Honestly the naming of it I don't care about. If it needs to be something else I have no issues or attachments with changing that.
Crito - care to give me an idea of where I can formalize this. I would like to know where the names reside so I can name them all the same thing. |
I was going through your samba.conf file and found this:
encrypt passwords = no netbios name = FEDORA The netbios name is the name your computer has on Samba, and should be the same as the one given in /hosts and /sysconfig/network. Make them all Fedora-Vin or all FEDORA. And encrypt passwords is definately yes. This isn't just a preference based of how secure yout want to be. It is mandatory, or you won't be communicating with any Windows later than 98 or ME. Includ this as well: # Backend to store user information in. New installations should # use either tdbsam or ldapsam. smbpasswd is available for backwards # compatibility. tdbsam requires no further configuration. passdb backend = tdbsam And after this is added, you will want to re assign those password so that they go into tdbsam. system-config-samba Click on Preferences, then Samba Users and delete each user, then click OK and exit. Then go right back in and re-create each of the users, giving them the passwords. |
Oh, and do a testparm to let Fedora grade your samba.conf file. It can find things and bring them to your attention.
|
Edited to eliminate double post.
|
Quote:
I don't think the Netbios name gets used anywhere - I've never seen it appear. It's been FEDORA since when that was the "server string" name - I changed that to see what was doing what in smb.conf. I had to remove the "guest account nobody" to get mine to work. The problem I had - and which Imcilwain seems to be having, was that Samba said all the right things but just didn't work. I created a "minimal" smb.conf with about three lines, and added and removed stuff to see what happened. That file up there is the version that worked (and still works) in every respect I needed. It even allows me to print! I don't know how or why - don't care, really - but the proof of the pudding and all that. |
Some people are wondering what the guest account thing is all about. It's the anonymous account that client computers will use when they initially browse the shares on your Samba server, and it should be a valid Unix account. If you remove it, it defaults to the user nobody. It can be changed in case you have sensitive files on your system owned by nobody and don't want any potential Samba exploit to be able to compromise them.
The guest account, if disabled somehow, will cause client Windows PCs to be prompted for a password just to browse the shares in Network Neighbourhood. Windows always attempts to log in anonymously to list the shares, and Windows servers always allow this. It isn't until a client attempts to browse the shares themselves that Windows requires an actual user account. Keithj: The NETBIOS name is the short (11 character) name that older NETBIOS clients such as Windows 3.11 will use. The server name can be longer, but only on much later versions of Windows. Windows XP will, of course, use DNS as well. This makes three possible ways to reveal your Samba server's name to a Windows client, and yes, it's possible to make them all return something different if you're feeling complicated. (-: |
Thank you Brianetta. I did not know that. I do have a valid nobody account in Linux, because that comes standard. I guess I was thinking of it as a samba user named nobody, and I knew I didn't do that. Basically, I have a samba user, with password, defined for every user I expect to browse the network, and for myself, if another user comes along, I actually don't want them to get anywhere.
|
FWIW, here's the smb.conf file from the laptop I'm on right now. By using force user and force group I never have to worry about user mappings or permissions. Of course, this setup wouldn't be appropriate for sensitive info, but for a public share it works just fine.
Code:
[global] |
Thank you Crito. Granted, for a public share that is fine. But in lmcilwain's opening post he had this:
code My share settings are as follows: [tmp] comment = Test Directory path = /home/lmcilwain/tmp writeable = yes browseable = yes valid users = lmcilwain /code That says he want's only one user, lmmcilwain, to have access. He can't do that with encrypted password set to no. To specify valid users, users have to be validated, and that's done with the encrypted password. And its quite easy to do. I fear I left out a step, and I apologize. When you go to system-config-samba/Prefrences/users and create the users, you are invited to select them from the list of Linux users. That means you first have to do system-config-users and create the linux users, THEN go to system-config-samba and define them by selection and give them the passwords that the windows systems will be providing. This way, when someone sneeks a laptop in, they don't git nuthin, but those in my list can work freely. |
Quote:
Quote:
Quote:
|
Thanks for the information above - all added to the Keithj reference manual ;)
Having just gone through the "fun" of setting up Slackware in a spare partition on the same machine, I've discovered that Samba is not always Samba! My Fedora smb.conf above (edited for the obvious bits) didn't work with Slackware. I had to make quite a few changes. All of them are covered in this thread - interesting! |
Kethj - I tried your setup but was not able to get things to work. I finally decided to check my log file which in all of this I never bothered to look at once and found the following entries after attempting to authenticate and get into my share:
Code:
[2007/07/04 21:30:21, 0] smbd/service.c:make_connection_snum(920) Code:
drwxrwxr-x 11 lem lem 4096 Jul 2 09:47 tmp Code:
::1 Firewall localhos[HTML][/HTML]t.localdomain localhost Code:
HOSTNAME=Firewall.localdomain |
All times are GMT -5. The time now is 05:56 PM. |