Stephen Bosch wrote:
Anthony Messina wrote:
stephen, might you try setting:
hosts allow = 10.0.0.0/8
or change the network/mask bit for each lan you'd like to allow
and:
hosts deny = 0.0.0.0/0
and:
interfaces = eth0
bind interfaces only = yes
change eth0 to whatever eth* interface your lan is connected to, and
also add "lo" if you use printers attached to this samba server. this
will tell samba to only bind to the interfaces that you have configured
here and may route broswing properly.
anyone else here have any suggestions?
We did
interfaces = 10.10.10.12/24
and
remote announce = 10.10.10.255/HEDLIN-LAUDER
following the smb.conf man page, but that had no discernable effect.
-Stephen-
stephen, it seems like you've tried to go through everything in the
right manner. and you've done the ethereal to make sure packets are
being sent/received between windows computers and your nmbd server. i
am not able to spot where the trouble is so i've included my smb.conf,
which works as a pdc in the local subnet and as a hub across 2 vpn spoke
connections without a problem. perhaps we're both missing something
that this config can clarify. -anthony
i do not use firewalling on the lan side of my pdc.
--- smb.conf---
workgroup = example.com
netbios name = home
server string = Samba Domain Server
hosts allow = 127.0.0.1 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
hosts deny = 0.0.0.0/0
interfaces = lo eth0
bind interfaces only = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
load printers = yes
printing = cups
cups options = raw
guest account = nobody
log file = /var/log/samba/samba.log
max log size = 1024
log level = 1
security = user
lanman auth = no
client ntlmv2 auth = yes
null passwords = yes
enable privileges = yes
ldap passwd sync = no
ldap admin dn = "uid=sambaroot,ou=People,dc=example,dc=com"
passdb backend = ldapsam:ldap://127.0.0.1
ldap ssl = off
ldap delete dn = no
ldap suffix = dc=example,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=People
ldap filter = (&(objectClass=sambaSamAccount)(uid=%u))
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba/smbusers
local master = yes
os level = 33
domain master = yes
preferred master = yes
domain logons = yes
logon script = %U.bat
logon drive = H:
logon home = \\%L\%U
name resolve order = wins lmhosts bcast
wins support = yes
wins proxy = no
dns proxy = no
preserve case = yes
nt acl support = yes
====Shares would be here====
---end smb.conf---
-anthony
--
My Website: http://messinet.com
My Online Gallery:
http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
