Configuring samba server in Mac OS X Leopard

If you don’t have Mac OS X Leopard server you have a Samba implementation limited mostly to home directories and a lot of borking around, if you’re a typical Unix Admin as I am you’ll want to take things in your hands and add the shares you want yourself in the command line.

Leopard uses Samba 3 and its own authentication and locking methods connected to its auth layer and afp locking so a typical samba config file won’t work, it also has a dynamically modificable part which is configured via System Preferences.

This is not the smartest method neither prepared for faint hearted people, but it’ll work if you’re used to Linux.

If you had samba already working on Tiger the changes are only at locking, vfs and user auth, which is what enables all the new Leopard system to work properly.

This are the exact changes from Tiger to Leopard

You want to take a look at the realm SHA1 strings since they’re dependant on your installation, you can always check the new /etc/smb.conf in Mac OS X Leopard and then merge it up with your previous config, or replace the config as I did and just add this.

The Leopard samba configuration is brilliant, but at the same time limited to push you to buy the Server version, at the same time it’s interesting to play with the includes it adds too, but this at least will get your previous samba config out and running fine.

Trunking between a Cisco Catalyst and a 3Com SuperStack

Trunking between this equipments is problematic at best, the meaning of trunk in the 3com is not the same as in the Catalyst, also the vlan methods are not the same either.

Trunk in the 3Com SuperStack is port aggregation between two 3Com devices, whether in the Cisco is really a downlink trunk, luckily both devices speak 802.1q so the trunk configuration shouldn’t be a big problem.

First of all we need to establish the trunk port between the Catalyst and the SuperStack, so we’ll start by defining the port in the Catalyst.

Some considerations on this config. It’s always recommended by Cisco and security-wise to use another vlan than vlan 1 for trunking, that’s what we’re doing here, also we’re restricting which vlans we will accept and retransmited to the 3Com switch.

There’s a huge implementation difference between the trunking trunking transmission between Cisco and 3Com, the 3Com switches tag all the vlans by default, but the Cisco switch won’t tag the trunk vlan, this is a really annoying factor that made me waste some hours!

The trick resides in adding all the vlans tagged into the port that you’re using as a trunk, you don’t really need to add the trunking vlan that you configured back on the cisco, it doesn’t work that way. So let’s add one by one all the vlans in the trunk port. In order to do that we need to use the bridge menu in the 3com switch.

Repeat this in the trunk port for each vlan you’re adding in the Cisco trunk side. When you have your trunk port configured properly (also be careful with duplex and speed configs) you just need to add the ports into the vlan untagged. So let’s say we want to add port 1 to the vlan 10.

As soon as that’s done the port will be talking head to head with all the other ports in vlan 10 also in the Cisco switch.

The difficult thing is making the 3Com switch accesible through an IP address, since the 3Com switch will only publish its public IP address though VLAN 1, this one is a though cookie.