Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've been using Linux exclusively for 4 years at home (currently Mandrake 8.2) and am trying to get my office interested. I'm not in IT department so they are very suspicious of what I'm doing.
After pestering for some months they gave me an old server to use. It's a Comaq Proliant 1500 with 32 bit Smart Array using an Intel Pentium 100 and 96Mb RAM. After many attempts I got Mandrake 8.0 up an running. There were initial problems recognising the RAM and getting the Smart Array configured but that's history.
Now I have Samba loaded and I can use Gnome Samba browser to see the Win2000 network but so far I cannot open any of the other computers on the network. If I look from a Win200 terminal I can see my linux server but cannot enter.
I've tried using SWAT but I really am now a newbie and am struggling. What I would like is a very basic samba.conf setup without any security that would let me access from win2000 to the linux server. Later I can add the security as I learn.
Can anyone help please? The vultures are flying overhead and are hoping to take back the server for Win.
Hopefully
David (oth88)
PS To me Linux has been the greatest thing since sliced bread!!
Did you log in the samba server's log file to see what it says when you fail to connect from win to your box? It might give you some clues.
I usually tcpdump the connection if all else fails - you can watch the traffic and see where it get sstuck, like who talked last.
You probably know this - you can make a smbfs mount point in /etc/fstab just like an nfs one. We are using samba between central Unix servers and user Linux desktops - we can't allow nfs mounts because of the host-local security issue, but samba with its central authentication is fine.
If you are dealing with user desktop as you do, set the suid bit on /usr/bin/smbmnt, create /mnt/sharename, and add to the /etc/fstab (all in one line)
Many thanks for your help. I'm probably more of a newbie than you think but I'm trying your suggestions but so far without success. I modified the fstab file but it won't mount. I probably got some of the "where.you.are" and "sharename" bits wrong.
Today I achieved a great leap forward (for me anyway). I loaded Mandrake 8.2 to my laptop to dual boot with W2k and tonight I managed to connect with ssh to the Linux server through the office network.
Now I've got ssh working from win2000 to the Linux server. The smb log files (log.username) are saying:
lib/util_sock.c:write_socket_data(540)
write_socket_data: write failure. Error = connection reset by peer.
lib/util_sock.c:write_socket (565)
write_socket: Error writing 4 bytes to socket 6: Errno = connection reset by peer.
lib/util_sock.c:send_smb (754)
error writing 4 bytes to client. -1 exiting
I have set up a username in the linux server with the same username and password as the win2000 client that is trying to access through network neighborhood.
If you can point me in the right direction I would appreciate it. Thanks
David
remind me - in the "network neighborhood" view, does your Linux box show up?
Does any of your boxes have a firewall (iptables on linux, some zonealarm or some such on win)? During those tests, shut down iptables if they are on.
Then go and try a samba connection from your linux machine to itself while tailing the log files.
smbclient -L <the machine's own ip> -U <theusername>
that should list the shares on your box, say you have "data". Then make /tmp/xxx, and
Quote:
mount -t smbfs -o username=<you> //192.168.xxx.xxx/data /tmp/xxx
where you put in the machine's ip. So you mount its own samba share on the local box, just to eliminate the win box at this point. Watch the log files. If all goes ok, you get a passwd prompt for the samba password.
Yes, the Linux box does show up in the network neighbourhood but if I try to access it says:
\\Gpclinux is not accessible. The network path was not found.
I tried your suggestion with a small modification. I connected from my win2000 laptop and logged in as root to Gpclinux server using ssh. Then I did the connection that you suggested and I was able to log in with one of my user accounts (dne). It asked for my password and all was fine. The following was displayed:
Sharename type Comment
-------------------------------------------------------
share disk Linux share space
dne disk
guest disk
user disk
IPC$ IPC IPC service (Samba)
Server Comment
------------------------------------------
GPC-PDC
GPCLINUX Samba
Gpclinux is the name that I gave the Linux server and GPC is the win2000 network. I'm not sure why GPC-PDC has shown up as it is just one on many clients on GPC.
So any ideas on how to let win clients look into Gpclinux?
Well, in order to reverse the path to your Gpclinux (which advertises itself alright), the nmbd (the "Netbios Name Server") must have all the info and that seems to be the problem. We are approaching the limits of my knowledge how in detail this protocol works, but since you established that the samba server lets you in in general, try, on the win box, to "Map network drive" (right-click on my computer), then don't call it by its name but by its IP, like \\192.168.xxx.xxx\user disk
I'm not sure if the space in the name of the shares is a good idea.
Alternatively, you may want to google around for info about how the mastership of the domain is handled and stuff, and who has the master nmbd, and so on.
Many thanks for your invaluable help. I have the server running and can now access from my win2k with putty so I can experiment with all the samba settings. I have set up shares but they only work if I set the access as Public. If I try anything else I get the usertname/password dialogue box and it always rejects my password.
I have set the a user in the linux server to have the same name and password as my win2k computer. I have set the smbpasswd by adding that user and password. I have tried every (well what seems like every) combination of allowing hosts, guest only, writeable, user list and so on but I never seem to get the right one.
I have set password encrypted and have tried share, user, domain and server but none work. I have been through all the helps and samba.org but can't seem to find the right answers.
well, maybe you can try to compare the security-relevant settings that I have in my smb.conf file with yours. After that, I would break out tcpdump as a way to see what's going on.
Here's what I have in smb.conf that has some impact on the password business:
Quote:
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = user
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# The following are needed to allow password changing from Windows to
# update the Linux sytsem password also.
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
# You can use PAM's password change control flag for Samba. If
# enabled, then PAM will be used for password changes when requested
# by an SMB client instead of the program listed in passwd program.
# It should be possible to enable this without changing your passwd
# chat parameter for most setups.
pam password change = yes
# This parameter will control whether or not Samba should obey PAM's
# account and session management directives. The default behavior is
# to use PAM for clear text authentication only and to ignore any
# account or session management. Note that Samba always ignores PAM
# for authentication in the case of encrypt passwords = yes
obey pam restrictions = yes
Failing that, well, for that kind of problem I just capture the dialog with tcpdump for any more clues. Try, for example
tcpdump -s 1500 -i eth0 -X host <yourwinbox>
that prints the packets to and from your windows box. Maybe it tells you something, but of course it's a shot in the dark.
Thanks for your input. A little while after I made the changes the network PDC (W2k) crashed. Since the company has bought a new machine I think the problem was harware but the IT department think it might be the Linux server. As I set the OS level to 0 I don't think this could be the reason. Could the PAM settings have any effect on the PDC server? Anyway they have disconnected me for the time being. At the same time they had a hardware failure on a RAID array server (it's actually a linux firmware setup) which again had nothing to do with the Linux server but I shall stop further work until the dust settles.
Let ME know i had the same problem this was my first intrest of leting Win2k Pro To Login on Linux Server and LInux To Act As Domain but not as a Active Directory That option is in the lates version of Samba i gues it's version 3. i worked very hard to get this thing woked and finaly Thankx God it happend.......
anyway i worked on Red Hat Linux 7.3 so if i can heilp u on this just let me know
There are a number of docs describing in detail the Samba installation.
I had my own share of problems when installing it for the first time to run on a Win2k dominated network.
I found this file very helpful in diagnosing my problems (path taken directly from my RH 7.3 box - it may be elsewhere on your system):
I'm a little late getting in on this. I take it you company runs in a domain model. Then you need to make the samba sever part of the domain. First you need the admins to create an account on the PDC for your Linux box. You will also have to make a static DNS entry for the Linux box too, since Linux doesn't do dynamic DNS.
Then at the command line you need to type smbpasswd -j <domain anme> -r <machine Name>. This will join the Linux box to the Windows domain.
To make it easy you need to tell samba to authenticate thru the PDC. I have a very simple smb.conf file posted on my website. It's http://www.valkyre.net/~tangle/web/c.../smb_conf.htm. You need to change the names and number in the config file to match those of your netwrok.
The wins server = tell the sever what wins server to registar itself with. This should take care of the name resolution thing and allow you to map a drive by using a UNC name (ie \\Gpclinux\share name\)
The security = tells the server that it should authenticate through a server, not itself.
The password server = tells the server what password server to use. Instead of a name I would use the IP number of the server.
This config file worked fine for me at home, when I had a Windows 2000 domain set up. It is very simple and you will find out that you will need more thing added.
Let me know if this helps
One other thing, tell those so called admins that you got that a Linux box running samba will not crash a PDC or any other node on the network. If DHCP is running it might hose your DHCP service but would never crash a server. I take it they are all paper MCSEs. HAHAHA
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.