Solved

Samba password server in different subnet

Posted on 2004-04-20
3
230 Views
Last Modified: 2010-03-18
My current situation:

1 Samba server on the 219.x.y.z subnet (DMZ)
1 Samba server on the 192.168.128.x protected subnet

Both Samba servers running Fedora Core 1, Samba is from RPM of FC1.

I setup the 219 Samba server to act as a password server:

[global]
        workgroup = ABC
        netbios name = INTERNET
        server string = ABC Internet Server
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = No
        ldap ssl = no
        os level = 33
        preferred master = yes
        domain master = yes
        local master = yes
        security = user
        domain logons = yes

And I want the 192 Samba server to ack as a pass through server to ask for the 219 Samba server to authenticate:

[global]
        workgroup = ABC
        netbios name = INTRANET
        server string = ABC Intranet Server
        null passwords = Yes
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = No
        wins support = Yes
        ldap ssl = no
        security = user
        password server = host.abc.com # Host name of 219 Samba server

I know that the "password server" option should be a netbios name, but they are on different subnet and the broadcast should be stopped by the router.

I failed.  Any suggestion?  

Thank you.

William WK Lee
Hong Kong

0
Comment
Question by:wk
3 Comments
 
LVL 8

Accepted Solution

by:
da99rmd earned 500 total points
ID: 10877032
Are the 2 smb servers on the same server or 2 diffrent ?

on the 192 server you cant have this
>security = user
By specifying the name of another SMB server (such as a WinNT box) with this option, and using
              security = domain or security = server you can get Samba to do all its username/password vali­
              dation via a remote server.

read the man smb.conf

I realy dont know if the password server = ip works
 This option sets the name of the password server to use.  It must be a NetBIOS name, so if the
              machine's  NetBIOS  name is different from its Internet name then you may have to add its Net­
              BIOS name to the lmhosts file which is stored in the same directory as the smb.conf file.

so you can specify the ip in the lmhost file and use a netbios name of your choise.

/Rob
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
MySql client tunnel through intermediate host 5 78
centos7 firewalld udp ports 33 72
Monitor Aliased network interface bandwitch CentOS 4 91
Set linux box as ip router 3 22
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question