[Samba] cross subnet browsing/domain logon problem
John Twyman
j.twyman at es.usyd.edu.au
Wed Mar 5 03:58:19 GMT 2003
Dear all,
I'm having great difficulty getting cross-subnet domain logon & browsing to
work and have nearly reached the end of my sanity trying to figure out
what's wrong. Here's my setup and what's happening (apologies if it is
convoluted):
Subnet A
One Samba PDC with encrypted passwords.
One samba file server
Subnet B
One Samba file server (serverB) that is the *local master* for subnet B
with encrypted passwords and security=domain.
I have added serverB to the domain by successfully running smbpasswd -j
DOMAIN -r PDC -U admin%adminpasswd
I can run smbclient //serverB/homes from Subnet A with success.
I can get Windows 9x machines in Subnet A to successfully mount
//serverB/homes via a startup script executed during logon.
I can get a WinXP machine in Subnet B to authenticate against the PDC
however no startup script is executed.
I can run smbclient -L localhost from serverB with success, although no
Master is specified for the workgroup DOMAIN. Also, the homes share does
not appear in the list of available shares, just a public share, a printer
share & IPC$ & ADMIN$
I canNOT get a Win 9x machine in Subnet B to find the PDC for domain logon
authentication, despite it being specified as the WINS server in its
networking config.
I canNOT run smbclient //serverB/homes from serverB itself, nor smbclient
-L //serverB. Here's what I get:
Got a positive name query response from PDC_IP ( serverB IP )
session request to serverB failed (Not listening for calling name)
Got a positive name query response from PDC_IP ( serverB IP )
session request to *SMBSERVER failed (Not listening for calling name)
Looking through the nmbd daemon log files on serverB I find the following:
Samba name server serverB is now a local master browser for workgroup DOMAIN
find_domain_master_name_query_fail:
Unable to find the Domain Master Browser name DOMAIN<1b> for the
workgroup DOMAIN.
Unable to sync browse lists in this workgroup.
Running nmblookup -MT DOMAIN also fails, stating "name_query failed to find
name DOMAIN#1d"
I have the IP address of the PDC specified in serverB's remote browse sync
directive in smb.conf
Conversely, the IP address of serverB is specified in the PDC's remote
browse sync directive.
serverB is RedHat 7.3 running the samba 2.2.7-1.7.3 rpm
PDC is RedHat 8.0 running the samba 2.2.7-2 rpm
There are no firewalls or Access Control Lists in place on the router that
might stop packets from travelling between the subnets.
Below I've included the relevant directives from the PDC smb.conf and the
serverB smb.conf file:
PDC smb.conf
[global]
workgroup = DOMAIN
security = user
encrypt passwords = yes
smb passwd file = /path/to/smbpasswd
remote browse sync = a.b.c.d (ip of serverB)
remote announce = a.b.c.255 (broadcast address for Subnet B)
local master = yes
domain master = yes
preferred master = yes
domain logons = yes
logon drive = U:
wins support = yes
wins proxy = yes
serverB smb.conf
[global]
workgroup = DOMAIN
security = domain
password server = PDC_Name (I've also tried specifying the IP address of
the PDC here too)
encrypt passwords = yes
smb passwd file = /path/to/smbpasswd (commenting this line out has made no
difference either)
remote browse sync = a.b.e.f (ip of PDC)
remote announce = a.b.e.255 (broadcast address for Subnet A)
local master = yes
domain master = no
preferred master = yes
wins server = a.b.e.f (ip of PDC)
name resolve order = wins lmhosts host bcast (the PDC is listed in the lmhosts)
---
Any help would truly be appreciated.
Many thanks,
John
john twyman
school of geosciences
university of sydney
m: +61 401 992 836
e: j.twyman at es.usyd.edu.au
More information about the samba
mailing list