LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-26-2010, 10:38 AM   #1
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Rep: Reputation: 46
Can't connect to samba share from computers not joined to domain


I have a samba share setup as the following. When I browse to it from PC's added to my AD domain, they connect instantly. When i browse to it from a laptop that's not part of the domain, i get prompted for login credentials. what credentials should I be putting in? I can't seem to figure it out. or is it because i have the workgroup set to what my AD domain name is, and the laptops aren't part of that domain.

path = /data/photos
browseable = yes
force user = pictures
force group = picturesgroup
create mask = 0764
directory mask = 0776
writeable = yes
guest ok = yes
guest only = yes
 
Old 02-26-2010, 10:45 AM   #2
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
you will need to be in the domain to gain access to the share, IIRC.
 
Old 02-26-2010, 10:56 AM   #3
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Original Poster
Rep: Reputation: 46
why though?
 
Old 02-26-2010, 01:07 PM   #4
mesiol
Member
 
Registered: Nov 2008
Location: Lower Saxony, Germany
Distribution: CentOS, RHEL, Solaris 10, AIX, HP-UX
Posts: 731

Rep: Reputation: 137Reputation: 137
Hi,

Windows domains manages computer accounts and user accounts. To be part of a domain and have the possibility to access resources inside the domain it is required that your machine is member of the domain. Otherwise the machine by itself should be rejected. This is a security mechanism. Not sure if it is possible with valid login credentials of a domain user to connect to the share.
 
Old 02-26-2010, 01:31 PM   #5
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Original Poster
Rep: Reputation: 46
I understand domain memberships in a purely windows environment, and the security of domain memberships in general, but this linux server doesn't have a computer account in AD either, so its not part of the domain techincally.
 
Old 02-26-2010, 01:39 PM   #6
mesiol
Member
 
Registered: Nov 2008
Location: Lower Saxony, Germany
Distribution: CentOS, RHEL, Solaris 10, AIX, HP-UX
Posts: 731

Rep: Reputation: 137Reputation: 137
Hye,

so the authentication is done local by the samba server? What does smb.conf parameter
Code:
security=
say?
 
Old 02-26-2010, 02:29 PM   #7
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
Could you post your General section of your samba server's smb.conf file. One option is "Map to Guest = nobody" which maps and unauthenticated user to the "nobody" user. The `nobody' user in Linux is the `guest' user in Windows. Files created in your /data/photos/ directory will be owned by the Linux `nobody' user.

Whether this will work depends on the Security = setting. An unauthenticated user may still get a username and password request but will be allowed access if they just press enter if the share allows Guest access and you use the "Map to Guest" option to map the user to Guest.

See the manpage for smb.conf. It has more info than I have given. Also consider whether you want to allow unauthenticated users access. One solution would be to join the laptop to the domain.
 
Old 02-26-2010, 03:53 PM   #8
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Original Poster
Rep: Reputation: 46
Quote:
Originally Posted by mesiol View Post
Hye,

so the authentication is done local by the samba server? What does smb.conf parameter
Code:
security=
say?
security = share
 
Old 02-26-2010, 03:55 PM   #9
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Original Poster
Rep: Reputation: 46
workgroup = MyADDomain
server string = photos_samba
lock directory = /tmp/samba
log level = 1
log file = /tmp/samba/samba-logs/%m.log
;max log size = 50
security = share
null passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
getwd cache = yes
hide dot files = yes
interfaces = 10.1.2.3/23
local master = no
domain master = no
 
Old 02-26-2010, 03:56 PM   #10
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Original Poster
Rep: Reputation: 46
there's also a hosts allow in global, but i verified my IP is in there so i didn't post that with all my IPs
 
Old 02-26-2010, 08:41 PM   #11
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
Security = Share is intended for old Win98 style networks. I'm surprised that AD members can sign on. It doesn't look like your server is really a domain member.

Since it isn't and you didn't indicate the passdb backend, the default is used. This used to be "passdb backend = smbpasswd" but for newer versions of samba the default is " passdb backend = tdbsam". You might try using the "smbpasswd" command to add the laptop user(s) to the tdbsam database (or the smbpasswd file).

Also post the output of:
ls -ld /data/photos

For the long term, I would recommend downloading the Samba 3 books from the samba website (or installing the samba_doc package for your distro if available) and read up on configuring the samba server to become a domain member. The regular samba package also supplies the "Using Samba" book (in html form).
 
Old 02-27-2010, 04:09 AM   #12
sumanch
LQ Newbie
 
Registered: Jan 2010
Posts: 24

Rep: Reputation: 16
Not sure ifyou have already tried this . But I think you need to add a samba user in the machine where you running samba .
smbpasswd -a <username> . this adds a user and changes their password . When youare trying to access the share . you have to enter this password .
 
Old 03-01-2010, 11:12 AM   #13
rjo98
Senior Member
 
Registered: Jun 2009
Location: US
Distribution: RHEL, CentOS
Posts: 1,668

Original Poster
Rep: Reputation: 46
but shouldn't it be forcing the user for that share so I don't need it? plus the guest options are enabled, so i'm really confused why i can't connect to it, even if i just type in guest for the username.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Enable Windows to share remote Samba files to other computers TheOneAndOnlySM Linux - Networking 3 11-03-2008 09:39 PM
debian joined AD fine, want a samba share with windows permissions k0r54 Linux - Software 3 12-28-2007 04:44 AM
Windows 98 computers does not reconnect to SAMBA share eswanepoel Linux - Software 2 07-24-2007 03:10 AM
Unable to share files from my linux to windows computers through samba Niceman2005 Linux - Software 5 05-21-2006 09:19 PM
connect to a domain controller share linuxnube Linux - Networking 0 02-26-2004 01:47 PM


All times are GMT -5. The time now is 06:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration