Samba: Windows can't access linux. Password needed?!?
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Samba: Windows can't access linux. Password needed?!?
Hi all!
After 2 days of agonising pain, I have just about given up, but I thought you might be able to help. I am trying to give my win98 ("bob") and win xp ("annie") machines access to my fc2 with samba.
I have disabled my firewall and at the moment they can see my computer ("micah_fc2").
However, when they click on it, they're asked to type in password for IPC$ access.
I've purposely set it up so that there are no passwords.
Have I missed a step or something?
This is my smb.conf below:
Did you run smbpasswd? You need to add each user to samba and then set the passwd for each user.
As root, run the following for each user:
smbpasswd -a <username>
It will prompt you for a password, it does not have to be the same as the user's linux password. Once the account is added, each individual user can change their smb passwd with the same command, but no -a this time.
The password that was set by smbpasswd is the password that has to be supplied by windows when connecting to the samba share. I think you can use the -n option with smbpasswd to set a blank password. If you don't know what password was supplied when smbpasswd asked for one then I'd say re-run smbpasswd and set a known password for each user that intends to connect via windows.
Thanks for the suggestion! I tried smbpasswd -n "bob" and added "null password = yes" in smb.conf. Unfortunately it didn't seem to work. I then tried it with an actual password (ie. smbpasswd -a bob and typed in a new password) but to no avail. Then I gave it a shot with security = share, smbpasswd -n bob. Still no luck.
I noticed when I "smbclient -L bob", it lists annie as its master (annie is an evil xp machine).
Could this be the cause of any problems given i got local master = yes?
Its probably time to backstep now and put back the original smb.conf file, I've always had that work for the normal user directories. Once that is verified working, go change things one at a time until it breaks again then you can figure out where things are going wrong.
What distro are you using and what version of samba?
I would suggest, instead of reverting back to the original Samba file, comment out all the "valid user" lines, as they can be a pain in the butt if you don't watch it. Also, you might want to comment the "hosts allow" line.
Those are just my suggestions. A good rule of thumb I've learned is that if your security is too restrictive, keep commenting out the restrictions until stuff works to find out what caused it. Could be a mis-typed line, it could be a misunderstanding of what a setting does on a certain line.
And, if you really need, I can always post up a sample working smb.conf for you.
i'm using the latest version of samba (3.0.14a) and fedora core2. Know of any bugs with that combination?
But I'll take out all the unnecessary stuff I've put into smb.conf and give that shot. (My original smb.conf never actually worked but, in restrospect, that had more to do with the firewall I was using at the time.)
I'll let you know how it all goes.
Cheers!
Micah
I think that's the same version I use, and the only Samba bug I know of is actually in the kernel code for the clients (caused hard-locking issues that I, and a lot of the Gentoo forums, were unsure about).
Best advice I can offer (as I've dealt with it myself); get the base config working, then start adding the security stuff into the mix. I've done a lot of on the wrong config files which only ended up causing more issues in the end.
Thanks ARC1450. I will definitely be # any lines I don't know or need. But if you are able to post your smb.conf up on the site that'd be great (because at the very least it will be a good reference point for me.)
Appreciate all the help.
Thanks for that. I'll give it a shot when I get home. A quick question though (just so I understand what it all means):
What does the os level, passdb backend and debug level refer to?
Cheers!
Thanks for that. I'll give it a shot when I get home. A quick question though (just so I understand what it all means):
What does the os level, passdb backend and debug level refer to?
Cheers!
The OS Level is for browser elections. 65 is the default value, I think. I just left it in there, because at the time I was fiddling with domain controllers and master browsers for the network.
Passdb backend is the Password Database Backend. Samba 3 uses a different one than Samba 2 did, but you don't have to put that in there. (To my knowledge).
Debug Level is the amount of information (basically, all info, warnings, errors, errors and warnings, stuff like that) it puts into is log file(s). man smb.conf should give you a lot more info on that one. I think you can go up to level 9 or something, which is REALLY verbose logging, if I remember properly. I think 3 was the default. Not sure on that. I'd have to peek in my Samba book.
Well I puched in the details for the smb.conf you gave me.
However, much to my utter disgust, it still wouldn't work (AGAIN)!
So, given it works for you, I went back to basics and looked at the samba log file.
In it, I found the same error every time I tried to start/restart winbindd:
[2005/06/07 23:45:37, 0] nsswitch/winbindd_util.c:winbindd_param_init(560)
winbindd: idmap uid range missing or invalid
[2005/06/07 23:45:37, 0] nsswitch/winbindd_util.c:winbindd_param_init(561)
winbindd: cannot continue, exiting.
[2005/06/07 23:45:37, 1] nsswitch/winbindd.c:main(897)
Could not init idmap -- netlogon proxy only
I then went through the startup logs and found that
1. winbindd wasn't starting up, and
2. there were a whole lot of errors in the logs about a file called /etc/gconf/gconf.xml. (I can post the errors up if you want)
Are these two things related?
When I installed samba from source, it dumped everything in /usr/local/samba - including smbd, nmbd and swat. (Weird?!)
It didn't create an /etc/init.d/smb file either.
So I think there may be some discrepencies that have arisen when I installed samba.
Are there any settings I need to change in specific files that can fix this?
I have found web pages that mention nsswitch.conf... does that have anything to do with it?
Just out of curiosity, why didn't you use Yum (or whatever FC's package manager is) to get the latest and greatest Samba?
If you were trying to start the one you compiled from source, you should use something like smbd -D and nmbd -D to start it up.
I tried once to install Apache via source because I was ticked off at RH in the 7.0 days. GUess what. . .no go. I found out that RH did things their own special little way, just enough to piss off a source code compile of some packages.
gconf, AFAIK, is related to Gnome. I have NO clue why that popped up in the error logs.
nsswitch. . .I've never touched it. You aren't trying to use the tdbsam for your password db backend, are you? If you are, you have to switch that stuff over to tdbsam before you can tell Samba to use it, as it'll default to the old way for compatibility purposes.
What do the web pages say about nsswitch.conf?
[edit]You can always run testparm to make sure the syntax in your smb.conf file is correct so as to rule out issues with that.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.