[Samba] msdfs proxy question

Daniel Müller mueller at tropenklinik.de
Mon Feb 4 00:33:11 MST 2013 

If you have no route to the network nothing will work.
Samba is not a Gateway nor does it VPN connections or something like that.
If your second network is a external one you will be better in the first
with openvpn
And set your routes to your needs.
If your second network is internal you need to set up a gateway that can be
reached from both
Networks.

Good Luck
Daniel


-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------

-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Michael Wilke
Gesendet: Montag, 4. Februar 2013 08:05
An: samba at lists.samba.org
Betreff: [Samba] msdfs proxy question

Hi List,

I am struggling a little bit with the msdfs proxy parameter.

I want the samba server as a kind of a bridge between two networks, that the
samba server only shares some of the shares provided by our file server to a
second network. 
I don't want the samba srv to be a gw or give the clients a route to the
internal network, because it is a total different user group.

I first tried to do so with an msdfs root directory and symlinks but for
sure it didn't work, because the clients don't have a route to the source
server. 

But msdfs proxy doesn't work either:

smb.conf:
-------
[software-new]
        msdfs root = yes
        msdfs proxy= \gunter\software

-------

When I try to access the share from a computer in the sec. network the log
shows:

-------
Client requested device type [?????] for share [SOFTWARE-NEW] refusing
connection to dfs proxy share 'software-new' (pointing to
\gunter\software)
error packet at smbd/reply.c(803) cmd=117 (SMBtconX)
NT_STATUS_BAD_NETWORK_NAME
-------

The server is accessible from the samba box and smbclient connects fine:

root at samba:~# smbclient -L '\\gunter' -U 'DOMAIN\micha'
WARNING: The "idmap uid" option is deprecated
WARNING: The "idmap gid" option is deprecated Enter DOMAIN\micha's password:

Domain=[DOMAIN] OS=[Windows Server 2003 R2 3790 Service Pack 2]
Server=[Windows Server 2003 R2 5.2]

	Sharename       Type      Comment
	---------       ----      -------
	...
	software        Disk      Software
	...


If I access the msdfs share from the sec. network (10.10.12.0) with an IP in
the first network (10.10.10.0) then the connection redirects me to the
gunter server and everything works, but I need a "proxy" not a standard
msdfs redirect. 

Any advice appreciated

Michael




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list