.255.0
>>added interface ip=18.104.22.168 bcast=22.214.171.124 nmask=255.255.255.0
>>Domain=[WINS-BU] OS=[Unix] Server=[Samba 2.2.7-security-rollup-fix]
>> Sharename Type Comment
>> --------- ---- -------
>> data1 Disk Data Share
>> IPC$ IPC IPC Service (Windows servers bachup shares)
>> ADMIN$ Disk IPC Service (Windows servers bachup shares)
>> Server Comment
>> --------- -------
>> encrypt passwords = yes
>> smb passwd file = /etc/samba/smbpasswd
>> guest account = nobody
>> allow hosts = x y z etc
>> comment = Test Group Share
>> path = /data
>> browseable = yes
>> writable = yes
>> guest ok = yes
>>Cleints connecting to smb server:
>>All W2K server or W2K professional on both networks.
>>Share /data1 can be seen and accessed using the guest account, by all
>>system on interface eth1, but -
>>Share /data1 can *not* be accessed using the guest account, by any
>>system, on interface eth2.
>>I get the classic error message "The account is not authorized to log in
>>from this station"
>>The only difference between the networks is that eth1 tends to have
>>stand alone systems, whilst the
>>systems on eth2 belong to a domain.
>>This is driving me nuts! Any help would be much appreciated.
>>To unsubscribe from this list go to the following URL and read the
More information about the samba