On Thu, 2005-12-15 at 12:03 -0500, Margaret_Doll wrote: > On Thursday, December 15, 2005, at 11:56 AM, Philip Washington wrote: > > > Margaret_Doll wrote: > > > >> > >> On Wednesday, December 14, 2005, at 04:42 PM, Philip Washington wrote: > >> > >>> Margaret_Doll wrote: > >>> > >>>> > >>>> > >>>> Begin forwarded message: > >>>> > >>>>> From: Margaret_Doll <[EMAIL PROTECTED]> > >>>>> Date: Wed Dec 14, 2005 1:09:24 PM US/Eastern > >>>>> To: samba <samba@lists.samba.org> > >>>>> Subject: [Samba] RHEL4 and samba > >>>>> > >>>>> I brought over the /etc/samba directory from a RHEL3 system to a > >>>>> RHEL4 system. > >>>>> > >>>>> I disable selinux in case there was a problem with a port being > >>>>> blocked > >>>>> > >>>>> iptables has port 139 and 445 enabled. > >>>>> > >>> open ports 137 and 138, I forget which one, but the > >>> announcement is on one of these ports, you also need to check your > >>> protocols tcp udp as far as iptables is concerned. Usually in > >>> this cases I open up all protocols and the ports needed(check the > >>> protocols udp and tcp on 139 445 also) and then start DROP ing or > >>> REJECT ing ports-protocols until it breaks. > >>> selinux should not be an issue with this. > >> > >> > >> I opened the tcp, udp ports in the iptables, restarted iptables, > >> restarted smb. > >> > >> I still have the same problems with nmbd. People can do a search > >> for the server.nnn.nnn.edu and find themselves logged in, but the > >> server in the Network Neighborhood is "not available" The printers > >> from the Windows computers > >> have to be created using the complete path of the server, ie. > >> server.nnn.nnn.edu, instead of the samba name. > >> > >> iptables --list > >> ... > >> ACCEPT udp -- anywhere anywhere state > >> NEW udp dpt:netbios-ns > >> ACCEPT tcp -- anywhere anywhere state > >> NEW tcp dpt:netbios-ns > >> ACCEPT udp -- anywhere anywhere state > >> NEW udp dpt:netbios-dgm > >> ACCEPT tcp -- anywhere anywhere state > >> NEW tcp dpt:netbios-dgm > >> ACCEPT tcp -- anywhere anywhere state > >> NEW tcp dpt:netbios-ssn > >> ACCEPT udp -- anywhere anywhere state > >> NEW udp dpt:netbios-ssn > >> > >> > > Would it be possible to turn off iptables altogether and try. > > service iptables stop > > service smb restart > > You may have to wait a few minutes for the master browser to pick it > > up. > > > > Here is a copy of a simple smb.conf I have running on a test machine > > running RHEL4 > > [global] > > workgroup = COMPA > > server string = Samba Server > > interfaces = 10.10.10.167/24 > > log file = /var/log/samba/%m.log > > max log size = 50 > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > dns proxy = No > > idmap uid = 16777216-33554431 > > idmap gid = 16777216-33554431 > > printer admin = @ntadmin, root > > cups options = raw > > > > [homes] > > comment = Home Directories > > read only = No > > browseable = No > > > > [printers] > > comment = All Printers > > path = /var/spool/samba > > read only = No > > guest ok = Yes > > printable = Yes > > default devmode = Yes > > browseable = No > > > > [print$] > > comment = Printer driver Download Area > > path = /etc/samba/drivers > > write list = @ntadmin, root, philip > > guest ok = Yes > > > > [Shared] > > path = /home/philip/SHARED > > valid users = philip > > read only = No > > hosts allow = 10.10.10.169, 10.10.10.238 > > I have tried it with selinux and iptables disabled or off. No > difference. > My smb.conf with the networks "x'd" out > > > # Global parameters > [global] > workgroup = CHEMISTRY > netbios name = CHEMPS > server string = chemps - Chemistry Samba Server > interfaces = 128.xxx.xxx.xxx/24 127.0.0.1 > smb passwd file = /etc/samba/smbpasswd > min password length = 7 > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > dns proxy = No > os level = 255 > preferred master = Yes > domain master = Yes > wins proxy = yes > wins support = yes > remote announce = 128.xxx.xxx.255/Chemistry > 128.xxx.xxx.255/Chemistry 128.xxx.xxx.255/Chemistry > 128.xxx.xxx.255/Chemistry 128.xxx.xxx.255/Chemistry > invalid users = bin daemon sys adm tty disk lp mem kmem wheel > mail news uucp man games gopher dip ftp floppy utmp xfs console > pppusers popusers slipusers slocate gdm filesystem root > valid users = @chemusers @geousers @users @stockroom @guest > username map = /etc/samba/smbusers > domain logons = yes > guest account = xxxxxxx > hosts allow = 128.148.124. 128.148.68. 128.148.116. > 128.148.119. 128.148.171. 127. > dos filetimes = Yes > dos filetime resolution = Yes > load printers = yes > printing = cups > printcap name = /etc/printcap > use client driver = yes > > [homes] > comment = Home Directories > writeable = yes > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > guest ok = Yes > printable = Yes > browseable = no > > [1-Mac] > comment = Distributed Software for MacIntoshes > path = /chemusers/1-Mac > volume = Utilities for MacIntoshes > guest ok = yes > [1-Win] > comment = Distributed Software for Windows > path = /chemusers/1-Win > volume = Utilities for Window Computers > guest ok = yes > > [Milling] > comment = Contains the drop boxes for Milling requests > path = /chemusers/milling > volume = Milling Drop Box > writeable = yes > valid users = @chemusers > force group = chemusers > > [Stockroom] > comment = Database for the Stockroom Applications > path = /home/stockroom > volume = Database for the Stockroom > valid users = @stockroom > writeable = yes > create mask = 660 > directory mask = 0770 > > [web pages] > comment = Web pages for data transfer > path = /home/httpd/html > volume = Web pages for Chemistry > guest ok = yes > writeable = yes > > > > > > >>> > >>>>> I can see the server in the Windows Network Neighborhood but the > >>>>> user cannot connect because they are unauthorized to attach from > >>>>> their computer. > >>>>> > >>>>> Most of the test in the samba documentation work except. > >>>>> > >>>>> smbclient -L server -N > >>>>> > >>>>> shows no computers, but does show the shares and > >>>>> > >>>>> SERVER COMMENTS > >>>>> > >>>>> myserver server comments > >>>>> > >>>>> Workgroup Master > >>>>> ------------- > >>>>> > >>>>> myworkgroup > >>>>> 2nd workgroup master2 > >>>>> 3rd workgroup master3 > >>>>> > >>>>> > >>>>> nmblookup -B myserver __SAMBA__ > >>>>> querying __SAMBA__ on correct ip address > >>>>> name_query failed to find name __SAMBA__ > >>>>> > >>>>> nmblooup -M myworkgroup > >>>>> querying myworkgroup on mysubnet > >>>>> ip address of a client myworkgroup<1d> > >>>>> > >>>>> "netstat -a" show netbios-ns > >>>>> > >>>>> What do I have set up incorrectly? > >>>>> > >>>>> > >>>>> -- > >>>> > >>>> > >>>> I found that from the computers I cannot attach to the server > >>>> through > >>>> the network neighborhood. I can, however, log into the server > >>>> if I do a search on the computer. So the server is not "announcing" > >>>> itself. > >>>> > >>>> How do I fix this problem? Is this a firewall problem? > >>>> > >>> > >> > > >
Please read http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2549966 It may help with your current problem... Marcus O. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba