[Samba] RHEL4 and samba

Philip Washington phwashington at comcast.net
Thu Dec 15 16:56:36 GMT 2005 

Margaret_Doll wrote:

>
> On Wednesday, December 14, 2005, at 04:42 PM, Philip Washington wrote:
>
>> Margaret_Doll wrote:
>>
>>>
>>>
>>> Begin forwarded message:
>>>
>>>> From: Margaret_Doll <Margaret_Doll at brown.edu>
>>>> Date: Wed Dec 14, 2005  1:09:24 PM US/Eastern
>>>> To: samba <samba at lists.samba.org>
>>>> Subject: [Samba] RHEL4 and samba
>>>>
>>>> I brought over the /etc/samba directory from a RHEL3 system to a 
>>>> RHEL4 system.
>>>>
>>>> I disable selinux in case there was a problem with a port being 
>>>> blocked
>>>>
>>>> iptables has port 139 and 445 enabled.
>>>>
>>      open ports 137 and 138, I forget which one, but the announcement 
>> is on one of these ports, you also need to check your protocols tcp 
>> udp as far as iptables is concerned.      Usually in this cases I 
>> open up all protocols and the ports needed(check the protocols udp 
>> and tcp on 139 445 also)  and then start DROP ing or REJECT ing  
>> ports-protocols until it breaks.
>>       selinux should not be an issue with this.
>
>
> I opened the tcp, udp ports in the iptables, restarted iptables, 
> restarted smb.
>
> I still have the same problems with nmbd.   People can do a search for 
> the server.nnn.nnn.edu and find themselves logged in, but the server 
> in the Network Neighborhood is "not available"   The printers from the 
> Windows computers
> have to be created using the complete path of the server, ie. 
> server.nnn.nnn.edu, instead of the samba name.
>
> iptables --list
> ...
> ACCEPT     udp  --  anywhere             anywhere            state NEW 
> udp dpt:netbios-ns
> ACCEPT     tcp  --  anywhere             anywhere            state NEW 
> tcp dpt:netbios-ns
> ACCEPT     udp  --  anywhere             anywhere            state NEW 
> udp dpt:netbios-dgm
> ACCEPT     tcp  --  anywhere             anywhere            state NEW 
> tcp dpt:netbios-dgm
> ACCEPT     tcp  --  anywhere             anywhere            state NEW 
> tcp dpt:netbios-ssn
> ACCEPT     udp  --  anywhere             anywhere            state NEW 
> udp dpt:netbios-ssn
>
>
Would it be possible to turn off iptables altogether and try.
service iptables stop
service smb restart
You may have to wait a few minutes for the master browser to pick it up.

Here is a copy of a simple smb.conf I have running on a test machine 
running RHEL4
[global]
        workgroup = COMPA
        server string = Samba Server
        interfaces = 10.10.10.167/24
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = No
        idmap uid = 16777216-33554431
        idmap gid = 16777216-33554431
        printer admin = @ntadmin, root
        cups options = raw

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        read only = No
        guest ok = Yes
        printable = Yes
        default devmode = Yes
        browseable = No

[print$]
        comment = Printer driver Download Area
        path = /etc/samba/drivers
        write list = @ntadmin, root, philip
        guest ok = Yes

[Shared]
        path = /home/philip/SHARED
        valid users = philip
        read only = No
        hosts allow = 10.10.10.169, 10.10.10.238

>>
>>>> I can see the server in the Windows Network Neighborhood but the 
>>>> user cannot connect because they are unauthorized to attach from 
>>>> their computer.
>>>>
>>>> Most of the test in the samba documentation work except.
>>>>
>>>> smbclient -L server -N
>>>>
>>>> shows  no computers, but does show the shares and
>>>>
>>>> SERVER        COMMENTS
>>>>
>>>> myserver        server comments
>>>>
>>>> Workgroup    Master
>>>> -------------
>>>>
>>>> myworkgroup
>>>> 2nd workgroup        master2
>>>> 3rd workgroup        master3
>>>>
>>>>
>>>> nmblookup -B myserver  __SAMBA__
>>>> querying __SAMBA__ on correct ip address
>>>> name_query failed to find name __SAMBA__
>>>>
>>>> nmblooup -M myworkgroup
>>>> querying myworkgroup on mysubnet
>>>> ip address of a client myworkgroup<1d>
>>>>
>>>> "netstat -a" show netbios-ns
>>>>
>>>> What do I have set up incorrectly?
>>>>
>>>>
>>>> -- 
>>>
>>>
>>> I found that from the computers I cannot attach to the server through
>>> the network neighborhood.  I can, however,  log into the server
>>> if I do a search on the computer.  So the server is not "announcing"
>>> itself.
>>>
>>> How do I fix this problem?  Is this a firewall problem?
>>>
>>
>

More information about the samba mailing list