[Samba] Samba using Openvpn debug

Daniel Müller mueller at tropenklinik.de
Fri Sep 24 01:02:48 MDT 2010


I think this is a case of the security reason of your windows vista client: 
Let it use LM Authentication, when necessary. To do this, edit the registry,
and set value LmCompatibilityLevel, in [ HKEY_LOCAL_MACHINE \SYSTEM
\CurrentControlSet \Control \Lsa ] to "1". 

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von info
Gesendet: Donnerstag, 23. September 2010 16:08
An: samba at lists.samba.org
Betreff: [Samba] Samba using Openvpn debug

Dear All,

I configured samba-3.2.7 in opensuse11.1(serv1) box in my LAN1 and it is
working fine.
 
Later I configure openvpn p-to-p on the same "serv1".  I accessed "serv1"
from LAN2 (internet) , computer name: notebook-vista, using SSH through
openvpn tunnel and it was working fine.

I config samba and openvpn to access samba share in LAN2 using openvpn from
LAN2 in "notebook-vista". 
Initially I was able to open the samba share in "notebook-vista" computer.
Start-> run->cmd-> net use z: \\10.9.0.1\rb /user:kr

--------------------------
Samba share is not connected to "notebook-vista" when I tried from LAN2,
next day after restarting both server and client. But ssh is connected via
openvpn from client to Server. 
--------------------------
"notebook-vista"  - vista home premium operating system
Note: I enabled network sharing , network discovery, all user can able to
create a file/folder in "vista"

Start-> run->cmd-> net use z: \\10.9.0.1\rb /user:kr
System error 53 has occurred.
The network path was not found.
-------------------
 cmd-> net use  \\10.9.0.1\rb /delete
An active process is accessing this device.
You get more help if you type NET HELPMSG 2404th
---------------------
Still I am getting the same error and not getting samba share in my LAN2 via
openvpn in "notebook-vista"
Start-> run->cmd-> net use z: \\10.9.0.1\rb /user:kr
System error 53 has occurred.
The network path was not found.
-----------------------------------------------------------------

My configuration as follows for your reference 

For openvpn:
#vi /etc/openvpn/server.conf

port 1194
proto udp
dev tun
ifconfig 10.9.0.2 10.9.0.1
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/serv.crt
key /etc/openvpn/easy-rsa/2.0/keys/serv.key  
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
max-clients 4
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 4
management localhost 7505
------------------------------------------------------------
For samba:
#vi /etc/samba/smb.conf
[global]
        workgroup = WORKGROUP
#for openvpn config
        hosts allow = 192.168.1.0/24 10.9.0.0/24 127.0.0.1
        interfaces = 192.168.1.0/24 10.9.0.0/24
############
        passdb backend = tdbsam
        netbios name = Novalnet
        name resolve order = bcast host lmhosts wins
        printing = cups
        printcap name = cups
        printcap cache time = 750
        cups options = raw
        map to guest = Bad User
        include = /etc/samba/dhcp.conf
#       logon path = \\%L\profiles\.msprofile
#       logon home = \\%L\%U\.9xprofile
#       logon drive = P:
        usershare allow guests = Yes
[homes]
        comment = Home Directories
        valid users =  (it is remove while scanning)
        browseable = No
        read only = No
        inherit acls = Yes
#[profiles]
#       comment = Network Profiles Service
#       path = %H
#       read only = No
#       store dos attributes = Yes
#       create mask = 0600
#       directory mask = 0700

[users]
        comment = All users
        path = /home
        read only = No
        inherit acls = Yes
        veto files = /aquota.user/groups/shares/
#[groups]
#       comment = All groups
#       path = /home/groups
#       read only = No
#       inherit acls = Yes

[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No
[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @ntadmin root
        force group = ntadmin
        create mask = 0664
        directory mask = 0775
[magentospm]
        comment = magentospm
        path = /srv/www/htdocs/magentospm/
        read only = yes
#       writable = Yes
#       public = Yes
        write list = jb kp mr bg kd root
        valid users = jb kp mr bg kd root
#       directory mask = 0777
        logon drive = Z:


----------------------------------------------------------------------------
-----------------------------------------
Openvpn client config file on vista

client.ovpn

client
dev tun
ifconfig 10.9.0.2 10.9.0.1
proto udp
remote xxx.mydomin.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client.crt"
key "C:\\Program Files\\OpenVPN\\config\\client.key"
verb 4
comp-lzo

Kindly intimate me where I done a mistake so that I could get the samba
share on my "notebook-vista" computer using openvpn.


Thanking You,

Warm Regards,
S.J.Balamurugan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba



More information about the samba mailing list