From owner-freebsd-net Tue Aug 24 9:30:21 1999 Delivered-To: freebsd-net@freebsd.org Received: from maine.60north.net (maine.60north.net [198.143.201.10]) by hub.freebsd.org (Postfix) with ESMTP id 4734215939; Tue, 24 Aug 1999 09:28:00 -0700 (PDT) (envelope-from ankzt@maine.60north.net) Received: from localhost (ankzt@localhost) by maine.60north.net (8.9.3/8.9.2) with ESMTP id LAA01403; Tue, 24 Aug 1999 11:05:12 -0400 (EDT) (envelope-from ankzt@maine.60north.net) Date: Tue, 24 Aug 1999 11:05:12 -0400 (EDT) From: Bill To: questions@freebsd.org Cc: freebsd-net@freebsd.org Subject: cvsup'd to 3.2 from 3.1 arp changes? SMB changes! Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org after upgrading from 3.1 stable to 3.2 stable via cvs I noticed that the output from arp -a has changed... looks like for the better as now I dont have to permenat publish my gateway of last resort ( wich would always drop or expire after extend periods of no use ). A bad side affect wich I cant be sure what in this update is responcible for is, workstations on remote networks fail to authenticate ( log on to NT domain ) via samba. The version of samba im using is 2.0.3. My networks look like this... Inet pipe 198.143.201/24 -> FBSD multihomed two net cards ipforwarding. FBSD Interfaces are ed1 @ 192.168.1.10 ed2 @ 198.143.201.10. This box is connected to 2 other networks 192.168.2/24 & 192.168.3/24 via bay routers. All workstations on 192.168.1/24 that are configured to require validation from network happily do so, however since the 3.1 to 3.2 upgrade the workstations on the remote networks wont validate with samba. Remote network connectivity is verified, routers are configured for spanning tree bridging & netbios over tcp. Whats particularly interesting about this is that when i reconfig the MS workstations not to authenticate & login to NT domain, they can see & access the FBSD box running samba using USER level security as well as access their home directories with the correct priveledges. Im stumped. Heres a dump of the relevant globals from testparm: su-2.02# ./testparm | more Load smb config files from /usr/local/samba/lib/smb.conf Processing section "[root]" Processing section "[ports]" Processing section "[homes]" Processing section "[netlogon]" Processing section "[printers]" Processing section "[tmp]" Loaded services file OK. Load smb config files from /usr/local/samba/lib/smb.conf Press enter to see a dump of your service definitions # Global parameters workgroup = MIS netbios name = MAINE netbios aliases = server string = INTERNET SERVER FIREWALL interfaces = 192.168.1.10 198.143.201.10 bind interfaces only = No security = USER encrypt passwords = No update encrypted = No use rhosts = No min passwd length = 5 map to guest = Never null passwords = No password server = smb passwd file = /usr/local/samba/private/smbpasswd hosts equiv = root directory = / passwd program = /bin/passwd passwd chat = *old*password* %o\n *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = Yes log level = 2 syslog = 1 syslog only = No log file = /usr/local/samba/var/log.%m max log size = 50 timestamp logs = Yes protocol = NT1 read bmpx = Yes read raw = Yes write raw = Yes nt smb support = Yes nt pipe support = Yes nt acl support = No announce version = 4.2 announce as = NT max mux = 50 max xmit = 65535 name resolve order = lmhosts host wins bcast max packet = 65535 max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max disk size = 0 max open files = 10000 read prediction = No read size = 16384 shared mem size = 1048576 socket options = TCP_NODELAY stat cache size = 50 load printers = Yes printcap name = /etc/printcap printer driver file = /usr/local/samba/lib/printers.def strip dot = No character set = mangled stack = 50 coding system = client code page = 850 stat cache = Yes domain groups = domain admin group = domain guest group = domain admin users = domain guest users = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = Yes os level = 0 lm announce = Auto lm interval = 60 preferred master = No local master = No domain master = No browse list = Yes dns proxy = No wins proxy = Yes wins server = 192.168.1.15 wins support = No kernel oplocks = Yes ole locking compatibility = Yes smbrun = /usr/local/samba/bin/smbrun config file = preload = lock dir = /usr/local/samba/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 unix realname = No NIS homedir = No panic action = comment = path = alternate permissions = No revalidate = No username = guest account = pcguest invalid users = valid users = admin users = read list = write list = force user = force group = read only = Yes create mask = 0744 force create mode = 00 directory mask = 0755 force directory mode = 00 guest only = No guest ok = No only user = No hosts allow = 192.168.1. 192.168.2. 192.168.3. 127. hosts deny = status = Yes max connections = 0 min print space = 0 strict sync = No sync always = No print ok = No postscript = No printing = bsd print command = lpr -r -P%p %s lpq command = lpq -P%p lprm command = lprm -P%p %j lppause command = lpresume command = queuepause command = queueresume command = printer name = printer driver = NULL printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes fake oplocks = No locking = Yes oplocks = Yes strict locking = No share modes = Yes copy = include = exec = postexec = root preexec = root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filetimes = No dos filetime resolution = No fake directory create times = No ps sorry if ive encluded a bit to much information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message