[Samba] domain-based DFS ?
Davor Vusir
davortvusir at gmail.com
Thu Jul 3 01:54:17 MDT 2014
2014-07-02 14:40 GMT+02:00 Davor Vusir <davortvusir at gmail.com>:
>
> Den 1 jul 2014 16:56 skrev "steve" <steve at steve-ss.com>:
>
>
>>
>> On Tue, 2014-07-01 at 16:32 +0200, L.P.H. van Belle wrote:
>> > well..
>> >
>> > I just did a test with this for steve also.
>> >
>> > same result.
>> >
>> > \\domain.name\sysvol and netlogon accessable no problems.
>> >
>> > \\domain.name\dfs Access denied again? "Network path cannot be
>> > found...", 0x8xxxyy35?
>> >
>> > \\server1.domain.name\dfs works, but someshare not.
>> > \\server1.domain.name\dfs\someshare
>> >
>> > my steps.
>> >
>> > mkdir -p /export/dfsroot
>> > chown root:root /export/dfsroot
>> > chmod 755 /export/dfsroot
>> > ln -s 'msdfs:mem1.internal.domain.tld\someshare'
>> > /export/dfsroot/someshare
>> >
>> > also tried : ln -s 'msdfs:mem1.internal.domain.tld\\someshare'
>> > /export/dfsroot/someshare
>> >
>> >
>> > smbclient //localhost/dfs -U 'administrator'
>> > cd someshare
>> >
>> > tree connect failed: NT_STATUS_BAD_NETWORK_NAME
>> > Unable to follow dfs referral [\mem1.internal.domain.tld\]
>> > cd \somewhare\: NT_STATUS_BAD_NETWORK_NAME
>> >
>> > so far for me..
>> >
>> > found this one
>> > https://groups.google.com/forum/#!topic/linux.samba/mi4O5lHE8Vc
>> > so i think this is not fixed yet...
>> > there is a patch in this link, but since im on sernet im not trying the
>> > patch.
>>
>> Yeah, thanks Louis.
>> This is looking more and more like a time consuming, undocumented dead
>> end. I'm really tempted to drop it at this point and spend the time on a
>> proper cluster instead. I get the feeling that this was always going to
>> be second best, and it only works with windows clients anyway.
>> Cheers,
>> Steve
>>
>>
> Is it an IPv6 issue? I know Windows XP does not speak IPv6 out-of-the-box.
> But...
>
> I have turned off IPv6 on the AD DC. And installed Microsoft Fixit 50409 on
> my Win 7.
>
> Regards
> Davor
>
Back again! :)
First of all, I refuse to believe that I'm the only one that got
domain-based DFS to work.
I want to share some final thoughts in this matter.
This link, https://wiki.samba.org/index.php/WIP/Beginner_HowTo_-_SOHO_business_server,
is a transcript of how I installed and configured Samba. To make
domain-based DFS work I simply put 'host msdfs = yes' to the global
section, added the required share definition, created the links,
restarted Samba end rebooted the Windows client.
If you take a few minutes and read the wiki page, you'll see a section
about turning off IPv6 on the host. This might be what differs in my
and your setup. And what makes the difference.
My thoughts:
The host is IPv6 capable. Samba understands and responds to requests
over both IPv4 and IPv6. An IPv4-only host, like Windows XP or Windows
7 with Microsoft Fixit 50409 installed, sends a request. Samba, or the
DFS-module, recieves it and processess it but as the host is IPv6
capable, Samba, or the DFS-module, returns an answer over a valid
adapter. May it be IPv4 or IPv6. Is the IPv6 adapter prioritized? For
Samba, or the DFS-module, it doesn't seem to matter. If samba, or the
DFS-module, just makes the check 'if ValidAdapter == true send
response;' it might just be sent over IPv6 and there is no one on the
other end to recieve the message. Or if the DFS code doesn't support
IPv6, it simply drops it.
Would 'bind interfaces only',
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#BINDINTERFACESONLY,
be a better alternative to turning off IPv6 on the host? In
co-operation with 'interfaces',
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#INTERFACES?
Regards
Davor
More information about the samba
mailing list