LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-29-2005, 12:26 PM   #1
mikeindo
Member
 
Registered: May 2004
Posts: 43

Rep: Reputation: 15
samba newbie driven crazy


I've posted about my problem before but still not fixed. Never posted my conf files so I'll try that this time. I have a home network of W2K Pro PC, XP Pro PC, XP Home laptop, W2K Server (no AD), and RedHat9 box that already runs SFTP/SSH, all connected to Internet DSL line via a Linksys router. IP scheme of 10.1.1.x/24.

Trying to get Samba working on the RH9 box and have tried configuring thru smb.conf, RH9's built-in Samba utility, and SWAT, all of which have failed to make this work. At first I wanted to be prompted for RH9 login info when connecting from any Windows box (no matter what Windows username), but now would just be happy to connect at all! I enter \\server\share in Windows' Run dialog and then prompted for login info, but rejects info I know is right. Then thru some miracle, the RH9 box now actually appears in Windows' My Network Places. But upon clicking it, error basically says "inaccessible; might not have permissions."

Below are my smb.conf and smbusers files. FWIW, all the computers listed above are entered with respective IPs in the lmhosts file, also in /etc/samba. And smbpasswd file only contains 'mike' account info.

[global]
workgroup = BINY (<-- matches Windows boxes)
netbios name = HOMER
server string = samba server
security = SHARE
encrypt passwords = Yes
obey pam restrictions = Yes (<-- havent done anything with pam)
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba/smbusers
log file = /var/log/samba/%m.log
max log size = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = No
dns proxy = No
wins support = Yes
guest account = mike
hosts allow = 10.1.1. 127.
printing = cups

[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No

[printers] (<-- dont care about printing)
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

[mike]
path = /home/mike
username = mike
read only = No
create mask = 0750
guest ok = Yes

----------------------------------------------------
--SMBUSERS file---

root=administrator
root=admin
root=root
nobody=guest
nobody=pcguest
nobody=smbguest
mike="agent smith" (<-- login account on XP laptop)
mike=administrator
mike=mike


Since it's my home directory I want to access, do I even need to specify the share "mike"? Also, does NMBD need to run? Do I need to have the Windows and RH9 usernames match (tried that too but still failed)? Are there any other files or configurations I might want to check outside of the Samba-specifics that might be preventing this from working on a broader level? FYI, when I first installed RH9, I selected "No Firewall."

Thanks a ton in advance!!!

p.s. Maybe this would shed light: cant seem to access http://homer:901 from Windows machines to access SWAT, even though Apache is running. No rejection of any kind - just times out. But I can successfully SFTP/SSH to it. Indication of anything?

Last edited by mikeindo; 06-29-2005 at 12:31 PM.
 
Old 06-29-2005, 01:40 PM   #2
gnukish
Member
 
Registered: Apr 2005
Location: Neverland
Distribution: Slackware / Ubuntu
Posts: 171

Rep: Reputation: 30
Configuring Samba ==> refer this link
Code:
http://rapidshare.de/files/2631299/Samba_configuration.pdf.html
 
Old 07-22-2005, 10:47 AM   #3
mikeindo
Member
 
Registered: May 2004
Posts: 43

Original Poster
Rep: Reputation: 15
Well, I appreciate your response, but I've already checked out what seems like a ton of generic Samba configuration guidelines. This one didn't seem to quite fit my situation (no domain) but I still tried a couple things from it. Now, I can't even see the RH9 box in WinXP's My Network Places anymore! Argh! Help is much appreciated...

Last edited by mikeindo; 07-22-2005 at 10:49 AM.
 
Old 07-23-2005, 07:45 AM   #4
ravikantthegenius
LQ Newbie
 
Registered: Jul 2005
Location: Delhi
Posts: 2

Rep: Reputation: Disabled
Re: samba newbie driven crazy

Quote:
Originally posted by mikeindo

I am not very clear with what you want to do.
Please tell me what are your requirements, i may help you according to that. You can mail me at ravikantthegenius@yahoo.com

I've posted about my problem before but still not fixed. Never posted my conf files so I'll try that this time. I have a home network of W2K Pro PC, XP Pro PC, XP Home laptop, W2K Server (no AD), and RedHat9 box that already runs SFTP/SSH, all connected to Internet DSL line via a Linksys router. IP scheme of 10.1.1.x/24.

Trying to get Samba working on the RH9 box and have tried configuring thru smb.conf, RH9's built-in Samba utility, and SWAT, all of which have failed to make this work. At first I wanted to be prompted for RH9 login info when connecting from any Windows box (no matter what Windows username), but now would just be happy to connect at all! I enter \\server\share in Windows' Run dialog and then prompted for login info, but rejects info I know is right. Then thru some miracle, the RH9 box now actually appears in Windows' My Network Places. But upon clicking it, error basically says "inaccessible; might not have permissions."

Below are my smb.conf and smbusers files. FWIW, all the computers listed above are entered with respective IPs in the lmhosts file, also in /etc/samba. And smbpasswd file only contains 'mike' account info.

[global]
workgroup = BINY (<-- matches Windows boxes)
netbios name = HOMER
server string = samba server
security = SHARE
encrypt passwords = Yes
obey pam restrictions = Yes (<-- havent done anything with pam)
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba/smbusers
log file = /var/log/samba/%m.log
max log size = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = No
dns proxy = No
wins support = Yes
guest account = mike
hosts allow = 10.1.1. 127.
printing = cups

[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No

[printers] (<-- dont care about printing)
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

[mike]
path = /home/mike
username = mike
read only = No
create mask = 0750
guest ok = Yes

----------------------------------------------------
--SMBUSERS file---

root=administrator
root=admin
root=root
nobody=guest
nobody=pcguest
nobody=smbguest
mike="agent smith" (<-- login account on XP laptop)
mike=administrator
mike=mike


Since it's my home directory I want to access, do I even need to specify the share "mike"? Also, does NMBD need to run? Do I need to have the Windows and RH9 usernames match (tried that too but still failed)? Are there any other files or configurations I might want to check outside of the Samba-specifics that might be preventing this from working on a broader level? FYI, when I first installed RH9, I selected "No Firewall."

Thanks a ton in advance!!!

p.s. Maybe this would shed light: cant seem to access http://homer:901 from Windows machines to access SWAT, even though Apache is running. No rejection of any kind - just times out. But I can successfully SFTP/SSH to it. Indication of anything?
 
Old 07-23-2005, 10:30 AM   #5
mpeg4codec
Member
 
Registered: Jul 2005
Distribution: Debian, Gentoo, self-built [not LFS]
Posts: 109

Rep: Reputation: 15
Firstly, you can make your hosts allow line read

hosts allow = 10.1.1.

to allow your entire subnet to access the machine. Not sure if you were trying to do that or not.

Secondly, your smbusers should look like this:

root = administrator admin root
nobody = guest pcguest smbguest
mike="agent smith" mike

I don't think having administrator as both root and mike works. The point here is that multiple mappings to the same users name should be [have to?] be on the same line, delimited by spaces.

Thirdly, for the [homes] share, you probably would like permissions more like:

create mask = 0644
directory mask = 0755

Or, as I prefer, do a 0600 and a 0700. That one's up to you. Also, there is no need to share [mike] directly; you can connect to the homes share by calling it the username. For instance, both \\homer\homes and \\homer\mike will map to /home/mike as long as you use the login mike [or anything that maps to mike, such as agent smith].

Finally, make sure you've given your users Samba passwords. They're maintained separately due to Samba's need to do LM and NTLM challenge-responce authentication. The command to add a Samba user is:

smbpasswd -a mike

Which will prompt you for his new password. After that, to simply change his password, just run

smbpasswd mike. It looks like Samba will [attempt to] update your PAM password at the same time. Note that I have never been able to get this to work, but maybe you'll have more luck.

Let me know if you need any more help. Good luck to you.
 
Old 08-02-2005, 12:04 AM   #6
mikeindo
Member
 
Registered: May 2004
Posts: 43

Original Poster
Rep: Reputation: 15
well, the RH9 box is back in the My Network Places folder on the XP machine (thank you), but after following your instructions, trying to map a network drive still results in rejected password-like behavior. i try to map to \\homer\homes, \\Homer\homes, \\homer\mike, and \\Homer\mike, and all throw me back to the login prompt as if i've entered a wrong password. is there maybe a log file on the RH9 box i can check to verify or refute this? Security log mentions nothing.
 
Old 08-02-2005, 09:21 AM   #7
satinet
Senior Member
 
Registered: Feb 2004
Location: England
Distribution: Slackware 11, Sabayon 3.1
Posts: 1,464

Rep: Reputation: 46
well

I think the basic problem is that you are using security = share when you should be using security = user so that users are autheticated on a per connection basis. Share level security does allow for this. It's a simple mechanism to share folders without security.

also your file /etc/samba/smbusers is formatted incorrectly. If you want to map more than one user name to the same unix username you should use seprate windoze user names on the same line as directed above. Anyway, this is completly pointless as this file is only valid if you use server or domain security. Which requires a windows password server (i.e a PDC or PDC emulator under AD).

Basically you want to use user level security. With no usermap - this is not needed. And use the unix logon mike to get access to shares. make sure mike is a unix user and use smbpasswd -a to add him as a samba user.


[global]
workgroup = BINY
netbios name = HOMER
server string = samba server
security = user
encrypt passwords = Yes
log file = /var/log/samba/%m.log
max log size = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = No
dns proxy = No

[homes]
comment = Home Directories
read only = No
create mask = 0664
directory mask = 0775
browseable = No

[mike]
path = /home/mike
valid users = mike
read only = Yes
create mask = 0750
guest ok = Yes
write list = mike

I would suggest this as a smb.conf file. Make sure to run testparm on it.


I think you have not understood some of the concepts such as security levels etc....
 
Old 08-03-2005, 12:24 AM   #8
mikeindo
Member
 
Registered: May 2004
Posts: 43

Original Poster
Rep: Reputation: 15
ok mpeg4codec, i did the changes you suggested, like verifying 10.1.1. was in the 'hosts allow' line, reworked the smbusers file's lines, edited the permissions, and verified smbpasswd was set right. restarted smb service. still same ol' re-prompting from XP box upon login attempt. so then, satinet, i tried your suggestions: changed (back) to security = user, verified 'mike' as a unix and samba user set with passwords (using same), made your bolded changes in smb.conf but kept my old smb.conf file, and confirmed with testparm (everything OK). restarted smb service. but sadly, same result: samba share login attempt from XP kicks back to login window like i'm entering wrong info. then i replaced my smb.conf file (backed up first though) with only the things you had in your sample conf file (also added 'hosts allow' line) - and restarted smb service - but still didnt work. then removed 'hosts allow' line, restarted smb service, - still didnt work. back to testparm, should i post the dump? as mentioned in original post, i even tried SWAT awhile back - is there something still in there that might be causing this to still not work?

thanks for your continued help...
 
Old 08-03-2005, 02:19 AM   #9
satinet
Senior Member
 
Registered: Feb 2004
Location: England
Distribution: Slackware 11, Sabayon 3.1
Posts: 1,464

Rep: Reputation: 46
I wouldn't worry about host allow. The default (e.g, if you don't mention it) is to allow any hosts to connect. You could try unecrypted passwords.

It may seem stupid but are you entering the user's samba password rather than his unix password? That is the correct way.

You might needs these lines in:

obey pam restrictions = Yes (<-- havent done anything with pam)
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*

But i don't use them on HP-UX or SCO unix so I can't say. But the password ones are needed in Debian i believe. Again not sure about Red Hat though.

What i said about share level security is correct. btw. So don't use that.....
 
Old 08-04-2005, 12:35 AM   #10
mikeindo
Member
 
Registered: May 2004
Posts: 43

Original Poster
Rep: Reputation: 15
good thought on unencrypted passwords thing, eliminating any crazy algorithm incompatibilities! but alas, it didnt save the day.

actually, the unix and samba pwds happen to match. is that not ok? just to be sure, i reset the samba password to something else, restarted smb, tried from XP box, still failed. but that brings up a question: if i'm supposed to be entering the unix password, where does the link between the two passwords come in? i mean, how does the system even know about the samba passwds if you're entering the unix one? this may be a fundamental samba concept...

i added in those lines too (no, i havent done anything with pam, mainly cuz i'm still not quite sure what 'she' is!), wrote to conf file, restarted smb, ran testparm. still didnt do the trick.

thanks again for your patience and help.

fyi, here's what the smb.conf file looks like now:

------------------------------------------------------------------
# Samba config file created using SWAT
# from homer (127.0.0.1)
# Date: 2005/06/29 00:41:21
# Global parameters

[global]
workgroup = BINY
netbios name = HOMER
server string = samba server
security = user
encrypt passwords = No
log file = /var/log/samba/%m.log
max log size = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = No
dns proxy = No
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*

[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0644
directory mask = 0755
browseable = No

[mike]
path = /home/mike
valid users = mike
read only = Yes
create mask = 0750
guest ok = Yes
write list = mike
------------------------------------------------------------------
 
Old 08-04-2005, 02:18 AM   #11
satinet
Senior Member
 
Registered: Feb 2004
Location: England
Distribution: Slackware 11, Sabayon 3.1
Posts: 1,464

Rep: Reputation: 46
You should be using the samba password.

hmm, i think you should use encryption on passwords. I see no reason why it wouldn't work otherwise.....

in /var/log/samba/ does it give any useful information....????

try adding a new samba user and seeing what happens
 
Old 08-12-2005, 12:00 AM   #12
mikeindo
Member
 
Registered: May 2004
Posts: 43

Original Poster
Rep: Reputation: 15
yes, am using samba passwd.

gone back to encrypting passwds. strangely, now i cant even get a login prompt! XP says "network path cannot be found." so set to unencrypt again, and... still not found. ugh. i can't help but think i've been messing with and tweaking this so much that i've messed it up bigtime. would uninstalling samba from the RH9 CD and reinstalling wipe the slate clean or would settings remain and reappear after reinstall?

adding a new user exhibited same behavior.

-- /var/log/samba --
(fyi, each of these were all done using 'cat' command, and are showing the latest entries)

log.nmbd had this:

[2005/08/09 04:02:15, 0] nmbd/nmbd.c: process(502)
Got SIGHUP dumping debug info.
[2005/08/09 04:02:15, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(289)
dump_workgroups()
dump workgroup on subnet 10.1.1.4: netmask= 255.255.255.0:
BINY(1) current master browser = UNKNOWN
HOMER 40009a03 (samba server)
[2005/08/11 23:31:22, 0] nmbd/nmbd.c:main(794)
Netbios nameserver version 2.2.7a started.
Copyright Andrew Tridgell and the Samba Team 1994-2002


log.smbd repeats only this below but with different timestamps:

[2005/08/11 23:51:45, 0] smbd/server.c:main(707)
smbd version 2.2.7a started.
Copyright Andrew Tridgell and the Samba Team 1992-2002


smbd.log states:

[2005/08/07 04:02:35, 0] smbd/server.c: open_sockets(238)
Got SIGHUP
[2005/08/09 04:02:15, 0] smbd/server.c: open_sockets(238)
Got SIGHUP


nmbd.log says:

[2005/08/11 23:31:20, 0] nmbd/nmbd.c:terminate(59)
Got SIGTERM: going down...


weird about that last one. just from using 'cat'?

thanks again for any help,
mike

Last edited by mikeindo; 08-12-2005 at 12:02 AM.
 
Old 08-12-2005, 07:02 AM   #13
satinet
Senior Member
 
Registered: Feb 2004
Location: England
Distribution: Slackware 11, Sabayon 3.1
Posts: 1,464

Rep: Reputation: 46
ah interesting.

yes, maybe it's time to download the latest samba packages rather than re-install the old redhat ones.

I think you should set local master = yes as it seems to be moaning about this....
 
Old 08-12-2005, 11:42 AM   #14
hlyrad
Member
 
Registered: Jul 2005
Location: Ab Ca
Distribution: Redhat EL Sun Mac OSX FC 3.0 & 4.0
Posts: 44

Rep: Reputation: 15
Here is a samba server smb.conf I have had running for about 2 years.

Code:
[global]
        workgroup = ADMIN-SERVERS
        log file = /var/log/samba/log.%m
        load printers = yes
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
        character set = iso8859-1
        debug uid = yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        domain master = No
        encrypt passwords = Yes
        add user script = /usr/sbin/useradd -d /home/%u -s /bin/ftponly -M %u
        passwd program =/usr/local/samba/bin/smbpasswd -o %u
        smb passwd file = /etc/smbpasswd
        wins support = No
        wins server = 172.20.1.19
        dns proxy = No
        netbios name = Facultyfile
        oplocks = True
        server string = Samba File Server
        printing = lprng
        unix password sync = No
        os level = 74
        printcap name = /etc/printcap
        security = user
        preferred master = no
        max log size = 50
        domain logons = no
        log level = 2
        local master = no
I have never had any problems with this machine. Its a RH 9.0 running Samba 3.0


As for your setup I would try and simplify things a bit.
1. Windows 2000 & XP require encrypted passwords.
2. nmbd is your
Quote:
NetBIOS name server to provide NetBIOS over IP naming servicesto clients
Without it running your Windows machines will not see your samba server.
3. Remove the PAM stuff.
4. Remove the hosts allow

You should work from simple to complex if your having trouble.
Hope this helps
 
Old 08-12-2005, 01:32 PM   #15
msound
Member
 
Registered: Jun 2003
Location: SoCal
Distribution: CentOS
Posts: 465

Rep: Reputation: 30
I posted this thread a while back and it helped the OP. Scroll down to my post and see if it helps.

http://www.linuxquestions.org/questi...hreadid=319720
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with ./config and installing themes - Newbie going crazy! danksmith Linux - Software 3 12-02-2005 04:56 PM
Samba drive me crazy.... melinda_sayang Slackware 5 08-02-2004 11:37 PM
Samba logs rotating like crazy josephswagner Linux - Software 1 07-07-2004 09:55 AM
newbie going slowly crazy............dvd problem gazza Linux - Hardware 3 01-14-2004 04:43 PM
Another crazy samba question? MONA Linux - Networking 3 07-28-2003 11:57 AM


All times are GMT -5. The time now is 03:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration