[opensuse] virtualbox bridged network adapter
Hi (Sorry but I can't make it shorter than this) I'm trying to simulate a real network using virtualbox and in particular test the possibility of a single sign on linux/windows lan. Samba is working. I can see users linux /home folders on the windows machine by entering: \\hh1\lynn2 LDAP is working since lynn2 can login at a command line and the username/password works for seeing the share from windows as above. /var/log/messages and /var/log/samba/log.smbd confirm this. log.nmbd also confirms that the samba server is also a logon server. I have a windows 7 virtual machine setup: 192.168.1.2 opensuse 11.4 DNS server, LDAP server, samba server PDC for a domain called HH1, gateway 192.168.1.1 192.168.1.4 Windows 7 running in virtualbox, joined to the domain HH1, DNS set to 192.168.1.2, gateway 192.168.1.1 When I try to logon to the domain from windows, it gives me the error 'No logon servers available' whether I have the static setup as above or automatic IP and DNS via dhcp. I can ping linux from windows but cannot ping windows from linux. Trying to ping 192.168.1.4 from a linux terminal drops everything. Both machines can ping the gateway and both can see internet. I am trying to diagnose the problem of not being able to logon to the Samba domain and wonder whether the cause could be to something to do with the widows machine being on virtualbox and not being able to ping it as above. Virtualbox is set to emulate a real network adapter as follows: Adapter 1: Intel PRO/1000 MT Desktop (Bridged adapter, eth1) Could anyone help me with this? Thanks. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Mon, 7 Nov 2011 02:09:10 lynn wrote:
Hi
(Sorry but I can't make it shorter than this)
I'm trying to simulate a real network using virtualbox and in particular test the possibility of a single sign on linux/windows lan. Samba is working. I can see users linux /home folders on the windows machine by entering:
\\hh1\lynn2
LDAP is working since lynn2 can login at a command line and the username/password works for seeing the share from windows as above. /var/log/messages and /var/log/samba/log.smbd confirm this. log.nmbd also confirms that the samba server is also a logon server.
I have a windows 7 virtual machine setup:
192.168.1.2 opensuse 11.4 DNS server, LDAP server, samba server PDC for a domain called HH1, gateway 192.168.1.1
192.168.1.4 Windows 7 running in virtualbox, joined to the domain HH1, DNS set to 192.168.1.2, gateway 192.168.1.1
When I try to logon to the domain from windows, it gives me the error 'No logon servers available' whether I have the static setup as above or automatic IP and DNS via dhcp.
Lynn, I have had domain logins working from Windows XP but never from Windows 7. I believe that there was a documented problem with Win 7 using Samba for domain logons that required a registry hack on Win 7 but I can't remember for sure - it wasn't important enough for me to pursue so I didn't bother with it. Try google and see if it turns up some hints. There might be something else going on with the bridged network adaptor setup too. I use that on my machines but not with domain logins. There are other options for the network adaptor setup (as I'm sure you're aware) and each has different pros/cons - check the VB documentation to see what the limitations of each are. You may need to set up the VM with a different adaptor type and that may end up putting the virtual Windows install onto a different subnet (in which case you'll have to add that subnet to smb.conf and perhaps modify some firewall rules if you run a local firewall on that machine. -- =================================================== Rodney Baker VK5ZTV rodney.baker@iinet.net.au =================================================== -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Monday 07 Nov 2011 07:41:36 Rodney Baker wrote:
On Mon, 7 Nov 2011 02:09:10 lynn wrote:
Hi
(Sorry but I can't make it shorter than this)
I'm trying to simulate a real network using virtualbox and in particular test the possibility of a single sign on linux/windows lan. Samba is working. I can see users linux /home folders on the windows machine by entering:
\\hh1\lynn2
LDAP is working since lynn2 can login at a command line and the username/password works for seeing the share from windows as above. /var/log/messages and /var/log/samba/log.smbd confirm this. log.nmbd also confirms that the samba server is also a logon server.
I have a windows 7 virtual machine setup:
192.168.1.2 opensuse 11.4 DNS server, LDAP server, samba server PDC for a domain called HH1, gateway 192.168.1.1
192.168.1.4 Windows 7 running in virtualbox, joined to the domain HH1, DNS set to 192.168.1.2, gateway 192.168.1.1
When I try to logon to the domain from windows, it gives me the error 'No logon servers available' whether I have the static setup as above or automatic IP and DNS via dhcp.
Lynn,
I have had domain logins working from Windows XP but never from Windows 7. I believe that there was a documented problem with Win 7 using Samba for domain logons that required a registry hack on Win 7 but I can't remember for sure -
Yes. have the registry hack installed: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 I found that without this then win 7 cannot join the samba domain.
There might be something else going on with the bridged network adaptor setup too. I use that on my machines but not with domain logins. There are other options for the network adaptor setup (as I'm sure you're aware) and each has different pros/cons - check the VB documentation to see what the limitations of each are. You may need to set up the VM with a different adaptor type and that may end up putting the virtual Windows install onto a different subnet (in which case you'll have to add that subnet to smb.conf and perhaps modify some firewall rules if you run a local firewall on that machine.
The bridged adapter works now. I can ping both ways. I had to restart windows 7 for the network settings to take effect. Still having trouble logging in. Trying to login from win 7 tells me that 'no logon servers are available'. The logs suggest that there is a logon server. Here is log.nmbd: Nov 7 07:30:05 hh1 nmbd[7677]: [2011/11/07 07:30:05.525647, 0] nmbd/nmbd.c:71(terminate) Nov 7 07:30:05 hh1 nmbd[7677]: Got SIGTERM: going down... Nov 7 07:30:06 hh1 nmbd[7822]: [2011/11/07 07:30:06.171691, 0] nmbd/nmbd_logonnames.c:160(add_logon_names) Nov 7 07:30:06 hh1 nmbd[7822]: add_domain_logon_names: Nov 7 07:30:06 hh1 nmbd[7822]: Attempting to become logon server for workgroup HH1 on subnet 192.168.1.2 Nov 7 07:30:06 hh1 nmbd[7822]: [2011/11/07 07:30:06.173068, 0] nmbd/nmbd_become_dmb.c:292(become_domain_master_browser_bcast) Nov 7 07:30:06 hh1 nmbd[7822]: become_domain_master_browser_bcast: Nov 7 07:30:06 hh1 nmbd[7822]: Attempting to become domain master browser on workgroup HH1 on subnet 192.168.1.2 Nov 7 07:30:06 hh1 nmbd[7822]: [2011/11/07 07:30:06.174071, 0] nmbd/nmbd_become_dmb.c:305(become_domain_master_browser_bcast) Nov 7 07:30:06 hh1 nmbd[7822]: become_domain_master_browser_bcast: querying subnet 192.168.1.2 for domain master browser on workgroup HH1 Nov 7 07:30:10 hh1 nmbd[7822]: [2011/11/07 07:30:10.178990, 0] nmbd/nmbd_logonnames.c:121(become_logon_server_success) Nov 7 07:30:10 hh1 nmbd[7822]: become_logon_server_success: Samba is now a logon server for workgroup HH1 on subnet 192.168.1.2 Nov 7 07:30:14 hh1 nmbd[7822]: [2011/11/07 07:30:14.183889, 0] nmbd/nmbd_become_dmb.c:110(become_domain_master_stage2) Nov 7 07:30:14 hh1 nmbd[7822]: ***** Nov 7 07:30:14 hh1 nmbd[7822]: Nov 7 07:30:14 hh1 nmbd[7822]: Samba server HH1 is now a domain master browser for workgroup HH1 on subnet 192.168.1.2 Nov 7 07:30:14 hh1 nmbd[7822]: Nov 7 07:30:14 hh1 nmbd[7822]: ***** Nov 7 07:30:29 hh1 nmbd[7822]: [2011/11/07 07:30:29.199702, 0] nmbd/nmbd_become_lmb.c:395(become_local_master_stage2) Nov 7 07:30:29 hh1 nmbd[7822]: ***** Nov 7 07:30:29 hh1 nmbd[7822]: Nov 7 07:30:29 hh1 nmbd[7822]: Samba name server HH1 is now a local master browser for workgroup HH1 on subnet 192.168.1.2 Any ideas anyone? Thanks. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Monday 07 Nov 2011 10:30:46 lynn wrote:
On Monday 07 Nov 2011 07:41:36 Rodney Baker wrote:
On Mon, 7 Nov 2011 02:09:10 lynn wrote:
Hi
Hi
Yes. It has to be bridging mode and whilst testing I also used static IP addresses. The other problem was this and I hiope it saves others time: I realised that the name of my Linux box was hh1.com and I had chosen HH1 for the Samba domain name. THat seems sensible enough no? But it seems that that is not allowed. I can't find anywhere in the documentation anything which warns against this. I changed the Samba domain to HH2, removed the old ldap machine objects, unjoined the domain HH1 and rejoined HH2. Everything now works as expected except that at first logon from windows 7, the profile isn't saved. You have to log out and back in again. Then the profile is saved. With XP clients you don't have to relogin. Hope this helps us all toward a single sighn on. It's going to make our lan much more bearable. Thanks to everyone for their time. I'm now going for a single sign on lan which has always been my reason for not allowing windows clients in. Lx -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, 2011-11-07 at 15:15 +0100, lynn wrote:
I realised that the name of my Linux box was hh1.com and I had chosen HH1 for ... I changed the Samba domain to HH2, removed the old ldap machine objects,
Do you know that both domains exist in internet? Is that intentional? - -- Cheers, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk64QWYACgkQtTMYHG2NR9UjmACcDx8M2clh4BEbODK/MnIf2p/w MEIAn1SwAHrWc/Os2PShYkRvi38OhBm2 =7vG6 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Monday, 2011-11-07 at 15:15 +0100, lynn wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Saludos L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/07/2011 05:11 PM, lynn pecked at the keyboard and wrote:
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Monday, 2011-11-07 at 15:15 +0100, lynn wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Saludos L x
Doesn't matter unless you strictly use /etc/hosts for DNS lookups. If not it could cause DNS lookup problems for your local domain. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, 2011-11-07 at 23:11 +0100, lynn wrote:
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Then you should use names that are guaranteed to not exist in internet, like hh1.mine - otherwise you will get into problems, IMO. - -- Cheers, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk65QusACgkQtTMYHG2NR9WvSgCfWNoNRsNnsmDDOepOKucgpKXy e4MAoJFqteu70Wkdhe87YazD2JS4wDe3 =Qa1a -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/08/2011 03:55 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Monday, 2011-11-07 at 23:11 +0100, lynn wrote:
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Then you should use names that are guaranteed to not exist in internet, like hh1.mine - otherwise you will get into problems, IMO. Hi It's beginning to make more sense. It could explain why I have to use bind on the ldap server to get Samba to to recognise the windows 7 clients and/or the other way around. Fortunately with Yast, a DNS server is just a matter of a few clicks. Unfortunately it floods the logs with messages from the named.
Tell me what to do, Cheers L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/7/2011 5:11 PM, lynn wrote:
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Monday, 2011-11-07 at 15:15 +0100, lynn wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Saludos L x
He means was it intentional that you used an *.com domain on a lan. When you do that, the ambiguity that results is your fault, not the fault of whoever out there has those domains on the public net. Ambiguity = problems. Unnecessary ambiguity = unnecessary problems. Don't use <short-string>.com .org .net etc domains on lans unless you need to and are prepared to deal with the complications of getting that to do what you think you want it to do. Even when you actually own the name, it's still a complication although at least then it's possible to address (no pun). -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/08/2011 07:16 PM, Brian K. White wrote:
On 11/7/2011 5:11 PM, lynn wrote:
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Monday, 2011-11-07 at 15:15 +0100, lynn wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Saludos L x
He means was it intentional that you used an *.com domain on a lan.
When you do that, the ambiguity that results is your fault, not the fault of whoever out there has those domains on the public net.
Ambiguity = problems. Unnecessary ambiguity = unnecessary problems.
Don't use <short-string>.com .org .net etc domains on lans unless you need to and are prepared to deal with the complications of getting that to do what you think you want it to do.
Even when you actually own the name, it's still a complication although at least then it's possible to address (no pun).
Yes. I think I understand. Changing the domain name sounds like the way to go. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/08/2011 08:20 PM, lynn wrote:
On 11/08/2011 07:16 PM, Brian K. White wrote:
On 11/7/2011 5:11 PM, lynn wrote:
On 11/07/2011 09:36 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Monday, 2011-11-07 at 15:15 +0100, lynn wrote:
I realised that the name of my Linux box was hh1.com ... Do you know that both domains exist in internet? Is that intentional? Not intentional. I think all domains that are of the form xyz.com will be snapped up in internet. Mine is only a 192.168 lan address.
Saludos L x
He means was it intentional that you used an *.com domain on a lan.
When you do that, the ambiguity that results is your fault, not the fault of whoever out there has those domains on the public net.
Ambiguity = problems. Unnecessary ambiguity = unnecessary problems.
Don't use <short-string>.com .org .net etc domains on lans unless you need to and are prepared to deal with the complications of getting that to do what you think you want it to do.
Even when you actually own the name, it's still a complication although at least then it's possible to address (no pun).
Yes. I think I understand. Changing the domain name sounds like the way to go. L x
Well, I unjoined the windows boxes from the domain, changed the server name to xxx.site, changed the LDAP dc to dc=site, turned off bind and rejoined the windows 7 boxes to the domain. Amazingly they are working without my internal DNS running. Your ambiguity argument has a lot in its favour. I just wish I knew enough to explain all this. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (5)
-
Brian K. White -
Carlos E. R. -
Ken Schneider - openSUSE -
lynn -
Rodney Baker