[Samba] Samba weirdness over different subnets
David Noriega
tsk133 at my.utsa.edu
Fri Aug 27 13:04:33 MDT 2010
I've had the following setup working for years now. Subnet A contains
linux/windows workstations along with the PDC+LDAP. Subnet B contains
a BDC+LDAP and a domain member on the file server that windows users
connect too.
Whats new is I'm setting up a new domain member in Subnet B. It has
joined the domain and net getdomainsid works. From machines in Subnet
B I can run smbclient -L and have it correctly authenticate against
the local BDC and return a list of shares.
The problem is when I try to do the same from Subnet A. From my ubuntu
box, smblclient will simply sit there indefinitely, while from windows
it will wait for a while before it returns an error about the network
name no longer being available. From the server's point of view,
nothing is happening. I have to turn up the log level to 3 to see the
following:
[2010/08/27 13:35:42, 3] smbd/oplock.c:init_oplocks(863)
init_oplocks: initializing messages.
[2010/08/27 13:35:42, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(234)
Linux kernel oplocks enabled
[2010/08/27 13:35:42, 3] smbd/process.c:process_smb(1083)
Transaction 0 of length 194
[2010/08/27 13:35:42, 3] smbd/process.c:switch_message(932)
switch message SMBnegprot (pid 28515) conn 0x0
[2010/08/27 13:35:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [MICROSOFT NETWORKS 1.03]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [LANMAN1.0]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [LM1.2X002]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [DOS LANMAN2.1]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [LANMAN2.1]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
Requested protocol [Samba]
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_nt1(364)
using SPNEGO
[2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(606)
Selected protocol NT LANMAN 1.0
Here it will wait for sometime before printing out the rest.
[2010/08/27 13:36:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/08/27 13:37:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/08/27 13:37:42, 2] smbd/process.c:timeout_processing(1390)
Closing idle connection
[2010/08/27 13:37:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/08/27 13:37:42, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2010/08/27 13:37:42, 3] smbd/server.c:exit_server_common(768)
Server exit (normal exit)
smb.conf
[Global]
workgroup = XXX.XXX.XXX
server string = XXXX %v
security = domain
password server = XXXX, XXXX
loglevel = 3
syslog = 0
interfaces = eth0
bind interfaces only = yes
[homes]
read only = No
valid users = %S
comment = %U Home Directory
path = /home/%U
browseable = no
[Public]
path = /groups/Public
browseable = yes
writeable = yes
create mask = 0777
directory mask = 0777
force group = "Domain Users"
public = yes
I have no clue, any ideas?
David
PS: One thing that has never worked is resolving a netbios name that
isnt in the same subnet. It only works for machines in the same
subnet. I do have remote announce and remote browser sync on in the
BDC in Subnet B, but all that does is show those remote servers when
ever I do network browsing, but when I try to connect, i cant. I
always have to give its full dns hostname.
--
Personally, I liked the university. They gave us money and facilities,
we didn't have to produce anything! You've never been out of college!
You don't know what it's like out there! I've worked in the private
sector. They expect results. -Ray Ghostbusters
More information about the samba
mailing list