this morning, I added entries to the files lmhosts.sam and hosts for
this server and access is allowed now.
thanks for your help.
Le 13/05/2011 17:04, Vincent Malien a écrit :
it's a site-to-site VPN
Sorry, my colleague on the other site just shut-down & gone. I'll test
monday, but I think you mean "net view \\IP_ADDRESS_OF_SERVER".
Le 13/05/2011 16:33, Gaiseric Vandal a écrit :
Is this a client-to-site or site-to-site VPN?
Does "new view \\IP_ADDRESS_OF_SERVER" work?
I have one samba server (compiled from source) where Windows VPN
clients can't access it by name UNLESS using either WINS ior an
lmhosts file is configured. packet sniffing showed the client
connecting and an initial response, but then the nothing else.
Clearly not a problem with the clients which could access every
other samba or windows server over the VPN. Some Win machines
were domain members, some weren't.
On 05/13/2011 10:00 AM, Vincent Malien wrote:
Hi,
I have a problem of Access denied to samba server from win7 64bit
behind a VPN.
the samba server is 3.2.5-4 release on a debian lenny (I will
upgrade it soon), member of a win2K AD domain.
the win7 PCs are on the same AD domain, they can access to an other
samba server witch is very similar (same release, same smb.conf,
same VPN config).
If I do on a win7 PC: net view \\srvlinux
I see:
L'erreur système 5 s'est produite.
Accès refusé.
on srvlinux, in /var/log/samba/log.PCname, I see:
[2011/05/13 11:26:34, 0] lib/util_sock.c:read_socket_with_timeout(939)
[2011/05/13 11:26:34, 0] lib/util_sock.c:get_peer_addr_internal(1683)
getpeername failed. Error was Noeud final de transport n'est pas
connecté
read_socket_with_timeout: client 0.0.0.0 read error = Connexion
ré-initialisée par le correspondant.
I think this timeout is because of the VPN link, but it's the same
log on the other samba server witch I can access.
I tried to un-join & join server & PC to the domain, but it didn't
solved. I also tried with several windows user who can access
srvlinux from other PCs on the two sides of the VPN.
Any help is welcome .
Vincent MALIEN
this is my smb.conf:
[global]
workgroup = SOCOFER
server string = %h server web interne et FTP (Samba %v)
; wins server = w.x.y.z
dns proxy = no
; name resolve order = lmhosts host wins bcast
; interfaces = 127.0.0.0/8 eth0
; bind interfaces only = yes
dos charset = cp850
unix charset = ISO-8859-1
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = ADS
realm = SOCOFER.DOM
password server = 192.168.5.44
client use spnego = yes
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
; domain logons = yes
; logon path = \\%N\profiles\%U
; logon drive = H:
; logon script = logon.cmd
; add user script = /usr/sbin/adduser --quiet --disabled-password
--gecos "" %u
; add machine script = /usr/sbin/useradd -g machines -c "%u machine
account" -d /var/lib/samba -s /bin/false %u
; add group script = /usr/sbin/addgroup --force-badname %g
; printing = bsd
; printcap name = /etc/printcap
; printing = cups
; printcap name = cups
; include = /home/samba/etc/smb.conf.%m
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm
%s' &
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /home/%D/%U
template shell = /bin/bash
winbind enum groups = yes
winbind enum users = yes
usershare max shares = 100
winbind use default domain = yes
# empêche le client de devenir maitre explorateur
domain master = no
local master = no
preferred master = no
os level = 0
[homes]
comment = Home Directories
browseable = yes
writable = yes
create mask = 0777
directory mask = 0777
valid users = %S
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
