Sorry - I pasted it out of my own smb.conf without thinking too much about it (I got it myself from a Samba manual a long time ago), thanks for prompting me to look it up again!

From man smb.conf:

create mask (S)
When a file is created, the necessary permissions are calculated
according to the mapping from DOS modes to UNIX permissions, and
the resulting UNIX mode is then bit-wise 'AND'ed with this
parameter. This parameter may be thought of as a bit-wise MASK
for the UNIX modes of a file. Any bit not set here will be
removed from the modes set on a file when it is created.

The default value of this parameter removes the 'group' and
'other' write and execute bits from the UNIX modes.

Following this Samba will bit-wise 'OR' the UNIX mode created
from this parameter with the value of the force create mode
parameter which is set to 000 by default.

This parameter does not affect directory modes. See the parameter
directory mode for details.

Note that this parameter does not apply to permissions set by
Windows NT/2000 ACL editors. If the administrator wishes to
enforce a mask on access control lists also, they need to set
the security mask.

Default: create mask = 0744

Example: create mask = 0775

Of the UNIX permissions the last 3 relate to owner, group and others and are made up of the sum of the bits 4=read,2=write and 1=execute.

Therefore 0660 means owner read/write (4+2), group (owwers default group) read/write, others (not members of the owners default group) forbidden. The default mask (0744) means owner read/write/execute, group and others read.

Similar logic applies to directory mask, whose default is 0755.

Because Windows permissions don't map directly to Unix permissions there are some potential issues when setting file permissions on Samba files in Windows. It's worthwhile having a play around with this and looking both from the Windows end and the Linux end what effect this has on the core permissions and how this affects other users. There are some additional Samba configuration parameters that can affect this and the default settings depend on the version of Samba. The intention of my settings for my shared area was to make all users part of the default users group be able to read, modify, create and delete files. I think in a previous version I also used to set the 'sticky' bit (which is bit 1 of the first number, ie 1660 rather than 0660). This if memory serves me was to make it such that only the original owner could delete their own files. However, as you could always modify someone else's file (and delete the contents!) I changed it.

I also set up individual data directories for users as in /data/user1, /data/user2 etc. The following is from my smb.conf:

[data]
comment = Network data directories
path = /data/%u
create mask = 0640
directory mask = 0750
guest ok = no
printable = no
read only = no
browseable = yes

The %u in the path maps their own data area to each user as they attach to Samba. Because the resulting share has the same name it can be mapped as //server/data by any user in Windows, but will relate to their own data area!

Hope this prompts you into a voyage of discovery!

The command you refer to 'chmod' changes the file permissions on the folder. `chmod 777 <user folder>` sets the folder to be readable and writable by anyone. For more information see http://catcode.com/teachmod/ (an extremely detailed tutorial on that command!)

Andrew,

Can't say I fully understand your post, although I'm begining to get to grips with the chmod and the numbers (thanks phn). I have copies the mask entries into my smb.conf and will see how it goes. Both machines networked fine this morning. I'm sure a quick re-boot will stop that

A quick re-boot did indeed lose all connectivity. Tried for about half an hour to re-connect with no joy. Left the XP machine for 15 minutes and tried again. Initially nothing. Then, out of the blue, it connected.

I've decided I need an exorcist. I'm sure it would make no difference (just as has everything else so far) but at least it might be entertaining

I'm working on a way that using the Linux box as a client might help me achieve my objective, as that works faultlessly.

Just realised that's not entirely true. I cannot browse the network from the Linux box to see my shared printer

There are a couple of things that spring to mind, but firewall is at the top of the list. If pinging works successfully both ways and all the machines are on the same network the low-level network communication is working ok. The Windows browsing mechanism is quite complicated and separate from the actual sharing of network drives, it's therefore quite possible for browsing not to work but mapping of network drives still to work.

I'd try disabling the firewall on both the linux box and the XP machine and see if that makes browsing spring into life.

This is weird. The Linux box has been on most of the day. The XP machine has been on and off. Every time the Windows machine starts it has been able to find the connection. Until I restart the Linux box, then it seems to disapear and only succesive restarts or network restarts seems to get the connection back.

I've tried turning firewalls of on both machines. There seems to be no difference. The worst thing about this is that it is intermittent, with no clear pattern to connectivity. I'm going to try and resist the urge to change anything else over the next few days to see if a pattern emerges.

Sounds like a fight between XP and Samba as to who will be the master browser. I'd suggest having a read of the Samba-HOWTO-Collection, Chapter 9 Network browsing. In my own setup I have the main Samba server as a Primary Domain Controller for a Windows domain that the Windows machines log into. It is also a WINS server and it is set to be the local master browser, the domain master browser and the preferred master. However, even without being a domain controller you can set the Samba server up to be all of those things, the relevant sections in the [global] section are:

domain master = yes
local master = yes
preferred master = yes
os level = 65
wins support = yes

With these settings on startup the Samba server will force a browser election and win it. The other thing required to make it all hang together is that the IP address of the Samba server must be set up for all the Windows machines as the address of the WINS server.

The browsing issues are to do with how Windows machines register themselves with master browsers and how they find out the services available. This all used to be done with netbios broadcasts, but since W2K and XP it can be done by DNS if netbios over TP/IP isn't enabled. It can also be done manually with the LMHOSTS file.

The other thing I didn't ask is what version of Samba are you using? It should be at least 2.2.8a for 2.x or for 3.x I'm currently running 3.0.9-2.1.

Andrew,

Thanks for sticking with me!

I'm using the most up to date version of Samba. Again, I'm not managing to entirely follow you, but it seems to make sense. When the Windows box starts, it rarely connects. If I leave it 10-15 mins it will connect and have no problem thereafer. I seem to remember you mentioning this at some point.

Just to be absolutely clear; are you suggesting I make the entries you describe, then add the ip address of the Samba server. If so, it creates a bit of a problem as my router uses DHCP to issue the Linux box with the initial ip address. That said, if you are REALLY confident that this will work then I will turn off DHCP and manually assign ip addresses (EEK!). You might have to hold my hand on this one.

Well I think you're right to take a deep breath before you jump!

The first thing is probably to make sure that you can see the Windows box from the linux box. If you make the changes I suggested and the linux box can't see the Windows box then that's the end of that!

You can test this from a command shell on the linux box. For instance if your Windows box is called fred and you have a Windows user called bob then in a command shell try smbclient -L fred -U bob. It will ask you for bob's password and then diplay a list of shares on the Windows box similar to this:

smbclient -L fred -U bob
Password:
Domain=[MYDOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]

Sharename Type Comment
--------- ---- -------
E$ Disk Default share
Share1 Disk
IPC$ IPC Remote IPC
print$ Disk Printer Drivers
Share2 Disk
ADMIN$ Disk Remote Admin
C$ Disk Default share
HP_P1000 Printer hp photosmart P1000 series

This is what my Windows 2000 box looks like - the C$, E$, IPC$ and ADMIN$ shares are hidden system shares (I have two partitions), the Share1 and Share2 disk shares are shares I set up myself and the HP_P1000 is a shared printer.

If you get something similar that shows your own Windows shares then you're pretty safe to do the changes I suggested.

The only other issue you need to cover with a fixed IP address is to make sure you have the default gateway set up and the DNS server too.

I don't know what admin tool you use but before you make any changes have a look at your current configuration and check how you change those. In SuSE they're in the Network Card setup dialogues - Nameserver lists the nameservers and I put in my ISPs 2 nameservers there and Routing lists the default gateway and I put my ADSL router IP address in there.

You can check what your current settings are by looking at /etc/resolv.conf for your nameservers

nameserver 212.23.8.1
nameserver 212.23.8.6

and in a command box as root route -n

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1

{Edit - oops submitted post by accident}

The last line shows my default gateway of 192.168.1.1 which is my routers IP address.

Once you've got the info then it's just a case of changing your IP address to a fixed one and making sure you can set the default gateway and the nameservers.

Once that's working and you can browse the Windows network from the linux box you can then make the changes to smb.conf and then put the Samba server's fixed IP address into the Windows box as the WINS server address.

Andrew,

I cannot browse the Windows network, but I can, and have, mapped directories onto my X destop by typing the address into the GUI application (ie \\windowsname\directory). That is how I'm transferring files from one machine to another.

I subscribed the the Samba news service (might have been you that suggested it). Apparently there is an issue with version 3 of Samba which produces the exact problems I am getting, specifically the NT logon failure. This is not there with previous versions (ver 2.2). Rather than heading down a path that I'm not sure I can correct if I get it wrong, would it not be better to uninstall ver 3 and install ver 2? I think I could manage an install but I'm still unclear about how to uninstall. Can you advise?

One of the reasons I like this forum is that trying to answer queries quite often leads to gaining more knowledge myself!

I think the answer you require is in the rpm command. In SuSE the admin tool YaST takes care automagically of software installs and uninstalls - I don't know if there is a similar tool in your distro. However, because I think we both use rpm packages, the rpm command itself can be used to install, upgrade and erase packages and even has a test mode so that you can just see if there would be any problems. Have a look at the man file.

I must admit that I was previously on Samba 2.2.8a on SuSE 9.0 which was kernel 2.4 and only recently moved to SuSE 9.2 which is the 2.6 kernel and which came with Samba 3. Because my particular setup still worked I hadn't thought of the possibility of things that used to work in 2.x not working in 3.x! I think I'll have a look myself to see what the issues are - thanks for the heads up.

Had a look at samba.org - 2.2.12 is the end of the line for 2.x so I guess it's no good going back now.

Tried to remove Samba using the rpm -e samba command. Seemed to work a treat, Samba was gone. Apparently not! When I tried to install V 2.2.8a there was a dependancy problem. It actually asked for the new version to be installed. Weird. In frustration I tried to re-install V 3 again, to be greeted with the prompt that it was already installed. Oh bugger.

In my frustration, I installed a fresh install of F3 and I'm back where I was. I cannot browse windows (mandrake with smb4k allowed me to do this), but I can still map a folder manually. I still can't map the Windows printer. Nor can I see any shares on the Linux box.

I think it was you that suggested using Windows (in the current Linux box) and "playing" with Linux until it eventually works. I'm going to have one last attempt at following the various suggestion in the Linux bible and the suggestions you make.

It galls me to say it, but if that fails, I'm going back to Windows and start to get some work done on one of the machines. ARGHHHH

The man says use Linux as a server, it's unbeatable. I think not!

Sorry to hear you've still got problems.

One thing to be wary of is relying on graphical browsing - before now I've given up (on SuSE 9.1) because I couldn't browse Windows from KDE and in the end it was a KDE bug that got fixed in an update.

I'd recommend checking everything from the command line - ping, smbstatus, smbclient on linux and try the[B]net, nbtstat/B] commands in a Windows cmd box.

I've got a very mixed Windows environment - Win Me, W2K and XP Home and there were differences and difficulties talking between the Windows machines long before I started using Samba. Most of my issues on the Windows machines were down to firewalls. One XP machine which was working perfectly yesterday refused to browse the network today! I disabled the Windows firewall and browsing sprang into life - put the firewall back and browsing still appeared to work - but it was the original list and not updating. I had to make file and print sharing an exception in the firewall to make it work properly.

All of this is very frustrating but really there are so many possible things in the way that starting from the basics and getting things working stably in stages would be my recommendation.

Good luck.

Andrew,

Thanks for your help. I think it's time to give up and head back to Windows. Sad, but at least it works.

I will install Linux on a partition on the drive and fiddle at some future date.

All the best.