[Samba] Trusted domain problem (maybe networking)
Misty Stanley-Jones
misty at borkholder.com
Tue Dec 14 22:57:36 GMT 2004
On Tuesday 14 December 2004 16:57, Ryan Novosielski wrote:
> I do the same thing. I would set your remote browse sync, however, to the
> "other" server.
>
> What I do on my two WINS servers (on different campuses) is:
>
> On server A:
> remote browse sync = serverb.ip.address.here
> On server B:
> remote browse sync = servera.ip.address.here
I tried this and still it does not work. The funny thing is that tcpdump does
show me some netbios traffic between the two servers but it doesn't seem to
be the -right- traffic. 'nmblookup' does not work across the subnets for
some reason. I even tried adding a subnet mask of 255.255.0.0 into the
interfaces directive so that the nmb's would listen on both 192.168.1.x and
192.168.2.x, but still no dice.
Misty
>
> ---- _ _ _ _ ___ _ _ _
>
> |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III
> |$&| |__| | | |__/ | \| _| | novosirj at umdnj.edu - 973/972.0922 (2-0922)
>
> \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630
>
> On Tue, 14 Dec 2004, Misty Stanley-Jones wrote:
> > Hello,
> >
> > I have spent the afternoon learning how to configure my routers to allow
> > directed-broadcast with an access list, so that I can allow two different
> > domains on different subnets to trust each other. Now I can do a
> > broadcast ping from either subnet to the other, and I can also do
> > smbclient -L <remote_pdc> and get the shares, from one side. From the
> > other side I cannot. Let me clarify here.
> >
> > PDC A is called CORPSRV, controls domain CORP, and has IP address
> > 192.168.1.101
> > PDC B is called FURNSRV, controls domain FURN, and has IP address
> > 192.168.2.3
> >
> > From CORPSRV, I can broadcast ping to 192.168.2.255 (and 192.168.2.3
> > answers) and I can successfully do "smbclient -L FURNSRV".
> >
> > From FURNSRV, I can broadcast ping to 192.168.1.255, but cannot do
> > "smbclient -L CORPSRV". I get no errors on CORPSRV, but FURNSRV says the
> > following: furnsrv:~ # smbclient -L CORPSRV
> > Connection to CORPSRV failed
> >
> > I think this is why the 'net rpc trustdom" commands fail. But they fail
> > on both sides.
> >
> > Each PDC is acting as the WINS server for its subnet. Below are
> > relevant portions of the smb.conf files:
> >
> > CORPSRV
> > ---------------------
> > wins support = yes
> > domain logons = yes
> > os level = 100
> > preferred master = yes
> > domain master = yes
> > remote announce = 192.168.2.255/CORP
> > remote browse sync = 192.168.2.255
> >
> > FURNSRV
> > ---------------------
> > wins support = Yes
> > wins proxy = Yes
> > os level = 100
> > preferred master = yes
> > domain master = yes
> > local master = yes
> > remote announce = 192.168.1.255/FURN
> > remote browse sync = 192.168.1.255
> > name resolve order = wins bcast host
> >
> > I can't really remember why I have all the settings on FURNSRV so I
> > didn't add them all to CORPSRV just because they are there. It looks
> > like from the docs that I should only have one "wins support = Yes" but
> > I'm not sure if that's per subnet or not. Any advice would be
> > appreciated.
> >
> > Thanks,
> > Misty
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list