LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-08-2005, 04:49 PM   #1
rayber2000
LQ Newbie
 
Registered: Feb 2005
Location: Texas
Distribution: Red Hat
Posts: 7

Rep: Reputation: 0
Another quick samba question


I have been setting up a samba server 3.x on Red Hat ES3 and it has been working like a champ. Now, when users are logged into their Windows workstation and they click on the mapped drive to the samba server, they have to re-enter thir user name and password. It wasn't doing that last week. Wierd. The user names and passwords are all the same across the board (Windows, Unix, Samba).
Here is the smb.conf

# smb.conf is the main Samba configuration file.
# Date: 2005-02-12
[global]
workgroup = workgroup
server string = File Server on Fileserver
hosts allow = 192.168.1. 127.
printcap name = /etc/printcap
load printers = Yes
printing = CUPS
log file = /var/log/samba/%m.log
max log size = 0
smb passwd file = /etc/samba/smbpasswd
security = user
encrypt passwords = Yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd: *all*authentication*tokens*updated*successfully*
pam password change = Yes
obey pam restrictions = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
username map = /etc/samba/smbusers
dns proxy = no
;; ldap server = 127.0.0.1

[homes]
comment = Home Directories
browseable = no
writeable = yes
valid users = %S
create mode = 0664
directory mode = 0775

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
guest ok = no
writable = no
browseable = no

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
browseable = yes
printable = no

[company]
comment = Company Documents
path = /home/company
force create mode = 0664
force create directory = 0775
writeable = yes
guest ok = yes

Any ideas what I am missing?

Thanks for all the help this forum has provided.
 
Old 03-10-2005, 02:20 AM   #2
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
I'm wondering if you could include the contents of the /etc/pam.d/samba file.
 
Old 03-10-2005, 07:57 AM   #3
rayber2000
LQ Newbie
 
Registered: Feb 2005
Location: Texas
Distribution: Red Hat
Posts: 7

Original Poster
Rep: Reputation: 0
Ok, seems as though I figured it out and it wasn't an issue with samba.

The client side of the network was once a peer to peer hodg-podge of Windows XP Home/ Windows 2000/ Windows Me. I noticed that I wasn't having the issue on the 2000 & Me systems. I switched gears from samba troubleshooting to Windows troubleshooting. I found that even though I renamed the users from the standard "Owner" account that the system was logging onto the samba shares with the now renamed account. I disconnected the mapped drives and when I re-mapped the samba shares I selected "Connect using a different user name". I typed the samba user name and password and selected "Reconnect at logon". Works like a champ. There must be something buggy w/ XP that leaves the old user credentials in cache somewhere even after you change the user name (and after adding users to the system).
Lesson learned?
Don't bee too quick to blame samba.

Thanks all!
 
Old 03-10-2005, 08:50 AM   #4
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
Quote:
Originally posted by rayber2000
...There must be something buggy w/ XP that leaves the old user credentials in cache somewhere...
FYI XP Home doesn't do user or domain based authentication. This means it treats shares similar to the way Samba does in security=share mode and assigns a (user/)pass to each share rather than matching the logon credentials. Win9x, and I belive ME, do this too although you can set them up either way where as XP Home is stuck (crippled by M$) that way.
 
Old 03-10-2005, 07:17 PM   #5
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
I know that is true for NT4 or Active Directory Domain Security. But I believe you can use User Level Security as long as you are using stand alone machines.



Having a machine that can't join a domain, use TCP/IP instead of NetBIOS! That is really is doing a number on unsuspecting users. Imagine going through the network setup on windows XP home, and you come to the part were you need to produce a floppy disk to set up Windows 95/98/ME clients. Only problem is that you have a new Laptop (with XP preinstalled) which doesn't have a floppy disk!
 
Old 03-11-2005, 02:53 AM   #6
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
User and share level security appear a lot alike, compared to logging into a domain. The difference is when they do verification. With share level security, there is one password (it accepts any username since authentication is done with a user/pass combo) per share and each share can have different passwords. With user level security, a user is granted access to some resource and they are authenticated once on that system for all the connections made (shares, printers, etc.) You can connect to one type from the other, but you will usually get asked for credentials more often because the two expect/assume verification at different times.

This is what rayber2000 appears to have run into. He changed the username on a windows system and that didn't change the authentication of network shares because the system is using share based security and it uses (and stores) a user/pass for each network drive, no matter who is logged on.
 
Old 03-11-2005, 09:07 AM   #7
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
If the user level security is USER rather than SERVER, DOMAIN, or ADS, and you use stand alone servers (no domain controllers) or network logon, then the server with the share you want to access
Quote:
will provide local authentication and access control (From pg. 81 from official samba-3 HOWTO and reference guide.) for all resources that are available from it. In general this means that there will be a local user database. In more technical terms, it mmeans resources on the maching will be made available in either SHARE mode or in USER mode. .... Stand-alone servers do not provide network logon services.
I believe that what an XP home computer cannot do is join any type of Domain Security facility.

If a stand-alone machine with USER security is a local Domain , then I guess XP Home can't do that either.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
A quick SAMBA question Tap-Out Linux - Networking 1 03-18-2004 12:00 AM
samba smb.config question (quick question) TheDOGG Linux - Networking 1 03-02-2004 07:19 AM
Quick Samba Question cmf5150 Fedora 3 01-24-2004 04:06 PM
Quick Samba question tarballed Linux - Networking 8 02-10-2003 12:16 PM
Quick Samba permissions question jamespetts Linux - Networking 2 10-07-2002 05:25 AM


All times are GMT -5. The time now is 08:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration