[Samba] Access to shares from within and outside of a Domain
Marian Mlcoch, Ing
mm at tsmp.sk
Thu Jul 31 13:03:39 GMT 2003
Hi
send not snipped all smb.conf and schematic router net conf of your servers
and clients that one work and one not.
Domain not domain is not exact diferent ... for standalone servers.
You must have any missed config.
Send list of users from smbpasswd.
Bye.
----- Original Message -----
From: "Richard Booth" <r.booth at ulcc.ac.uk>
To: "Marian Mlcoch, Ing" <mm at tsmp.sk>
Cc: <samba at lists.samba.org>
Sent: Thursday, July 31, 2003 12:00 PM
Subject: Re: [Samba] Access to shares from within and outside of a Domain
> Hi Marian,
>
> Guess what I'm really trying to do is make my share available to systems
> within our domain *and* to stand alone workstations (ie *not* in the
> domain). Unless I'm missing something obvious, it seems that you can do
> one or the other, but not both at the same time (although, i can't
> believe there's not a way of doing this)!
>
> The Domain and workstations also sit on different networks, hence the 2
> NIC's.
>
> I've looked into smb.conf settings using both "security = user" and
> "security = share" (from the documentation, it would also appear that
> "security = domain" will essentially provide the same type of
> authentication as "security = user").
>
> If I use "share" I get to the share from the workstations, without
> authenticating, but cannot map the share from the domain.
> If I use "users" I can get to the shares from our domain, with a valid
> account, but get asked to authenticate from the stand alone machines.
>
> This situation has arisen, as we need to backup systems within our
> domain and some stand alone workstations. I want to be able to provide a
> share that is available without authentication to either group of systems.
>
> Do you or any one in the samba community have any suggestions? Is this
> possible with samba?
>
> Thanks,
>
> Richard.
>
> >Your problem is not samba but domain controller on eth2 subnet.
> >W2k users on this net is joined to domain and samba not. Try create
acount
> >for samba on machine control panel W2k PDC as standalone NT server. Or
> >simply join samba to domain from samba by smbpasswd -j ...
> >
> >Bye.
> >
> >----- Original Message -----
> >From: "Richard Booth" <r.booth at ulcc.ac.uk>
> >To: <samba at lists.samba.org>
> >Sent: Tuesday, July 29, 2003 4:28 PM
> >Subject: [Samba] Access to shares via two NIC
> >
> >
> >
> >
> >>Hi,
> >>
> >>I have the following problem with samba:
> >>
> >>The set up:
> >>Redhat 9.0 system, with two NIC's (eth1/2) for two networks.
> >>
> >>Shares available:
> >><eth1># smbclient -L \\\\TEST28 -U%
> >><eth2># smbclient -L \\\\TEST25 -U%
> >>Both give -
> >>added interface ip=192.21.28.10 bcast=192.21.28.255 nmask=255.255.255.0
> >>added interface ip=129.21.25.3 bcast=192.21.25.255 nmask=255.255.255.0
> >>Domain=[WINS-BU] OS=[Unix] Server=[Samba 2.2.7-security-rollup-fix]
> >> Sharename Type Comment
> >> --------- ---- -------
> >> data1 Disk Data Share
> >> IPC$ IPC IPC Service (Windows servers bachup
shares)
> >> ADMIN$ Disk IPC Service (Windows servers bachup shares)
> >>
> >> Server Comment
> >> --------- -------
> >> TEST
> >>
> >>smb.conf:
> >>[global]
> >> <snip>
> >> encrypt passwords = yes
> >> smb passwd file = /etc/samba/smbpasswd
> >> guest account = nobody
> >> allow hosts = x y z etc
> >> <snip>
> >>[Data]
> >> comment = Test Group Share
> >> path = /data
> >> browseable = yes
> >> writable = yes
> >> guest ok = yes
> >>
> >>Cleints connecting to smb server:
> >>All W2K server or W2K professional on both networks.
> >>
> >>The problem:
> >>Share /data1 can be seen and accessed using the guest account, by all
> >>system on interface eth1, but -
> >>
> >>Share /data1 can *not* be accessed using the guest account, by any
> >>system, on interface eth2.
> >>I get the classic error message "The account is not authorized to log in
> >>from this station"
> >>
> >>The only difference between the networks is that eth1 tends to have
> >>stand alone systems, whilst the
> >>systems on eth2 belong to a domain.
> >>
> >>This is driving me nuts! Any help would be much appreciated.
> >>
> >>Cheers,
> >>
> >>--
> >>To unsubscribe from this list go to the following URL and read the
> >>instructions: http://lists.samba.org/mailman/listinfo/samba
> >>
> >>
> >
> >
> >
> >
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list