fieldj
asked on
Accessing Samba shares on external webserver(s) - how to access
Hi all,
I have recently been getting some samba shares to work on a new Solaris server.
Now that these are working (and browsable), I move on to the next hurdle!
We have a few externally hosted (Windows Server 2008 R2) web servers which are not on our domain, but can still communicate with our network.
I can successfully browse to the samba shares on the existing (soon to be retired) solaris server from these webservers.
These web servers can successfully ping the new solaris server, but I cannot browse to the shares whether I use the server name or the IP address.
I have added the new solaris server/ip address to the Hosts file on the webservers, but this has not made a difference.
Can anyone help me to access the samba shares from these WebServers?
Many thanks
I have recently been getting some samba shares to work on a new Solaris server.
Now that these are working (and browsable), I move on to the next hurdle!
We have a few externally hosted (Windows Server 2008 R2) web servers which are not on our domain, but can still communicate with our network.
I can successfully browse to the samba shares on the existing (soon to be retired) solaris server from these webservers.
These web servers can successfully ping the new solaris server, but I cannot browse to the shares whether I use the server name or the IP address.
I have added the new solaris server/ip address to the Hosts file on the webservers, but this has not made a difference.
Can anyone help me to access the samba shares from these WebServers?
Many thanks
System authentication (where apache's user is present) is completely unrelated to samba and it's user DB.
You can always use SFTP over same SSH you have and not open security hole called samba.
You can always use SFTP over same SSH you have and not open security hole called samba.
ASKER
I need to use Samba.
As mentioned above we have an existing Solaris server to which we can successfully browse the samba shares. I need to replicate this on the new server.
It seems to be a problem with the guest access not working for whatever reason.
As mentioned above we have an existing Solaris server to which we can successfully browse the samba shares. I need to replicate this on the new server.
It seems to be a problem with the guest access not working for whatever reason.
you need to copy just smb.conf and restart samba service
ASKER
I have tried this, several times. Unfortunately it does not help.
Here is my smb.conf.....
Here is my smb.conf.....
[global]
workgroup = MYDOMAIN
realm = INTERNAL.MYDOMAIN.COM
server string = Maginus SUN2014, Samba %v
interfaces = 172.16.X.X
security = ADS
password server = *
map untrusted to domain = yes
map to guest = bad password
guest account = web
server signing = auto
preferred master = Auto
wins server = 172.16.X.XX, 172.16.X.XX
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
# Debug logging information
log level = 2
log file = /var/log/samba.log.%m
max log size = 50
debug timestamp = yes
[home_report]
comment = Home Report for Res Bulk Pick Lists
path = /home/report
guest only = Yes
guest ok = Yes
Do you have reverse DNS working and own hostname in etc/hosts same way on both systems?
ASKER
When you say 'ownhostname', do you mean the solaris hostname? In which case I do.
How can I check reverse dns? On the external webserver I ran ping -a 172.XX.X.X (solaris server IP) and it successfully pinged returning the server name.
How can I check reverse dns? On the external webserver I ran ping -a 172.XX.X.X (solaris server IP) and it successfully pinged returning the server name.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
3rd party resolved the problem
ASKER
Example log when connecting as me from my PC (on the domain):
Open in new window
Example log when connecting from the webserver (MYWEBSERVER) while logged on as user WEBUSER
Open in new window
As I understand it, on the existing Solaris server the webservers bypass the authentication and connect to the shares as the guest user “web”. However, this doesn’t seem to be working on the new server.
I did read about adding the line “map untrusted to domain = yes” to the smb.conf, but this doesn’t seem to have made any difference.