[Samba] Laptops unable to access Windows SMB share

Stephen Brandli steve at brandli.com
Wed Jan 22 22:04:31 UTC 2025


Long-time Samba user.  Love it!

I have a dozen or so computers accessing several file (SMB) shares.  All but two are in fixed locations.  Some of those have fixed IPs, the rest DHCP IPs but they don't move between subnets.  The last two, both laptops, are the problem.  They move back and forth between two subnets.

Specifically:

There are three relevant subnets.  I'll call them Secure 1, Secure 2, and Unsecure 2.  Secure 1 and Secure 2 are connected via a VPN, and Secure 2 and Unsecure 2 are connected via a firewall.  The firewall does not NAT.  The other clients are on Secure 1 and Secure 2.  The laptops move between Secure 1 and Unsecure 2.

To simplify things, there are two servers on Secure 1: one Samba (4.9.5-I know, old), and a Windows 10 up-to-date and acting as a server.

There are two domains: D1 and D2 (all Samba 4.13.13).  D1 is centered at Secure 1 and D2 at Secure 2.  D1 and D2 have an external trust relationship.  Domain controllers for both domains in both Secure 1 and Secure 2.  The two servers on Secure 1 are in D1.  The laptops are in D2.

All the computers except the laptops-including computers on Secure 1 in D1, and Secure 2 in D2, access both the Samba and Windows servers fine (file shares).  The two laptops access the Samba file share just fine whether they are in Secure 1 or Unsecure 2.  The laptops can access another service (Sql Server) on the Windows server without problem no matter where they are (demonstrating connectivity).

Two problems:


  1.  When at Unsecure 2, the laptops will not update their DNS records for D2.  For purposes of working on problem #2 (next), I added A records manually to D2.
  2.  When at Unsecure 2, the laptops will not access the Windows server's file share.  Remember they will access the Samba file server on the same subnet, Secure 1.  The error says it can't find the share and asks to check the name.

There are no firewall rules between Secure 1 and Secure 2.  It's a straight VPN.  While there are usually firewall rules between Secure 2 and Unsecure 2, I removed them to test this problem with no change.

This used to work.  At some point it stopped.  I have not updated the domain controllers or the Samba server referenced above in some time now, so no update to those caused the problem.  The Windows machine has updated automatically and is up-to-date (just reaching Windows 10 EOL).

Clearly the laptops are unique in some way: I suspect in being on Unsecure 2.  Their netbios settings are the "default," which uses netbios over TCP unless told differently by DHCP, which it doesn't.

I've exhausted my limited knowledge of this and would love any tips you all are willing to provide.  Thanks in advance!

                Steve


More information about the samba mailing list