LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-05-2012, 05:52 PM   #1
Gyrogypsy
LQ Newbie
 
Registered: Apr 2012
Location: Weybridge, Surrey
Distribution: Fedora 16
Posts: 13

Rep: Reputation: Disabled
Angry SAMBA Configuration - Cannot access SAMBA Shares


Good Evening,

After some help yesterday, I am now having issues with SAMBA in FC16. I have followed every guide out there, and still cannot connect my Win7 machine to my FC16 SAMBA share. I am using KDE, Dolphin, and have updated.

Here is where I am:
> Share created (Right click, Properties, Share, Share with Samba and named the share)
> Allowed SAMBA as Trusted through Firewall
> Added User with Password
> Added share in Samba Server Configuration
> Checked smb.conf for correct share entry
> Changed to allow NTLMv2 in Windows Network Security

I have disabled firewall, modified smb.conf with several recommendations, and I still cannot get my Win 7 machine to map the Samba share.

If anybody has had the same issue or knows where I am going wrong, would appreciate you help.

Many thanks
Simon
 
Old 04-05-2012, 11:16 PM   #2
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,576
Blog Entries: 31

Rep: Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195
How are you trying to map the drive on the W7 computer and what symptoms do you see? Can the same W7 computer map shares on any other computer?

Are the samba daemons running? ps -ef | egrep '[sn]mbd' will show.

Are there any error messages in the /var/log/samba/* files?

Please post the smb.conf.canonical file generated by running testparm smb.conf > smb.conf.canonical in the /etc/samba directory (press Enter when testparm prompts for it).
 
Old 04-06-2012, 08:30 AM   #3
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,194
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Quote:
Originally Posted by Gyrogypsy View Post
Good Evening,

After some help yesterday, I am now having issues with SAMBA in FC16. I have followed every guide out there, and still cannot connect my Win7 machine to my FC16 SAMBA share. I am using KDE, Dolphin, and have updated.

Here is where I am:
> Share created (Right click, Properties, Share, Share with Samba and named the share)
> Allowed SAMBA as Trusted through Firewall
> Added User with Password
> Added share in Samba Server Configuration
> Checked smb.conf for correct share entry
> Changed to allow NTLMv2 in Windows Network Security

I have disabled firewall, modified smb.conf with several recommendations, and I still cannot get my Win 7 machine to map the Samba share.

If anybody has had the same issue or knows where I am going wrong, would appreciate you help.

Many thanks
Simon
I think it would be helpful if you post your smb.conf and iptables rule so that we can figure out the problem
 
Old 04-06-2012, 05:55 PM   #4
Gyrogypsy
LQ Newbie
 
Registered: Apr 2012
Location: Weybridge, Surrey
Distribution: Fedora 16
Posts: 13

Original Poster
Rep: Reputation: Disabled
Hi - Thanks for the reply and the help!

Here is the result of
Code:
ps -ef | egrep '[sn]mbd'
Code:
root@FC16 Documents]# ps -ef | egrep '[sn]mbd'
root       825     1  0 22:36 ?        00:00:00 /usr/sbin/nmbd
root       846     1  0 22:36 ?        00:00:00 /usr/sbin/smbd
root       851   846  0 22:36 ?        00:00:00 /usr/sbin/smbd
So the daemons are running.

Looking at the log files, I see something interesting. It seems that my Win7 machine is attemmpting to connect (Win7 machine is SHMAIN2), and when I view the log.shmain2 I get a load of entries exactkly the same (with different date stamps). The share I am attempting to connect to is MediaStore. The network is on 172.16.0.xxx

Code:
[2012/04/05 21:11:47.264158,  0] smbd/service.c:1022(make_connection_snum)
  canonicalize_connect_path failed for service MediaStore, path /mnt/PERC_R
AID/MediaStore
Here is the Canonical file>>>

Code:
[root@FC16 samba]# more smb.conf.canonical
[global]
	workgroup = MYGROUP
	server string = Samba Server Version %v
	log file = /var/log/samba/log.%m
	max log size = 50
	idmap config * : backend = tdb
	cups options = raw

[homes]
	comment = Home Directories
	read only = No
	browseable = No

[printers]
	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	print ok = Yes
	browseable = No

[MediaStore]
	path = /mnt/PERC_RAID/MediaStore
	read only = No
	guest ok = Yes
However, here is my full smb.conf

Code:
[root@FC16 samba]# more smb.conf
# This is the main Samba configuration file. For detailed information about
 the
# options listed here, refer to the smb.conf(5) manual page. Samba has a hu
ge
# number of configurable options, most of which are not shown in this examp
le.
#
# The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
# guides for installing, configuring, and using Samba:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# The Samba-3 by Example guide has working examples for smb.conf. This guid
e is
# generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# In this file, lines starting with a semicolon (;) or a hash (#) are
# comments and are ignored. This file uses hashes to denote commentary and
# semicolons for parts of the file you may wish to configure.
#
# Note: Run the "testparm" command after modifying this file to check for b
asic
# syntax errors.
#
#---------------
# Security-Enhanced Linux (SELinux) Notes:
#
# Turn the samba_domain_controller Boolean on to allow Samba to use the use
radd
# and groupadd family of binaries. Run the following command as the root us
er to
# turn this Boolean on:
# setsebool -P samba_domain_controller on
#
# Turn the samba_enable_home_dirs Boolean on if you want to share home
# directories via Samba. Run the following command as the root user to turn
 this
# Boolean on:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory, such as a new top-level directory, label i
t
# with samba_share_t so that SELinux allows Samba to read and write to it. 
Do
# not label system directories, such as /etc/ and /home/, with samba_share_
t, as
# such directories should already have an SELinux label.
#
# Run the "ls -ldZ /path/to/directory" command to view the current SELinux
# label for a given directory.
#
# Set SELinux labels only on files and directories you have created. Use th
e
# chcon command to temporarily change a label:
# chcon -t samba_share_t /path/to/directory
#
# Changes made via chcon are lost when the file system is relabeled or comm
ands
# such as restorecon are run.
#
# Use the samba_export_all_ro or samba_export_all_rw Boolean to share syste
m
# directories. To share such directories and only allow read-only permissio
ns:
# setsebool -P samba_export_all_ro on
# To share such directories and allow read and write permissions:
# setsebool -P samba_export_all_rw on
#
# To run scripts (preexec/root prexec/print command/...), copy them to the
# /var/lib/samba/scripts/ directory so that SELinux will allow smbd to run 
them.
# Note that if you move the scripts to /var/lib/samba/scripts/, they retain
# their existing SELinux labels, which may be labels that SELinux does not 
allow
# smbd to run. Copying the scripts will result in the correct SELinux label
s.
# Run the "restorecon -R -v /var/lib/samba/scripts" command as the root use
r to
# apply the correct SELinux labels to these files.
#
#--------------
#
#======================= Global Settings ==================================
===

[global]

# ----------------------- Network-Related Options -------------------------
#
# workgroup = the Windows NT domain name or workgroup name, for example, MY
GROUP.
#
# server string = the equivalent of the Windows NT Description field.
#
# netbios name = used to specify a server name that is not tied to the host
name.
#
# interfaces = used to configure Samba to listen on multiple network interf
aces.
# If you have multiple interfaces, you can use the "interfaces =" option to
# configure which of those interfaces Samba listens on. Never omit the loca
lhost
# interface (lo).
#
# hosts allow = the hosts allowed to connect. This option can also be used 
on a
# per-share basis.

# hosts deny = the hosts not allowed to connect. This option can also be us
ed on
# a per-share basis.
#
	workgroup = MYGROUP
	server string = Samba Server Version %v

;	netbios name = MYSERVER

;	interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
;	hosts allow = 127. 192.168.12. 192.168.13.

# --------------------------- Logging Options -----------------------------
#
# log file = specify where log files are written to and how they are split.
#
# max log size = specify the maximum size log files are allowed to reach. L
og
# files are rotated when they reach the size specified with "max log size".
#

	# log files split per-machine:
	log file = /var/log/samba/log.%m
	# maximum size of 50KB per log file, then rotate:
	max log size = 50

# ----------------------- Standalone Server Options -----------------------
-
#
# security = the mode Samba runs in. This can be set to user, share
# (deprecated), or server (deprecated).
#
# passdb backend = the backend used to store user information in. New
# installations should use either tdbsam or ldapsam. No additional configur
ation
# is required for tdbsam. The "smbpasswd" utility is available for backward
s
# compatibility.
#

	security = user
;	passdb backend = tdbsam


# ----------------------- Domain Members Options ------------------------
#
# security = must be set to domain or ads.
#
# passdb backend = the backend used to store user information in. New
# installations should use either tdbsam or ldapsam. No additional configur
ation
# is required for tdbsam. The "smbpasswd" utility is available for backward
s
# compatibility.
#
# realm = only use the realm option when the "security = ads" option is set
.
# The realm option specifies the Active Directory realm the host is a part 
of.
#
# password server = only use this option when the "security = server"
# option is set, or if you cannot use DNS to locate a Domain Controller. Th
e
# argument list can include My_PDC_Name, [My_BDC_Name], and [My_Next_BDC_Na
me]:
#
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
#
# Use "password server = *" to automatically locate Domain Controllers.

;	realm = MY_REALM

;	password server = <NT-Server-Name>

# ----------------------- Domain Controller Options -----------------------
-
#
# security = must be set to user for domain controllers.
#
# passdb backend = the backend used to store user information in. New
# installations should use either tdbsam or ldapsam. No additional configur
ation
# is required for tdbsam. The "smbpasswd" utility is available for backward
s
# compatibility.
#
# domain master = specifies Samba to be the Domain Master Browser, allowing
# Samba to collate browse lists between subnets. Do not use the "domain mas
ter"
# option if you already have a Windows NT domain controller performing this
 task.
#
# domain logons = allows Samba to provide a network logon service for Windo
ws
# workstations.
#
# logon script = specifies a script to run at login time on the client. The
se
# scripts must be provided in a share named NETLOGON.
#
# logon path = specifies (with a UNC path) where user profiles are stored.
#
#

;	domain master = yes
;	domain logons = yes

	# the following login script name is determined by the machine name
	# (%m):
;	logon script = %m.bat
	# the following login script name is determined by the UNIX user us
ed:
;	logon script = %u.bat
;	logon path = \\%L\Profiles\%u
	# use an empty path to disable profile support:
;	logon path =

	# various scripts can be used on a domain controller or a stand-alo
ne
	# machine to add or delete corresponding UNIX accounts:

;	add user script = /usr/sbin/useradd "%u" -n -g users
;	add group script = /usr/sbin/groupadd "%g"
;	add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M 
-d /nohome -s /bin/false "%u"
;	delete user script = /usr/sbin/userdel "%u"
;	delete user from group script = /usr/sbin/userdel "%u" "%g"
;	delete group script = /usr/sbin/groupdel "%g"


# ----------------------- Browser Control Options -------------------------
---
#
# local master = when set to no, Samba does not become the master browser o
n
# your network. When set to yes, normal election rules apply.
#
# os level = determines the precedence the server has in master browser
# elections. The default value should be reasonable.
#
# preferred master = when set to yes, Samba forces a local browser election
 at
# start up (and gives itself a slightly higher chance of winning the electi
on).
#
;	local master = no
;	os level = 33
;	preferred master = yes

#----------------------------- Name Resolution ----------------------------
---
#
# This section details the support for the Windows Internet Name Service (W
INS).
#
# Note: Samba can be either a WINS server or a WINS client, but not both.
#
# wins support = when set to yes, the NMBD component of Samba enables its W
INS
# server.
#
# wins server = tells the NMBD component of Samba to be a WINS client.
#
# wins proxy = when set to yes, Samba answers name resolution queries on be
half
# of a non WINS capable client. For this to work, there must be at least on
e
# WINS server on the network. The default is no.
#
# dns proxy = when set to yes, Samba attempts to resolve NetBIOS names via 
DNS
# nslookups.

;	wins support = yes
;	wins server = w.x.y.z
;	wins proxy = yes

;	dns proxy = yes

# --------------------------- Printing Options ----------------------------
-
#
# The options in this section allow you to configure a non-default printing
# system.
#
# load printers = when set you yes, the list of printers is automatically
# loaded, rather than setting them up individually.
#
# cups options = allows you to pass options to the CUPS library. Setting th
is
# option to raw, for example, allows you to use drivers on your Windows cli
ents.
#
# printcap name = used to specify an alternative printcap file.
#

;	load printers = yes
	cups options = raw

;	printcap name = /etc/printcap
	# obtain a list of printers automatically on UNIX System V systems:
;	printcap name = lpstat
;	printing = cups

# --------------------------- File System Options -------------------------
--
#
# The options in this section can be un-commented if the file system suppor
ts
# extended attributes, and those attributes are enabled (usually via the
# "user_xattr" mount option). These options allow the administrator to spec
ify
# that DOS attributes are stored in extended attributes and also make sure 
that
# Samba does not change the permission bits.
#
# Note: These options can be used on a per-share basis. Setting them global
ly
# (in the [global] section) makes them the default for all shares.

;	map archive = no
;	map hidden = no
;	map read only = no
;	map system = no
;	store dos attributes = yes


#============================ Share Definitions ===========================
===

[homes]
	comment = Home Directories
	browseable = no
	writable = yes
;	valid users = %S
;	valid users = MYDOMAIN\%S

[printers]
	comment = All Printers
	path = /var/spool/samba
	browseable = no
;	guest ok = no
;	writable = No
	printable = yes

# Un-comment the following and create the netlogon directory for Domain Log
ons:
;	[netlogon]
;	comment = Network Logon Service
;	path = /var/lib/samba/netlogon
;	guest ok = yes
;	writable = no
;	share modes = no

# Un-comment the following to provide a specific roving profile share.
# The default is to use the user's home directory:
;	[Profiles]
;	path = /var/lib/samba/profiles
;	browseable = no
;	guest ok = yes

# A publicly accessible directory that is read only, except for users in th
e
# "staff" group (which have write permissions):
;	[public]
;	comment = Public Stuff
;	path = /home/samba
;	public = yes
;	writable = yes
;	printable = no
;	write list = +staff

[MediaStore]
	path = /mnt/PERC_RAID/MediaStore
	read only = no
;	browseable = yes
	guest ok = yes
I hope this helps.. and once again I appreciate your help!!

Simon

Last edited by Gyrogypsy; 04-06-2012 at 05:57 PM. Reason: Missed some information...
 
Old 04-06-2012, 08:36 PM   #5
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
I don't see a "Security = ..." line in your smb.conf file. The default is "security = user". It usually is accompanied with "map to guest = bad user".
From the smb.conf manpage:
Quote:
Originally Posted by smb.conf manpage
Bad User - Means user logins with an invalid password are rejected, unless the username does not exist, in which case it is treated as a guest login and mapped into the guest account.
Also, check if selinux is restricting smbd access to it's own files. At home, I had samba problems, and noticed error messages in the logs due to AppArmor restrictions.

Make sure that users in windows have corresponding samba entries (smbpasswd -a). Especially for "Security = User" model. Maybe that is what you did, which you described as "Added User with Password".

If you have problems with browsing to shares, check the firewall settings. Make sure the the UDP ports are also open
 
Old 04-06-2012, 11:40 PM   #6
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,576
Blog Entries: 31

Rep: Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195
Does /mnt/PERC_RAID/MediaStore exist and does it have read and write (and the directories, execute) access for the user running samba (normally root)?
 
Old 04-09-2012, 03:57 PM   #7
Gyrogypsy
LQ Newbie
 
Registered: Apr 2012
Location: Weybridge, Surrey
Distribution: Fedora 16
Posts: 13

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by catkin View Post
Does /mnt/PERC_RAID/MediaStore exist and does it have read and write (and the directories, execute) access for the user running samba (normally root)?
Hi. Yes it does exist and I can read/write as normal to that directory and sub directory.

There is an entry

Code:
security = user
and I have added the "bad user" entry now also.

Does anybody have any other ideas?
 
Old 04-09-2012, 11:47 PM   #8
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,194
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Quote:
Originally Posted by Gyrogypsy View Post
> Added User with Password
> Added share in Samba Server Configuration
Are you not at all able to connect to the samba share or you get the prompt for username and password?

As I don't see any place where you have mentioned the valid users who have the privilage to connect your samba share

have you added this option in samba share
Code:
valid users = abc xyz
Code:
#smbpasswd -a abc
assign a new password
uncomment these lines and make an entry of your interface and hosts IP range in smb.conf
Code:
hosts allow = 127. 192.168.12. 192.168.13.
interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
restart your samba

post your iptables rule on server and check the firewall of windows which might be creating problems
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to see shares on samba server - no authentication access desired (open access) neoelf Linux - Networking 1 06-14-2009 04:18 PM
can not access samba shares from a VIRTUAL samba server using smb4k nass Fedora 0 12-13-2008 05:39 AM
Can see samba shares, but not access them FWSquatch Linux - Newbie 8 02-26-2008 09:04 AM
Samba: I can see the shares but not access them !? Thoddy Linux - Software 6 04-02-2006 06:24 AM
Samba and MS Access Shares oneiltj Linux - Software 3 03-18-2003 12:32 PM


All times are GMT -5. The time now is 09:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration