[Samba] access my created share in smb.conf Only by Ip
Mohammad Ebrahim Abravi
lamp.mia at gmail.com
Sun Nov 4 21:54:23 MST 2012
*samba4 provision line : *
provision --realm=hum-office.xxx.xx.xx --domain=HUM-Office
--adminpass='p4$$word' --server-role=dc
*smb.conf :*
============================================================================================
# Global parameters
[global]
workgroup = HUM-OFFICE
realm = hum-office.xxx.xx.xx
netbios name = HUM-AD
server role = active directory domain controller
passdb backend = samba4
[netlogon]
path =
/usr/local/samba/var/locks/sysvol/hum-office.xxx.xx.xx/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[profiles]
path =
/usr/local/samba/var/locks/sysvol/hum-office.xxx.xx.xx/profiles
browseable = yes
read only = no
[ShareDir]
path = /ShareDir
read only = No
create mask = 0600
directory mask = 0700
============================================================================================
*Bind bind-9.9.1-P2 : *
built with '--with-gssapi=/usr/include/gssapi' '--prefix=/usr'
'--mandir=/usr/share/man' '--infodir=/usr/share/info'
'--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads'
'--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static'
'--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld'
'--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing'
'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
'--with-dlz-dlopen=yes' '--with-dlopen=yes'
============================ *named.conf*======================================
include "/etc/bind/named.conf.options";
include "/usr/local/samba/private/named.conf";
=============================================================================
=============================
*named.conf.options*=================================
options {
directory "/var/cache/bind";
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
allow-recursion {
192.168.25.0/24;127.0.0.1;192.168.113.0/24;192.168.112.0/24;};
allow-query {
192.168.25.0/24;127.0.0.1;192.168.113.0/24;192.168.112.0/24; };
allow-query-cache{
192.168.25.0/24;127.0.0.1;192.168.113.0/24;192.168.112.0/24;};
forwarders {
4.2.2.4
};
dnssec-validation yes;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
server ::/0 {
edns no;
};
server 0.0.0.0/0 {
edns no;
};
=============================================================================
On Wed, Oct 31, 2012 at 2:22 PM, Rowland Penny <repenny at f2s.com> wrote:
> Can you please give us your samba4 provision line, a copy of your smb.conf
> and tell us if bind9 is running on the samba4 server.
>
> Without this information, nobody can start to help you sort out your
> problem.
>
> Rowland
>
>
> On 31/10/12 09:56, Mohammad Ebrahim Abravi wrote:
>
>> Hello
>>
>> Upgrade to samba4 rc4 But this problem not solved !!!!
>>
>> On Sat, Oct 20, 2012 at 12:40 PM, Rowland Penny <rpenny at f2s.com> wrote:
>>
>> On 20/10/12 08:20, Mohammad Ebrahim Abravi wrote:
>>>
>>> Hello
>>>>
>>>> use your recommendations , Results:
>>>>
>>>> samba4 rc3
>>>> *s4-ad -> samba server Host name
>>>> test.s4.com -> domain name*
>>>> *Dns Server -> Samba Internal DNS server , Bind 9.9.1-P2*
>>>> *win xp*
>>>>
>>>> \\test.s4.com no access
>>>> \\192.168.1.6 -> no access
>>>>
>>>> \\test.s4.com\myshare -> no access
>>>> \\192.168.1.6\myshare -> no access
>>>>
>>>>
>>>> *Note*: this options set for change mandatory profile owner to
>>>>
>>>> AdministratorS :
>>>> server services = +smb -s3fs
>>>> dcerpc endpoint servers = +winreg +srvsvc
>>>>
>>>>
>>>> Thanks
>>>>
>>>>
>>>> On Wed, Oct 17, 2012 at 6:54 PM, Carlos R. Pena Evertsz <
>>>> carlosrpevertsz at gmail.com> wrote:
>>>>
>>>> Let Mohammad try my recommendations and them we will talk about it.
>>>>
>>>>>
>>>>>
>>>>> On 10/17/2012 9:07 AM, Rowland Penny wrote:
>>>>>
>>>>> On 17/10/12 15:20, Carlos R. Pena Evertsz wrote:
>>>>>
>>>>>> Hi Mohammad,
>>>>>>
>>>>>>> I had the same problem like many others, so I think samba should
>>>>>>> include a note like mine in their documentation.
>>>>>>>
>>>>>>> This is the trick for successfully access the share with the
>>>>>>> hostname..
>>>>>>>
>>>>>>> Be sure you have the following lines in the smb.conf:
>>>>>>>
>>>>>>> netbios name = yourhostname
>>>>>>>
>>>>>>> This is set by default
>>>>>>>
>>>>>> wins support = yes
>>>>>> This turns on the wins server, you should only turn this on if it is
>>>>>> the
>>>>>> only one.
>>>>>>
>>>>>>
>>>>>> Find the "name resolve order" directive and be sure you have it in
>>>>>> the
>>>>>>
>>>>>>> following order.
>>>>>>>
>>>>>>> name resolve order = wins lmhosts hosts bcast
>>>>>>>
>>>>>>>
>>>>>>> Add the following line:
>>>>>>>
>>>>>>> hosts allow = the host ip / mask
>>>>>>>
>>>>>>> Where the host ip is your server ip.
>>>>>>> the mask is the mask you are using in all your windows
>>>>>>> clients.
>>>>>>>
>>>>>>> If you set it like this, the only machine that will be able to
>>>>>>> connect
>>>>>>>
>>>>>> would be the server itself. It should be, from data supplied,
>>>>>> 192.168.1.0/255.255.255.0 This would allow any computer on the subnet
>>>>>> to
>>>>>> connect.
>>>>>>
>>>>>> This is the most important thing. For example If you have in your
>>>>>> server
>>>>>>
>>>>>> the mask 255.255.0.0 then all your clients must have the same network
>>>>>>> mask.
>>>>>>> Windows clients with the same mask of the server will see the server
>>>>>>> on the
>>>>>>> network with it hostname otherwise you need to access the server by
>>>>>>> its ip
>>>>>>> number. I think this is a Windows issue but they have left it in this
>>>>>>> way
>>>>>>> so we have to live with it.
>>>>>>>
>>>>>>> I hope this can help you.
>>>>>>>
>>>>>>> I doubt it.
>>>>>>>
>>>>>>> Rowland
>>>>>>
>>>>>> Carlos
>>>>>>
>>>>>> Santo Domingo, Dominican Republic
>>>>>>> On 10/17/2012 6:55 AM, Mohammad Ebrahim Abravi wrote:
>>>>>>>
>>>>>>> Hello
>>>>>>>
>>>>>>>> samba4 rc3
>>>>>>>> *s4-ad -> samba server Host name
>>>>>>>> test.s4.com -> domain name*
>>>>>>>> *Dns Server -> Samba Internal DNS server , Bind 9.9.1-P2*
>>>>>>>> *win xp*
>>>>>>>>
>>>>>>>> have access to default share such as sysvol by dns name (\\
>>>>>>>> test.s4.com
>>>>>>>> \sysvol)
>>>>>>>>
>>>>>>>> but if created a share in smb.conf Only access by IP such as :
>>>>>>>>
>>>>>>>> \\test.s4.com\myshare -> no access and ask me for user and
>>>>>>>> password !
>>>>>>>> \\192.168.1.6\myshare -> access
>>>>>>>>
>>>>>>>> If using *s4-ad.test.s4.com* my share accessible !!!
>>>>>>>>
>>>>>>>> \\test.s4.com\myshare -> no access !
>>>>>>>> \\s4-ad.s4.com <http://test.s4.com>\myshare -> access !
>>>>>>>>
>>>>>>>> \\test.s4.com\sysvol -> access !
>>>>>>>> \\*s4-ad* <http://test.s4.com>. <http://test.s4.com>test.s4.****
>>>>>>>> **com<
>>>>>>>>
>>>>>>>> http://test.s4.com>\sysvol
>>>>>>>>
>>>>>>>> ->
>>>>>>>> access !
>>>>>>>>
>>>>>>>> Note:
>>>>>>>> In *\\test.s4.com* seen all the shared directory, but not
>>>>>>>> accessible
>>>>>>>>
>>>>>>>> in *samba alpha17* no need type *s4-ad*
>>>>>>>>
>>>>>>>> what happened ?
>>>>>>>>
>>>>>>>> This is Bug in samba4 rc3 ?
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions: https://lists.samba.org/******mailman/options/samba<https://lists.samba.org/****mailman/options/samba>
>>>>> <https://**lists.samba.org/**mailman/**options/samba<https://lists.samba.org/**mailman/options/samba>
>>>>> >
>>>>> <https://**lists.samba.org/**mailman/**options/samba<http://lists.samba.org/mailman/**options/samba>
>>>>> <https:**//lists.samba.org/mailman/**options/samba<https://lists.samba.org/mailman/options/samba>
>>>>> >
>>>>>
>>>>> Hello again, how did you provision the samba4 server? Please provide
>>>>>
>>>> the smb.conf from the samba4 server.
>>>
>>> Rowland
>>>
>>>
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/****mailman/options/samba<https://lists.samba.org/**mailman/options/samba>
>>> <https://**lists.samba.org/mailman/**options/samba<https://lists.samba.org/mailman/options/samba>
>>> >
>>>
>>>
>>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
More information about the samba
mailing list