Find the answer to your Linux question:
Results 1 to 9 of 9
Hi folks, I am having some probs since moving my Samba PDC server to a new machine. Previously CentOS 5.3 32bit Samba 3.4.13, now CentOS 6.4 64 bit Samba 3.6.9. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2013
    Posts
    6

    Problems after moving Samba PDC to new machine


    Hi folks,

    I am having some probs since moving my Samba PDC server to a new machine.

    Previously CentOS 5.3 32bit Samba 3.4.13, now CentOS 6.4 64 bit Samba 3.6.9.

    I replicated users and groups matching UID and GID
    used rsync to copy /etc/samba and homes
    set the local sid to match old server
    set the domain sid to match old server
    mapped Domain Users, Admins & Guests to the same unix groups as before
    Converted Unix Users to Samba users (not sure this was needed or right)

    I did all of the above when I had to rebuild the old server & had no problems, the domain just worked.

    Initially I had folders with no files but then realised selinux was enabled so sorted that. No firewall running at all yet as once samba is working I want to set up a vpn. Only other thing different is the machine's unix hostname (samba all the same, using same smb.conf)

    I can see the new server from it's IP address and users are authenticated and get access to folders they should but the server cannot be found by its netbios name (unimaginatively \\server). Winbindd does not seem to be starting on the new server so I started it manually then started samba but no luck.

    Any body have ideas where I have gone wrong and why its not working?

    Thanks in advance.

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,737
    What about your iptables rules? Have you tried disabling that as well as SELinux entirely to see if that sorts out the problem? If so, and you still need iptables and SELinux running, then it is in the rules being enforced, which you will also need to replicate from the old system.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Just Joined!
    Join Date
    Oct 2013
    Posts
    6
    Thanks Rubberman, I think the firewall is disabled. How would I tell? Forgive me, I learn bits I need to know as I go along. I did all of the above when my old server crashed and samba just worked. But now I have moved it to new hardware and using 64 bit it isn't. Had I realised that SELinux was being installed I would have taken it off; I don't need it on this home setup. Cheers for taking the time.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,737
    To see if iptables is running (there are two versions - one for ipv4 and one for ipv6) run the commands (as root or sudo) "service iptables status" and "service ip6tables status". If they are off, the output will be "iptables (or ip6tables): Firewall is not running." - anything else indicates that you need to disable them. As for SELinux, look at the file /etc/selinux/config. If it is disabled, it will look like this:
    Code:
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=disabled
    # SELINUXTYPE= can take one of these two values:
    #     targeted - Targeted processes are protected,
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted
    If it isn't disabled, you will need to set the rule "SELINUX=disabled" and then reboot the system.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  6. #5
    Just Joined!
    Join Date
    Oct 2013
    Posts
    6
    Both versions of iptables are disabled. Selinux is disabled.

    I find it odd that I can see the shares through their ip address but not through their netbios names.

    I'm at a loss Can you think of anything else?

  7. #6
    Linux Guru
    Join Date
    Nov 2007
    Posts
    1,763
    I find it odd that I can see the shares through their ip address but not through their netbios names.
    This is not odd or strange. Your issue is name resolution. When you type in an IP, you bypass the need for the OS to perform *name resolution* and find the IP. You need to determine *how* you want your clients to perform resolution and then configure them to do so. Relying on 'netbios' is not a solution for anything but a home network. Normal options are hosts files, DNS, NIS, or LDAP.

    FYI, you can find information about Samba's implementation of 'netbios functionality' on their website. But I would again suggest a more robust name resolution method than netbios.

  8. #7
    Just Joined!
    Join Date
    Oct 2013
    Posts
    6
    Thanks HROadmin26, I agree that it looks like a resolution issue. It seems that is where the problem was; nmb was not starting. Don't know why, have reinstalled, rebooted and hey presto.

    This is a home network at my parents'. I'd like to do something else instead of netbios but lack of time outside work to learn it has stopped me so far.

    My next priority is to get a VPN working so I can use the server to back up stuff from my windows pc at my home. Any thoughts on best way to do that.

    Many thanks.

  9. #8
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,737
    This may be a DNS issue. Do you have a local DNS server running? FWIW, configuring a DNS server is not for the faint-of-heart...
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  10. #9
    Just Joined!
    Join Date
    Oct 2013
    Posts
    6
    I spoke too soon on Sunday I sorted nmb and restarted all the machines and all was well. Yesterday the two machines couldn't log in. They are moaning about the trust relationship broken. Have recreated the machine accounts but no joy. Clients are XP. Any thoughts.

    My only DNS server runs on the adsl router.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •