Am Mi, den 03.08.2005 schrieb Claude Jones um 3:55: > > It explains why "smbclient -L StudyPC" did lead you to the foreign host. > > Why did you set "search com"? Anyway, has nothing to do with Samba or > > your setup problems at all. > > > > I didn't set that - it's either a default setting, or it got set by my doing > something without the slightest idea that the effect was that I was changing > that setting.... Probably you did specify "com" as your domain part and the Fedora tools then add it as search entry to resolv.conf. If your domain used in the LAN is "levitjames.com" instead you should change the "search" entry accordingly to be "search levitjames.com". So hosts like "studypc.levitjames.com" will be found by short hostname "studypc". > actually pretty careful when I mess with settings... According to your quote > below, 'auto' should not have resulted in the above message, anyway. No, "server signing" makes only sense if with other security setups. So the error message is valid, but the setting should do no harm besides filling the log. > > Again, to exclude problems like iptables blocking make sure "smbclient" > > and "smbstatus" on localhost gives proper results. > > I tried this, but the clues left me clueless - however, you gave me an idea... > I created a new rule on my firewall, permitting ALL traffic between the inside > NIC and the Lan in BOTH directions. PRESTO - everything works now. So, the > question is, which additional port do I have to open up to make this all > work? Before opening all, I had 137 tcp/udp, 138 tcp/udp, 139 tcp, > 445 tcp/udp open. Can someone tell what I'm missing? 137/udp, 138/udp, 139/tcp and 445/tcp are enough. Maybe something with the logic of your iptables ruleset is not like it should be? Could be helpful if you show us your ruleset from /etc/sysconfig/iptables or how you did it different. Btw. it can be helpful to run a WINS in your network if you see that it takes long time (up to 12 minutes) until SMB hosts like the Samba machine appear in network browsing. > The problem with your advice, Alexander, is that it's good; but you make > people work for the knowledge for themselves - I appreciate that ;-) :-)) Of course I always like to hear if a suggestion or hint was target leading. What you describe seems to be the case for all remote help without direct access to the trouble system. Helping to find a straight way to the point, excluding non issues quickly. Some sort of minesweeping going in most closest circles around the objects. > Claude Jones Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 17:41:14 up 18 days, 22:13, load average: 0.11, 0.17, 0.20
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
