[Samba] Mounting samba volume by IP fails trust in AD
Walt Park
waltbulk at gmail.com
Wed Mar 30 08:42:33 MDT 2011
Hi.
I've got some samba servers (3.0.33-3.29.el5_6.2, on redhat 5) that join a
windows 2003 AD.
When mounting the volume from a windows workstation, if I use
\\ip.address.here
it fails saying "The trust relationship between this workstation and the
primary domain failed'"
If I mount with \\fully.qualified.name it works just fine. Forward and
reverse DNS match, and
\\ip.address.here works for a microsoft box but not any of the samba boxes.
When I check the smbd.log, I never see the failed connections at the samba
box, only the ones
that worked with FQDN, which to me suggests the failure happens because AD
isn't passing the
connection to samba, which my AD admins say is because something in samba
isn't working like
windows, so the AD doesn't pass the request to the samba box because it
doesn't look right to AD.
my smbd.conf is :
--------------------
# Global parameters
[global]
workgroup = MYDOMAIN
security = ADS
realm = MY.DOMAIN
load printers = No
printing = bsd
preferred master = No
domain master = No
local master = no
os level = 0
wins server = xxx.xxx.xxx.xxx
ldap ssl = no
browseable = yes
restrict anonymous = yes
guest account = nobody
invalid users = nobody
encrypt passwords = yes
[homes]
comment = Home Directories
writeable = Yes
browseable = No
---------------------------
Any idea why IP mount fails trust with 2003 AD but Name would be ok?
Is this a microsoft-ism to hate on samba, or am I missing something in my
config?
Does this fail for everyone or just me?
test: start>run: \\ip.of.samba.box
start>run: \\dns.name.of.box
if you have browse, it should show the available shares.
More information about the samba
mailing list