Rolando Pintro's picture
Rolando Pintro - Tue, 2012/02/14 - 00:37

I got my file server appliance deployed through Amazon EC2 Cloud but I am not clear about how to test or connect to the shared resources from a Windows system. I have experience connecting to resources on Windows.  That's not the problem. It just fails when I try to connect with the appliances UNC path.  I happened to be testing from Windows 7 Professional, but I will be connecting with some XP systems as well.  The setup was amazingly easy, as indicated on the turnkey linux site but I am not sure how to proceed from here.  Does anyone have any simple steps that I could follow?  Thanks.

Rolando

Forum: 
Support
Tags: 
samba
file server
Rolando Pintro's picture

Rolando Pintro - Tue, 2012/02/14 - 06:37

Since there are not takers yet I thought I would provide some additional information.   I would greatly appreciate it if someone could help me figure this out.

From Windows 7 PC

I would type "\\ip address of my file server appliance\srv\storage" then hit enter.

Wait a few seconds and get an error from windows about can't connect

Run the troubleshooter and would get the following response:

 

***
Issues found 
file and print sharing resource (ip suppressed) is online but isn't responding to connection attempts.file and print sharing resource (ip suppressed) is online but isn't responding to connection attempts.
The remote computer isn’t responding to connections on port 445, possibly due to firewall or security policy settings, or because it might be temporarily unavailable. Windows couldn’t find any problems with the firewall on your computer.  Detected  
Contact the service provider or owner of the remote system for further assistance, or try again later Completed 
 
Issues found Detection details 
 
6 file and print sharing resource (ip suppressed) is online but isn't responding to connection attempts. Detected  
 
The remote computer isn’t responding to connections on port 445, possibly due to firewall or security policy settings, or because it might be temporarily unavailable. Windows couldn’t find any problems with the firewall on your computer.  
***End of response***
Jeremy Davis's picture

Jeremy Davis - Tue, 2012/02/14 - 08:47

(And I'm being serious, not sarcastic, just in case you weren't sure).

Anyway, Samba is a bit of a pain to configure in my experience. Firstly you need to realise that it is sort of like Windows sharing, but different too (although they are somewhat compatible obviously).

So you will need to create as many Linux user accounts as you plan to have separate users. Then once that is done you need to sync Linux users and Samba users (they have different user databases). Then you need to ensure that both Linux and Samba permissions are set for the fileshares (this is similar to Windows as there are share permissions as well as Win user file permissions). Personally I use Samba (share) permissions to allocate users read access to a given share (and give them read/write access in Samba) and then use Linux user permissions (ie file permissions) to allocate write access (to the users I want to give this to). I'm not saying that this is the best way, but it's always the way I've done things on Windows, so used the same sharing config model for use with Linux/Samba.

And IIRC the Linux path to the root share is '/srv/storage' but the Samba path is '\storage'

Personally I haven't ever accessed Win shares over the internet but I have read that it's not a good idea security wise. Most stuff I have read suggests using a VPN to access these shares or use some other protocol that is more secure (like WebDAV over https). Unfortunately WebDAV is not configured in TKL Fileserver although perhaps it should be!?

One final thing is that AWS has a built in firewall (I think it's called a security profile) and TKL appliances have this preconfigured. But considering the potential security risks that I have read about, I'm not sure whether these ports are open by default or not? It isn't documented anywhere either way from what I can gather.

So all in all, I'm perhaps not a lot of help to you...

Rolando Pintro's picture

Rolando Pintro - Tue, 2012/02/14 - 23:55

 

JedMe:

Thanks for responding.  I appreciate your contributions to this forum.  You didn't come out as sarcastic at all.  Initially I hesitated posting on the forum because on so many other forums out there, you have guys that clearly got the skills but not the people skills.  They like to pontificate and still not offer anything constructive.  Your response was well mannered and constructive. Thanks.

I set this up to test the viability of the TKL File Server appliance for a project.  I agree, accessing shares on a production system through the Internet would cause me to have many sleepless nights but using the cloud infrastructure at first seemed like the quickest way for me to deploy a test system.  In retrospect, I ended up wasted lots of hours banging my head against the wall.  I should have drop the iso on some old hardware and test it in a local network and use OpenVPN to access it over the web.

Keep up the good job.  The world could always benefit from a little altruism.

Rolando

Chris Musty's picture

Chris Musty - Tue, 2012/02/14 - 16:04

I have a file server that backs up to TKLBAM.

The theory is that if the server dies I can restore TKLBAM on a temporary cloud unit and still access the files (albeit slowly).

I tested it and it worked but man was it slow and I had to open the nfs ports (135-139???) on my firewall etc etc. Also I had to remove all restrictions to access it as no users were setup. OK to just get at a file but not good to leave wide open for anyone and everyone.

Chris Musty

Director

Specialised Technologies

Rolando Pintro's picture

Rolando Pintro - Wed, 2012/02/15 - 00:00

Chris:

Thanks for shedding light on this.  I wanted to test the performance and you just save me some time.  

Rolando

Add new comment