Small Samba Question!
Hey all, Well i set up samba today, I got most of it working except one thing. I can see the samab server under my workgroup (WORKGROUP) However, I can't not write to it. Can't transfer files, and not sure why. Heres my smb.conf
(Samba is running of a FreeBSD 5.1 Server) ============SAMBA CONF=========== This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not many any basic syntactic errors. # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4 workgroup = WORKGROUP # server string is the equivalent of the NT Description field server string = Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # you may wish to override the location of the printcap file ; printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system ; printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server ; password server = <NT-Server-Name> # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /usr/local/etc/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply ; local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job ; domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election ; preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = <NT-Domain-Controller-SMBName> # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = no # charset settings ; display charset = ASCII ; unix charset = ASCII ; dos charset = ASCII # #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writeable = yes # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /usr/local/samba/lib/netlogon ; guest ok = yes ; writeable = no ; share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /usr/local/samba/profiles ; browseable = no ; guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writeable = no printable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writeable = yes ; printable = no ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writeable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writeable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %U option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writeable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writeable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /tmp ; public = yes ; only guest = yes ; writeable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writeable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writeable = yes ; printable = no ; create mask = 0765 ---Some of the config I don't understand, so i left it default. |
okay, you need to edit your smb.conf to set the valid users and whatnot - I presume that you're trying to write to the home directories, yes? If I were you, I'd use SWAT to configure it, but that's just because I'm lazy ;)
|
Alright, I thought SWAT was the GUI interface for samba? If so, this server doesn't have X installed, just a command line heh.
(Unless I can use SWAT in windows, and connect to my server?) |
yes, swat is the gui interface for samba. You need to be running samba as inetd not as a daemon as far as i remember to use swat. However, it can be accessed remotely. the point is that swat is a *web-based* interfaces, so you just point your browser at http://whatever:10000/ from *anywhere* [I can't remember what the exact port number was.
So no gui required. |
Quote:
Code:
What you need to do is use the following directives Code:
# The following are needed to allow password changing from Windows to |
Alright all, heres the run down. I got samba working, I can see the shares from all XP machines. However, when I enable guest mode, I can see all the files but can not write to the dir. Now, I am very confused how the users work. (I have been useing SWAT to set all this up) In swat, theres a box that says USERNAME under the shares section, now, I thought if i put one of the user names thats on the freebsd box in, it would use that password too (thought I read that some where) However, when I click the share, I can not edit the USERNAME feild it just says NETBIOS NAME/Guest (in this case Lust\Guest) Now, how do you add users and permissions?! I am also a little confused as to what the above poster said about users. Thanks in advanced!
-- I have tryed the smbpasswd program to add my self, but it says invalid password. Also when I look at the active connections in swat it says Share User Group PID Client Date IPC$ nobody nobody 2188 envy Sun Aug 10 10:17:35 2003 - nobody is the default guest account name. Now I am totaly confused Heh =D ----Sorry Heh, I keep Editing. In the smbpasswd file, it lists my user (envy) and its encrypted password. However it also lists the default Guest user nobody and next to his encrypted password it says UNPRILVIGED! =/ Still wondering why I can't edit the username feild when I click a share |
/bump
|
/bump bump de bump bump =(
|
Kith,
|
Kith,
Are you using Windows ME or older to connect to the share? If so, your network/Samba usernames and passwords are stored in the c:\windows directory as xxxx.pwl (replace xxx with your username. Or for a quick fix, open up a command prompt and type: del c:\windows\*.lwp This will delete the saved password file. Been a while since I've used windows, but if I recall, this will also wipe out any logon screen and screen saver passwords as well. --Eric |
Useing Windows XP
|
Give it a shot and let me know how it goes.... BTW, what version of Windows?
|
Kith, what do you have in your /etc/smb/smbusers file?
|
I have root - shows encrytped password a user called nobody, which i thikn is the default guest. and then the main user envy with the encrytped password, yet none of the passwords I try work
|
Kith, when you log onto windows (not over the network, but actually into Windows), what is your username? if it's not envy (or whatever) then it's probably gonna be guest. When you first log into windows be sure your not just pressing escape to get past the login screen..you should be typing envy and your password. If your not getting prompted for any of this when logging into Windows then you need to go to your Network Properties and make sure that the Default/Primary login is set to "Client for Microsoft Networks", and then reboot. I think your Samba host is working fine, it seems to me that the problem is with your windows box.
--Eric |
Quote:
Code:
smbclient -U envy -L localhost I would backup this file first and remove every line but the one for the user 'envy' from the original, just to keep it clean for the time being. Once you've determined that your share is working the way it is supposed to be, you would want to try JRandom's directions to logon 'properly' to the win box and then try accessing the share. |
Ah my windows user (the only user on this box) is simplex however when i am prompted for a password and login, I the username feild is grayed out
|
Kith,
The "simplex" username on the windows box would seem to be the problem. Edit your smb.conf file and uncomment the following line (or add it): username map = /etc/samba/smbusers and create the /etc/samba/smbusers file with the following line: envy = simplex Restart Samba.... Hope this helps! --Eric |
My previous post assumes you have a Unix user account called "envy"
--Eric |
Under which parameter? Shares? Also, what if i change the user name on the windows box to envy? I acutally tryed this and still doesn't seem to work..
|
Kith,
I'd put the username map declaration under [global]. If you want to change the Windows box username to envy...that would a great way to test this. --Eric |
Kith,
Looked over your smb.conf. You also need to uncomment the line: encrypt passwords = yes But if you had an encrypted password in the smbusers file, you must have already done this, right? --Eric |
It wouldn't matter that I don't have a password for user envy/simplex on the xp box would it?
|
Ok let me explain something. The Freebsd server thats running samaba is called Envy, that is the hostname of the box. the primary user of the box is also called envy. Now, the win XP box hostname is mistakenly called envy also. and the user is Simplex. Client for Microsoft windows is running, there is no password for this box. Now I can see the shares, I have tryed adding the envy = simplex to my smbconfig and it still did not work.
|
Ah, XP. Home or professional? As far as network shares go..it shouldn't care at all. XP will give the option to enter a username and password. Odd that your's is grayed out.
Next step. In XP, go to Start->Control Panel->User Accounts. Click on your username (simplex) In the upper left, go to manage my network passwords. Delete any relating to the samba share. Reboot XP. Try again! --Eric |
Oh!
You can't have both boxes called 'envy'. Add this to your smb.conf. netbios name = envybsd (or something besides envy) restart Samba. On the XP box connect to \\envybsd\envy and give it a whirl... I think when you type \\envy your logging on to your XP box! --Eric |
Nothing was in the network passwords box...
- Note, not that this matters, but I don't have a /etc/samba dir, most of my samba files are elseware, like my smb.conf is in /usr/local/etc/smb.conf -- I don't think that matters tho |
Yeah, sorry, I use FreeBSD too. when I say smb.conf, edit you main in /usr/local/etc/smb.conf
--Eric |
I forgot to mention, I did change the netbios name.. its Envy Samba serv
|
Jran, Do you have Aim, think it would be easier hehe -- eam404 is my sn
|
Kith,
It has to be one word. I don't think XP likes spaces. |
Also, see I can change the config to allow quests, I can see inside my bsd box but obiviously can't write to it because i am a quest
|
Could you re-post your smb.conf with all modifications?
--Eric |
alright will try one word then
|
Sure!
SIMPLE VIEW !!!! - Just to make it easier =D # Samba config file created using SWAT # from 192.168.1.100 (192.168.1.100) # Date: 2003/08/12 01:22:46 # Global parameters [global] netbios name = ENVYBSD security = SHARE encrypt passwords = Yes [Envy (Home)] comment = Envy's Home Dir path = /usr/home/envy read only = No only user = Yes status = No COMPLEX VIEW: -------------------------------------------------------------------------------- Current Config # Samba config file created using SWAT # from 192.168.1.100 (192.168.1.100) # Date: 2003/08/12 01:22:12 # Global parameters [global] coding system = client code page = 850 code page directory = /usr/local/etc/codepages workgroup = WORKGROUP netbios name = ENVYBSD netbios aliases = netbios scope = server string = Samba 2.2.8a interfaces = bind interfaces only = No security = SHARE encrypt passwords = Yes update encrypted = No allow trusted domains = Yes hosts equiv = min passwd length = 6 map to guest = Never null passwords = No obey pam restrictions = No password server = smb passwd file = /usr/local/private/smbpasswd root directory = pam password change = No passwd program = /usr/bin/passwd passwd chat = *\n*ew\spassword* %n\n *ew\spassword* %n\n *updating\sthe\sdatabase...\npasswd:\sdone\n passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = No lanman auth = Yes use rhosts = No ssl = No ssl hosts = ssl hosts resign = ssl CA certDir = ssl CA certFile = ssl server cert = ssl server key = ssl client cert = ssl client key = ssl egd socket = ssl entropy file = ssl entropy bytes = 256 ssl require clientcert = No ssl require servercert = No ssl ciphers = ssl version = ssl2or3 ssl compatibility = No admin log = No log level = 0 syslog = 1 syslog only = No log file = max log size = 5000 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 large readwrite = Yes max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes acl compatibility = nt smb support = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts host wins bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max smbd processes = 0 max disk size = 0 max open files = 10000 name cache timeout = 660 read size = 16384 socket options = TCP_NODELAY stat cache size = 50 use mmap = Yes total print jobs = 0 load printers = Yes printcap name = /etc/printcap disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = strip dot = No mangling method = hash character set = mangled stack = 50 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 20 lm announce = Auto lm interval = 60 preferred master = Auto local master = Yes domain master = Auto browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = wins support = No wins hook = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 ldap server = localhost ldap port = 636 ldap suffix = ldap filter = (&(uid=%u)(objectclass=sambaAccount)) ldap admin dn = ldap ssl = Yes add share command = change share command = delete share command = config file = preload = lock dir = /var/lock pid directory = /var/run utmp directory = wtmp directory = utmp = No default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 NIS homedir = No source environment = panic action = hide local users = No host msdfs = No winbind uid = winbind gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 15 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No comment = path = alternate permissions = No username = guest account = nobody invalid users = valid users = admin users = read list = write list = printer admin = force user = force group = read only = Yes create mask = 0744 force create mode = 00 security mask = 0777 force security mode = 00 directory mask = 0755 force directory mode = 00 directory security mask = 0777 force directory security mode = 00 force unknown acl user = 00 inherit permissions = No inherit acls = No guest only = No guest ok = No only user = No hosts allow = hosts deny = status = Yes nt acl support = Yes profile acls = No block size = 1024 max connections = 0 min print space = 0 strict allocate = No strict sync = No sync always = No write cache size = 0 max print jobs = 1000 printable = No postscript = No printing = bsd print command = lpr -r -P%p %s lpq command = lpq -P%p lprm command = lprm -P%p %j lppause command = lpresume command = queuepause command = queueresume command = printer name = use client driver = No default devmode = No printer driver = printer driver file = /usr/local/etc/printers.def printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes hide unreadable = No delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes csc policy = manual fake oplocks = No locking = Yes oplocks = Yes level2 oplocks = Yes oplock contention limit = 2 posix locking = Yes strict locking = No share modes = Yes copy = include = exec = preexec close = No postexec = root preexec = root preexec close = No root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filemode = No dos filetimes = No dos filetime resolution = No fake directory create times = No vfs object = vfs options = msdfs root = No [Envy (Home)] comment = Envy's Home Dir path = /usr/home/envy read only = No only user = Yes status = No |
Getting closer....try this:
Change: [Envy (Home)] comment = Envy's Home Dir path = /usr/home/envy read only = No only user = Yes status = No to read: [Envy] comment = Envy's Home Dir path = /usr/home/envy read only = no writeable = yes browseable = yes Also, make sure unix 'envy' has write permissions to /usr/home/envy. I'm not sure about the () in XP, so I changed the declaration. Also, if this doesn't work edit the 'username map' variable and put back in the path to the file. Remember to restart samba. Also does 'testparm' return anything? -_Eric |
/usr/home/envy is envy's home dir, so ya it has write permissions. And no, that didn't work. When i click the share the xp logon box pops up but the username feild is still grayed out with Envybsd/Guest and when I try envy's password (unix) doesn't work
You mean with username map add the envy = simplex? |
This problem is with XP for sure now. In XP, is the envy user a guest user. Start->Control panel->Users. Under 'envy', what does it say? Computer administrator or something else?
|
ok, I changed envy back to Simplex. Simplex is the only user on the account who has Administrator access. Only one on this box, Guest isn't even enabled. Also I can change Simplex ot whatever I want, envy, or whatever.
|
Also, the share name is more thne 8 chars long... an? has spaces, ya think that has something to do with it?
I can recreate the share if need be |
Are you on a domain? Let's find out.
On your keyboard, hold down the Windows key and press Pause/Break. Then click on the "Computer Name" tab. Click the change button at the bottom. Make Sure that "Workgroup" is selected and that the workgroup name matches your workgroup. Also, click on the 'Advanced' tab, then on 'Settings' under user profiles. Make sure that the type is set to local and not roaming. If you change anything XP will need a reboot. -Eric |
This seems like XP to me. I've never had it gray out the username box before. Too weird.
Also do a 'more /usr/local/private/smbpasswd' on the BSD box and make sure the user envy is still in there.... --Eric |
Everything you told me to do is set correctly. (By the way, I didn't know about the Windows Key + Pause will bring up that window, also didn't raelize I could change the computer name...
|
^^bump^^
|
Doh
In smb.conf, set security = user, not security = share. Also do a 'more /usr/local/private/smbpasswd' on the BSD box and make sure the user envy is still in there.... |
Ah HAH! Envy has seemed to disappear, however that default guest is still there called nobody.. do i need to do a smbpasswd -a envy ? Oh also root is there obiviosuly too..
|
Yes yes yes! Getting closer!
|
Also why not security share? (Thanks so much for all this help by the way...)
|
IIRC, security=share is only good for Win95, we want user authentication.
|
Do I need to add envy as a user?
#> smbpasswd -a envy ??? |
All times are GMT -5. The time now is 09:03 PM. |