LinuxQuestions.org - Samba question - please help, I'm really out of ideas

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - Samba question - please help, I'm really out of ideas (https://www.linuxquestions.org/questions/linux-software-2/samba-question-please-help-im-really-out-of-ideas-96639/)

Samba question - please help, I'm really out of ideas

Hello. I've recently put up Redhat 9 instead of Mandrake, and now I have a problem with accessing the Linux computer from the one which is running Windows.

Code:

[root@raviv2 linux-2.4]# smbclient -U% -L raviv1

added interface ip=192.168.0.39 bcast=192.168.0.255 nmask=255.255.255.0

Domain=[MSHOME] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]



        Sharename      Type      Comment

        ---------      ----      -------

Error returning browse list: NT_STATUS_ACCESS_DENIED



        Server              Comment

        ---------            -------

        RAVIV1              

        RAVIV2              samba server



        Workgroup            Master

        ---------            -------

        MSHOME              RAVIV1

Raviv1 is the computer running Windows XP, Raviv2 is the one with Redhat.

I was told the problem might be in Windows, because it worked with Mandrake, and maybe when I replaced it to Redhat, the IPs ramain the same so the Windows computer thinks that Raviv2 is still running Mandrake or something like that. Also when I configured it at Windows, when it asked for authentification I also checked the "Remember password" box. Maybe if I can somehow remove this trigger it'll work...

When I try to access Raviv2 from Raviv1 I get the following message:
"\\Raviv2 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

The network path was not found.".

When I try to ping Raviv2 by typing "ping raviv2" I'm getting the following message "Ping request could not find host raviv2. Please check the name and try again.".

However, when I ping Raviv1 from Raviv2, I get ping replies.

Can you please help me resolve it?

hello

first set stetic IP address for both pc of same subnet mask.
then first ping on both machines thier own ip's will confirm that thier own Network Adapter and protocol working fine, and then Ping form both Pc's to each others on IP Address (not on name).

if this step result good then use configure samaba with following help, otherwise check may urs network card or protocle is not proper install or configure.

i have done this , but first i was trying with smb.conf file, then a find a simple and easy way. i used it in redhat 9 Gnome. (defauld samaba installation)
just install samba GUI configuring tool, U can do this from add and remove programe in system setting menu.
after istallation tool install in server setting menu in system setting as samaba server , run it and click on add and select share directory, then click on read and write permission,then select allow access for evry one (or urs requier permission) ok
and . then go in server setting in prefereces tag, type urs workgroup name and in security tag select share in Authentication mode it will enable share level access for remote user and will not ask password, may be this will solve urs problem
enjoy
it will strat sharing from linux box to Microsoft.

__________________

Mobassir Sattar khan

But how do set a new static IP? I know Raviv1 is 192.168.0.1 and Raviv2 is 192.168.0.39

Is there anyway to make Raviv2 192.168.0.2?

Is the guest account enabled at your Windows XP system?

This confused me a lot too, but fortunately, it's not really related to samba.

Hmm I enabled it now but nothing... I think the problem is more related to IPs or something, because I can't ping Raviv2 using its name, but I can ping it using its IP.

Ok I think I analyzed the problem, but I don't know how to fix it...

I tried to ping Raviv2 from Raviv1 by using "ping raviv2.mshome.net", and then Raviv1 is trying to ping the IP 192.168.0.2, while the real IP of Raviv2 is 192.168.0.39. How can I change Raviv2's local IP address?

Your ipaddress can be changed in Linux with ifconfig. be sure to update your route-tables (route), and /etc/hosts aswell, to reflect the new ip addres. (you might want to use the network-config tool of your distro)

Even with the file and printer sharing, you can browse with an IP-adress, instead of a netbios name. Trying \\<ipaddress>\share should work too.

I've found that the exact syntax used does in fact affect whether or not this error appeared for me. For example:
smbclient '\\ntserver\andrew' worked whereas
smbclient '\\ntserver\andrew\' gave me the NT_STATUS_ACCESS_DENIED message. Hope this helps

I tried using ifconfig and I managed to wrack my internet connection, lucky me that an internet connection wizard exists :)

Can you please be more specific in how to change it, or can you supply me with a manual with an understandable language to a linux newbie?

Ok, I issued the following command:

Code:

[root@raviv2 sweiss]# /sbin/ifconfig eth0 add 192.168.0.2

[root@raviv2 sweiss]# ping 192.168.0.2

PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.

64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.115 ms

64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.067 ms

64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.058 ms

Then I used Raviv1 to ping raviv2.mshome.net and it worked. However, when I tried to ping raviv2, it failed. Do I need to reactivate the eth0 device for it to work properly, is it somehow possible to put 192.168.0.2 as a first priority or anything like it?

EDIT: Also, refering to \\raviv2.mshome.net\ from Raviv1 didn't work.

I run a lot of Samba on Red Hat, but I can't help without seeing your /etc/samba/smb.conf file. There are hundreds of things that could be wrong.

I'd also want to see the output of the ifconfig command right after you boot the machine.

smb.conf file:

Code:

# This is the main Samba configuration file. You should read the

# smb.conf(5) manual page in order to understand the options listed

# here. Samba has a huge number of configurable options (perhaps too

# many!) most of which are not shown in this example

#

# Any line which starts with a ; (semi-colon) or a # (hash)

# is a comment and is ignored. In this example we will use a #

# for commentry and a ; for parts of the config file that you

# may wish to enable

#

# NOTE: Whenever you modify this file you should run the command "testparm"

# to check that you have not made any basic syntactic errors.

#

#======================= Global Settings =====================================

[global]



# workgroup = NT-Domain-Name or Workgroup-Name

        workgroup = mshome



# server string is the equivalent of the NT Description field

        server string = 



# This option is important for security. It allows you to restrict

# connections to machines which are on your local network. The

# following example restricts access to two C class networks and

# the "loopback" interface. For more examples of the syntax see

# the smb.conf man page

;  hosts allow = 192.168.1. 192.168.2. 127.



# if you want to automatically load your printer list rather

# than setting them up individually then you'll need this

        printcap name = /etc/printcap

        load printers = yes



# It should not be necessary to spell out the print system type unless

# yours is non-standard. Currently supported print systems include:

# bsd, sysv, plp, lprng, aix, hpux, qnx

;  printing = bsd



# Uncomment this if you want a guest account, you must add this to /etc/passwd

# otherwise the user "nobody" is used

;  guest account = pcguest



# this tells Samba to use a separate log file for each machine

# that connects

        log file = /var/log/samba/log.%m



# Put a capping on the size of the log files (in Kb).

        max log size = 50



# Security mode. Most people will want user level security. See

# security_level.txt for details.

        security = SHARE

# Use password server option only with security = server

;  password server = <NT-Server-Name>



# Password Level allows matching of _n_ characters of the password for

# all combinations of upper and lower case.

;  password level = 8

;  username level = 8



# You may wish to use password encryption. Please read

# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.

# Do not enable this option unless you have read those documents

;  encrypt passwords = yes

;  smb passwd file = /etc/samba/smbpasswd



# The following are needed to allow password changing from Windows to

# update the Linux system password also.

# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.

# NOTE2: You do NOT need these to allow workstations to change only

#        the encrypted SMB passwords. They allow the Unix password

#        to be kept in sync with the SMB password.

;  unix password sync = Yes

;  passwd program = /usr/bin/passwd %u

;  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*



# Unix users can map to different SMB User names

;  username map = /etc/samba/smbusers



# Using the following line enables you to customise your configuration

# on a per machine basis. The %m gets replaced with the netbios name

# of the machine that is connecting

;  include = /etc/samba/smb.conf.%m



# Most people will find that this option gives better performance.

# See speed.txt and the manual pages for details

        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192



# Configure Samba to use multiple interfaces

# If you have multiple network interfaces then you must list them

# here. See the man page for details.

;  interfaces = 192.168.12.2/24 192.168.13.2/24



# Configure remote browse list synchronisation here

#  request announcement to, or browse list sync from:

#        a specific host or from / to a whole subnet (see below)

;  remote browse sync = 192.168.3.25 192.168.5.255

# Cause this host to announce itself to local subnets here

;  remote announce = 192.168.1.255 192.168.2.44



# Browser Control Options:

# set local master to no if you don't want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

        local master = no



# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

;  os level = 33



# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don't use this

# if you already have a Windows NT domain controller doing this job

;  domain master = yes



# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

;  preferred master = yes



# Enable this if you want Samba to be a domain logon server for

# Windows95 workstations.

;  domain logons = yes



# if you enable domain logons then you may want a per-machine or

# per user logon script

# run a specific logon batch file per workstation (machine)

;  logon script = %m.bat

# run a specific logon batch file per username

;  logon script = %U.bat



# Where to store roving profiles (only for Win95 and WinNT)

#        %L substitutes for this servers netbios name, %U is username

#        You must uncomment the [Profiles] share below

;  logon path = \\%L\Profiles\%U



# All NetBIOS names must be resolved to IP Addresses

# 'Name Resolve Order' allows the named resolution mechanism to be specified

# the default order is "host lmhosts wins bcast". "host" means use the unix

# system gethostbyname() function call that will use either /etc/hosts OR

# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf

# and the /etc/resolv.conf file. "host" therefore is system configuration

# dependant. This parameter is most often of use to prevent DNS lookups

# in order to resolve NetBIOS names to IP Addresses. Use with care!

# The example below excludes use of name resolution for machines that are NOT

# on the local network segment

# - OR - are not deliberately to be known via lmhosts or via WINS.

; name resolve order = wins lmhosts bcast



# Windows Internet Name Serving Support Section:

# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server

;  wins support = yes



# WINS Server - Tells the NMBD components of Samba to be a WINS Client

#        Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

;  wins server = w.x.y.z



# WINS Proxy - Tells Samba to answer name resolution queries on

# behalf of a non WINS capable client, for this to work there must be

# at least one        WINS Server on the network. The default is NO.

;  wins proxy = yes



# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups. The built-in default for versions 1.9.17 is yes,

# this has been changed in version 1.9.18 to no.

        dns proxy = no



# Case Preservation can be handy - system default is _no_

# NOTE: These can be set on a per share basis

;  preserve case = no

;  short preserve case = no

# Default case is normally upper case for all DOS files

;  default case = lower

# Be very careful with case sensitivity - it can break things!

;  case sensitive = no



#============================ Share Definitions ==============================

[homes]

        comment = Home Directories

        browseable = no

        writeable = yes



# Un-comment the following and create the netlogon directory for Domain Logons

; [netlogon]

;  comment = Network Logon Service

;  path = /home/netlogon

;  guest ok = yes

;  writable = no

;  share modes = no





# Un-comment the following to provide a specific roving profile share

# the default is to use the user's home directory

;[Profiles]

;    path = /home/profiles

;    browseable = no

;    guest ok = yes





# NOTE: If you have a BSD-style print system there is no need to

# specifically define each individual printer

[printers]

        comment = All Printers

        path = /var/spool/samba

        browseable = no

# Set public = yes to allow user 'guest account' to print

        printable = yes



# This one is useful for people to share files

;[tmp]

;  comment = Temporary file space

;  path = /tmp

;  read only = no

;  public = yes



# A publicly accessible directory, but read only, except for people in

# the "staff" group

;[public]

;  comment = Public Stuff

;  path = /home/samba

;  public = yes

;  read only = yes

;  write list = @staff



# Other examples.

#

# A private printer, usable only by fred. Spool data will be placed in fred's

# home directory. Note that fred must have write access to the spool directory,

# wherever it is.

;[fredsprn]

;  comment = Fred's Printer

;  valid users = fred

;  path = /homes/fred

;  printer = freds_printer

;  public = no

;  writable = no

;  printable = yes



# A private directory, usable only by fred. Note that fred requires write

# access to the directory.

;[fredsdir]

;  comment = Fred's Service

;  path = /usr/somewhere/private

;  valid users = fred

;  public = no

;  writable = yes

;  printable = no



# a service which has a different directory for each machine that connects

# this allows you to tailor configurations to incoming machines. You could

# also use the %u option to tailor it by user name.

# The %m gets replaced with the machine name that is connecting.

;[pchome]

;  comment = PC Directories

;  path = /usr/pc/%m

;  public = no

;  writable = yes



# A publicly accessible directory, read/write to all users. Note that all files

# created in the directory by users will be owned by the default user, so

# any user with access can delete any other user's files. Obviously this

# directory must be writable by the default user. Another user could of course

# be specified, in which case all files would be owned by that user instead.

;[public]

;  path = /usr/somewhere/else/public

;  public = yes

;  only guest = yes

;  writable = yes

;  printable = no



# The following two entries demonstrate how to share a directory so that two

# users can place files there that will be owned by the specific users. In this

# setup, the directory should be writable by both users and should have the

# sticky bit set on it to prevent abuse. Obviously this could be extended to

# as many users as required.

;[myshare]

;  comment = Mary's and Fred's stuff

;  path = /usr/somewhere/shared

;  valid users = mary fred

;  public = no

;  writable = yes

;  printable = no

;  create mask = 0765



#TEST SHARE

[D]

#  comment = Temporary file space

        path = /mnt/d

        writeable = yes

        guest ok = yes



[c]

        path = /mnt/c

        writeable = yes

        guest ok = yes

As for the ifconfig, I'll post it ASAP, compiling the kernel atm.

Woof. That's the least security I've ever seen on a *nix system! Hopefully you are on a small private network, I wouldn't trust that configuration even behind a firewall.

Do you have a reason for using SHARE security? I don't think I've seen that used in at least five years. I'd recommend "user" instead. Share mode is pretty obsolete, unless you need compatibility with a Windows4Workgroups system that doesn' have the Wolverine stack.

Remember, the unix security applies after the samba security. So, it looks like you are probably attaching as "guest" -- do the directories and files in /mnt/c and /mnt/d allow the guest user (probably user "nobody" since you haven't specified it in smb.conf) to read them?

If you are not sure who you are attaching as, you can do an smbstatus -b (while the windows box is connected) to verify the userid that is being used.

Assuming that you switch to user security, you'll need to do a "smbpasswd -a [user]" command to add the user password to the samba password file /etc/smbpasswd.

ifconfig after reboot:

Code:

eth0      Link encap:Ethernet  HWaddr 00:50:DA:4C:BB:F5  

          inet addr:192.168.0.39  Bcast:192.168.0.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:143 errors:0 dropped:0 overruns:0 frame:0

          TX packets:155 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:100 

          RX bytes:67936 (66.3 Kb)  TX bytes:24077 (23.5 Kb)

          Interrupt:10 Base address:0xe800 



lo        Link encap:Local Loopback  

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:10 errors:0 dropped:0 overruns:0 frame:0

          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0 

          RX bytes:700 (700.0 b)  TX bytes:700 (700.0 b)

The reason for the share security was in order to check whether that's the problem or not, apperently not. I just forgot to switch it back.

The problem is accessing Linux from Windows, works just fine the other way around.

Ok, it appears that RedHat is installing a firewall by default. Now I've disabled it, and everything works but the hebrew.

However, that's a totally different problem :)

Thanks a lot for all the help!