[Samba] samba needed to network across openvpn tunnel

Bill Ries-Knight steelhoof at gmail.com
Thu Jan 4 23:10:22 GMT 2007 

I have been assued in other places that I need to have Samba and Wins
in place touse Windows networking across an openvpn tunnel.

back history:
There was a network in place when I was hired to replace the former it
guy. All ran very smooth with only one networking issue. There were
"fights" between the Windows server and the Linux box:
The master browser has received a server announcement from the
computer MAIL that believes that it is the master browser for the
domain on transport NetBT_Tcpip_{7678958F-827A-4381-B5B6. The master
browser is stopping or an election is being forced.


There were two locations (office and school) with windows boxes on 3
subnets talking across an openvpn tunnel built on two FC4 servers.
there is a Microsoft Small Business Server 2003 installed at each end
to handle the users as seperate domains.  HSP and CRAGMART.  All mail
is handled by the office SBS (HSP).

The system worked great until I had a server cracked at the office
end.  The school end was not touched.  The damage was limited to the
one server (whew!).

The server has been rebuilt with debian etch and I have the tunnel
working great.  The old filesystem is intact and configuration files
are availible.

Office subnet 192.168.1.x
School subnets 192.168.19.x  1
                        92.168.10.x

I can communicate over tcp/ip fine from the office to the school and vice versa.

from 192.168.1.x I can get to the SBS server at \\192.168.19.3 but not
by \\cserver
from 192.168.19.x I cannot get to the SBS server at \\192.168.1.3 or
by \\server.

There is no windows browsing across the openvpn tunnel, everything is
normal within the seperate domains.

I have tried resolving this on irc.feenode.net #samba

here is the smb.conf for the server before it was cracked:  It did not
work on this install.
****************************************
# Samba config file created using SWAT
# from 192.168.1.112 (192.168.1.112)
# Date: 2006/04/18 11:10:34

[global]
        workgroup = HSP
        realm = SERVER.HSP.LOCAL
        netbios aliases = ntserver
        server string = Samba Server
        security = ADS
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = /etc/printcap
        dns proxy = No
        wins support = Yes
        ldap ssl = no
        cups options = raw

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

[c$]
        path = /
        admin users = ntemple, mc, root
        read list = ntemple, mc, root
        write list = ntemple, mc, root

[music]
        path = /home/jukebox/www/html/songs
        guest ok = Yes

[install]
        path = /usr/local/share/unattended/install
        admin users = ntemple, mc
        write list = ntemple, mc
*************************************************

here is a recent variation that was configured with swat> it did not work
***********************************************

# Samba config file created using SWAT
# from 192.168.1.100 (192.168.1.100)
# Date: 2007/01/04 12:12:14

[global]
        workgroup = HSP
        realm = SERVER.HSP.LOCAL
        netbios aliases = ntserver
        server string = Samba Server
        security = DOMAIN
        password server =
        guest account = local_user
        log file = /var/log/samba/%m.log
        max log size = 50000
        name resolve order = wins lmhosts host bcast
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = /etc/printcap
        dns proxy = No
        wins server = 192.168.1.3
        ldap ssl = no
        username = brk, mc, root, ntemple, bries-knight
        admin users = brk, mc, root, ntemple, bries-knight
        hosts allow = 192.168.10., 192.168.19., 127., 192.168.1.
        cups options = raw

[root]
        path = /
        username = root ntemple mc bries-knight
        admin users = mc, root, ntemple, bries-knight
        write list = mc, root, ntemple, bries-knight

[base]
        path = /
        username = root ntemple mc bries-knight
        admin users = mc, root, ntemple, bries-knight
        write list = mc, root, ntemple, bries-knight

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

[c$]
        path = /
        admin users = ntemple, mc, root
        read list = ntemple, mc, root
        write list = ntemple, mc, root

[music]
        path = /home/jukebox/www/html/songs
        guest ok = Yes

[install]
        path = /usr/local/share/unattended/install
        admin users = ntemple, mc
        write list = ntemple, mc
******************************************************************


-- 
-- 
Bill Ries-Knight
Stockton, CA

Respect the process, Vote.

More information about the samba mailing list