[Samba] problems with msdfs proxy in AD environment - Samba

This is a discussion on [Samba] problems with msdfs proxy in AD environment - Samba ; Hello, we have two solaris file servers which export the file with nfs to the unix client and with samba to the windows clients. Both file servers are member of an active directory domain. Now we have the idea to ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: [Samba] problems with msdfs proxy in AD environment

  1. [Samba] problems with msdfs proxy in AD environment

    Hello,

    we have two solaris file servers which export the file with nfs to the
    unix client and with samba to the windows clients. Both file servers are
    member of an active directory domain.
    Now we have the idea to use a new samba file server which contains the
    shares of both file servers and redirect the request to the correct file
    server with msdfs proxy.
    On this new fileserver I configure
    [global]
    ...
    encrypt passwords = Yes
    lanman auth = no
    ntlm auth = no
    client ntlmv2 auth = yes
    workgroup = xxx
    security = ads
    realm = XXX.RZ.RWTH-AACHEN.DE
    password server = xxx.rz.RWTH-Aachen.DE
    host msdfs = yes
    [homes]
    msdfs proxy = \yyy.rz.rwth-aachen.de\homes
    browseable = no

    I can connect to the homes share from a windows client which is not a
    member of the AD. But if I use a windows client which is member of the
    domain I get the error message
    "The drive could not be mapped because no network was found"

    What could be the reason?

    We use samba 3.0.23a without winbind. The unix and the windows site have
    different user administrations. The samba users have the same account
    name on both systems.

    Thanks in advance,
    Andrea

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] problems with msdfs proxy in AD environment

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Andrea Lorenz wrote:

    > I can connect to the homes share from a windows client which is not a
    > member of the AD. But if I use a windows client which is member of the
    > domain I get the error message
    > "The drive could not be mapped because no network was found"

    There have been a lot of MS-DFS fixes in 3.0.25rc1.
    Yo might want to test that out to see if we have already
    fixed this issue.




    cheers, jerry
    ================================================== ===================
    Samba ------- http://www.samba.org
    Centeris ----------- http://www.centeris.com
    "What man is a man who does not make the world better?" --Balian
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFGJPPuIR7qMdg1EfYRAnnJAJoC0P3b18We9MMzahrciZ tJHMTQuQCguF2J
    niTv7Eaw1A31OioV5Kju0Bg=
    =fyPt
    -----END PGP SIGNATURE-----
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  3. Re: [Samba] problems with msdfs proxy in AD environment

    Hello Jerry,

    >> I can connect to the homes share from a windows client which is not a
    >> member of the AD. But if I use a windows client which is member of the
    >> domain I get the error message
    >> "The drive could not be mapped because no network was found"
    >
    > There have been a lot of MS-DFS fixes in 3.0.25rc1.
    > Yo might want to test that out to see if we have already
    > fixed this issue.

    If I use 3.0.25rc1 it does not work for domain members and non domain
    members. Do anyone use sambas msdfs code inside an active directory domain?

    Andrea


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  4. Re: [Samba] problems with msdfs proxy in AD environment

    On 4/19/07, Andrea Lorenz wrote:
    >
    > If I use 3.0.25rc1 it does not work for domain members and non domain
    > members. Do anyone use sambas msdfs code inside an active directory
    > domain?
    >
    Yes, but only if the machine account itself can authenticate to the DFS
    server. I find that if the machine account cannot authenticate, it doesn't
    work. The client itself doesn't turn on the DFS bit in SMB_FLAGS2. But you
    say it doesn't work even for non-domain members?

    I have it working for domain members as well, where I'm connecting to the
    DFS server via a netbios alias that is not in AD, so it falls back to NTLM.

    --
    -------------------
    Jim McDonough
    Samba Team
    jmcd at samba dot org
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba
+ Reply to Thread
« [Samba] Creating users | [Samba] file permissions with inherit permission + ACL's »