Another quick samba question
I have been setting up a samba server 3.x on Red Hat ES3 and it has been working like a champ. Now, when users are logged into their Windows workstation and they click on the mapped drive to the samba server, they have to re-enter thir user name and password. It wasn't doing that last week. Wierd. The user names and passwords are all the same across the board (Windows, Unix, Samba).
Here is the smb.conf # smb.conf is the main Samba configuration file. # Date: 2005-02-12 [global] workgroup = workgroup server string = File Server on Fileserver hosts allow = 192.168.1. 127. printcap name = /etc/printcap load printers = Yes printing = CUPS log file = /var/log/samba/%m.log max log size = 0 smb passwd file = /etc/samba/smbpasswd security = user encrypt passwords = Yes unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* pam password change = Yes obey pam restrictions = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 username map = /etc/samba/smbusers dns proxy = no ;; ldap server = 127.0.0.1 [homes] comment = Home Directories browseable = no writeable = yes valid users = %S create mode = 0664 directory mode = 0775 [printers] comment = All Printers path = /var/spool/samba printable = Yes guest ok = no writable = no browseable = no [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 browseable = yes printable = no [company] comment = Company Documents path = /home/company force create mode = 0664 force create directory = 0775 writeable = yes guest ok = yes Any ideas what I am missing? Thanks for all the help this forum has provided. |
I'm wondering if you could include the contents of the /etc/pam.d/samba file.
|
Ok, seems as though I figured it out and it wasn't an issue with samba.
The client side of the network was once a peer to peer hodg-podge of Windows XP Home/ Windows 2000/ Windows Me. I noticed that I wasn't having the issue on the 2000 & Me systems. I switched gears from samba troubleshooting to Windows troubleshooting. I found that even though I renamed the users from the standard "Owner" account that the system was logging onto the samba shares with the now renamed account. I disconnected the mapped drives and when I re-mapped the samba shares I selected "Connect using a different user name". I typed the samba user name and password and selected "Reconnect at logon". Works like a champ. There must be something buggy w/ XP that leaves the old user credentials in cache somewhere even after you change the user name (and after adding users to the system). Lesson learned? Don't bee too quick to blame samba. Thanks all! |
Quote:
|
I know that is true for NT4 or Active Directory Domain Security. But I believe you can use User Level Security as long as you are using stand alone machines.
Having a machine that can't join a domain, use TCP/IP instead of NetBIOS! That is really is doing a number on unsuspecting users. Imagine going through the network setup on windows XP home, and you come to the part were you need to produce a floppy disk to set up Windows 95/98/ME clients. Only problem is that you have a new Laptop (with XP preinstalled) which doesn't have a floppy disk! |
User and share level security appear a lot alike, compared to logging into a domain. The difference is when they do verification. With share level security, there is one password (it accepts any username since authentication is done with a user/pass combo) per share and each share can have different passwords. With user level security, a user is granted access to some resource and they are authenticated once on that system for all the connections made (shares, printers, etc.) You can connect to one type from the other, but you will usually get asked for credentials more often because the two expect/assume verification at different times.
This is what rayber2000 appears to have run into. He changed the username on a windows system and that didn't change the authentication of network shares because the system is using share based security and it uses (and stores) a user/pass for each network drive, no matter who is logged on. |
If the user level security is USER rather than SERVER, DOMAIN, or ADS, and you use stand alone servers (no domain controllers) or network logon, then the server with the share you want to access
Quote:
If a stand-alone machine with USER security is a local Domain , then I guess XP Home can't do that either. |
All times are GMT -5. The time now is 11:52 AM. |