[Samba] Samba 3.0.14 - very puzzling domain browsing problems

Anthony Messina amessina at messinet.com
Wed Jan 25 23:20:23 GMT 2006 

Stephen Bosch wrote:
> Anthony Messina wrote:
> 
>>stephen, might you try setting:
>>
>>hosts allow = 10.0.0.0/8
>>
>>or change the network/mask bit for each lan you'd like to allow
>>
>>and:
>>hosts deny = 0.0.0.0/0
>>
>>and:
>>interfaces = eth0
>>bind interfaces only = yes
>>
>>change eth0 to whatever eth* interface your lan is connected to, and
>>also add "lo" if you use printers attached to this samba server.  this
>>will tell samba to only bind to the interfaces that you have configured
>>here and may route broswing properly.
>>
>>anyone else here have any suggestions?
> 
> 
> We did
> 
> interfaces = 10.10.10.12/24
> 
> and
> 
> remote announce = 10.10.10.255/HEDLIN-LAUDER
> 
> following the smb.conf man page, but that had no discernable effect.
> 
> -Stephen-
> 

stephen, it seems like you've tried to go through everything in the 
right manner.  and you've done the ethereal to make sure packets are 
being sent/received between windows computers and your nmbd server.  i 
am not able to spot where the trouble is so i've included my smb.conf, 
which works as a pdc in the local subnet and as a hub across 2 vpn spoke 
connections without a problem.  perhaps we're both missing something 
that this config can clarify.  -anthony

i do not use firewalling on the lan side of my pdc.

--- smb.conf---
workgroup = example.com
netbios name = home
server string = Samba Domain Server

hosts allow = 127.0.0.1 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
hosts deny = 0.0.0.0/0

interfaces = lo eth0
bind interfaces only = yes

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

printcap name = cups
load printers = yes
printing = cups
cups options = raw

guest account = nobody

log file = /var/log/samba/samba.log
max log size = 1024
log level = 1

security = user
lanman auth = no
client ntlmv2 auth = yes
null passwords = yes

enable privileges = yes

ldap passwd sync = no
ldap admin dn = "uid=sambaroot,ou=People,dc=example,dc=com"
passdb backend = ldapsam:ldap://127.0.0.1
ldap ssl = off
ldap delete dn = no
ldap suffix = dc=example,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=People
ldap filter = (&(objectClass=sambaSamAccount)(uid=%u))

add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

encrypt passwords = yes

unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n 
*passwd:*all*authentication*tokens*updated*successfully*

username map = /etc/samba/smbusers

local master = yes
os level = 33
domain master = yes
preferred master = yes
domain logons = yes

logon script = %U.bat
logon drive = H:
logon home = \\%L\%U

name resolve order = wins lmhosts bcast
wins support = yes
wins proxy = no
dns proxy = no

preserve case = yes
nt acl support = yes

====Shares would be here====
---end smb.conf---

-anthony

-- 
My Website: http://messinet.com
My Online Gallery: 
http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3

More information about the samba mailing list