Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have Samba 2.2.27a running on RedHat 9.0. I have XP Pro on another machine.
When I first set up Samba I could see the files from my Linux machine on the XP and vice versa. After rebooting the XP I could not see the Linux files. I have then searched for a solution and have modified several things however I still get and error from XP when trying to open the Linux computer from Network Computers it says
'You dont have access ...... the network path could not be found'
I modified HKEY_LOCAL_MACHINE\....."RequireSignorSeal on the XP to 0.
I disabled the following policy keys on XP "Domain member: Digitally encrypt or sign secure channel data (always)", "Domain member: Digitally encrypy secure channel data (when possible)", "Domain member: Digitally sign secure channel data (when possible)", "Domain member: Require strong (Windows 2000 or later) session key",
Here is my smb.conf
Code:
# Global Parameters
[global]
# netbios name
netbios name = server_name
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = workgroup_name
# server string is the equivalent of the NT Description field
server string = Samba Server
# define a global case policy for file shares
case sensitive = no
# Required to support Windows 98 or above
encrypt passwords = yes
security = user
valid users = bill, ted, @admins, root
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
logon path = \\%n\profiles\%u
# Where is the user's home directory located?
logon home = \\server_name\%U
logon drive: s:
# No OS/2 clients
lm announce = no
# Log all activity to a single file for regular review
log file = /var/log/samba.log
# Minimum level of logging
log level = 1
# Username/password access methods
# security = user
# Windows XP comps
lanman auth = no
# Again, all our clients are Windows XP
min protocol = NT1
[netlogon]
path = /var/lib/samba/netlogon
guest = ok
writable = no
share modes = no
[homes]
read only = no
browseable = no
create mask = 0664
directory mask = 0775
[music]
path = /data/music
browesable = yes
valid users = bill, ted, @admins, root
write list = bill, ted
create mask = 0664
directory mask = 0775
[apps]
path = /data/apps
browseable = yes
valid users = bill, ted, @admins, root
write list = bill, ted, @admins, root
create mask = 0664
directory mask = 0775
I have the name of the Win XP machine in the etc/passwd file
WINXPPC_NAME$:!:1000:XP computer:/tmp:/bin/false
# workgroup = NT-Domain-Name or Workgroup-Name workgroup = workgroup_name
Is this literally what is in your /etc/samba/smb.conf, or are you just trying to conceal your domain name from us?
Because "workgroup_name" is clearly not the name of your NT domain, and if that is what is in your smb.conf, you won't be permitted on the domain, as you are not a member. I'm not sure if "server_name is as crucial, but I would think that it should match your hostname, and/or possibly be shorter (doesn't NT/XP have a character limit on netbios names?).
no they weren't the right names i just substitutes the real ones - here is the actual config
Code:
# from smb.conf
# netbios name
netbios name = jcyoungserver
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = jcyounggroup
there are two users in the smbpasswd file. they are the same names as the two users on the XP machine and there are encrypted passwds in this file for each. the only difference being that on the XP display the user names start with capital letters and in samba they start with small letters. the smae user names, starting with small letters are also in the passwd file as well as the name of the XP computer as DESKTOP_PC1$:!:1000:XP computer:/tmp:/bin/false.
Quote:
doesn't NT/XP have a character limit on netbios names
i'm not sure .... i could set up a workgroup in XP using jcyounggroup (it reformats this to Jcyounggroup - I tried the samba setting replacing the small letters for capitals and found no changes )
No, Windows is not case sensitive like Linux is. I had a 2000 user with a username beginning with a capital letter, and was having a similar problem to you (although we're not on a domain). When said user got home from work (he's my boyfriend and the network guru) I asked him about it and he immediately logged out and logged back into 2K using the same username all in lowercase, and had no problems, just to prove to me that Windows does not give a hairy hoot about case in usernames.
This did not solve the network connection problem, though I was able to solve it by moving the shares and symlinks into the folder that he did have access to (/home/), and just basically hacking around until it did work somehow.
What I notice in your config is: why is this machine set to be the domain master? Is not the XP machine (or even the RH machine) the domain master, containing all the password and other domain authentication files? One of the problems that I often had in configuring Samba between Win2K and Linux (and even in connecting network shares between Win2K on my machine and Win 2K on my boyfriend's) was that the second that his 2K machine went offline for any reason, my machine grabbed the master browser status, despite having no authentication files or protocols to enforce this status (he's the psuedo-server/gateway; I'm just a client). I had to turn off the Windows Server service to stop this under Windows, and set my local master status to no in smb.conf to stop it under Linux.
When you first set up Samba, the XP machine was probably domain master, but when you rebooted it, the Linux machine would have taken that job over (because there was at that moment no domain master, and you have Samba set to take the job if available). However, the domain authentication files are on the XP machine, not the Linux machine, so the XP machine can't actually get onto the domain (if the domain even exists other than in name at that point, since no authentication is actually being used).
I would consider changing
domain master = yes
local master = yes
to
domain master = no
local master = no
and then waiting 15 minutes for the network broadcast, or restarting Samba, or rebooting, to see if that helps.
thanks motub, that makes sense .... however when i tried the changes to domain master & primary controller as suggested .....it didnt work ..... there must be something else
Do bill and ted have any rights to even read within the /data/* folder? Why are you even putting the shared data folders in the / tree? Up there in the stratosphere, usually only root has rights, and depending on the distro, normal users may not even get read permissions (as the group ownership for said folders is usually the root group as well, and you, bill and ted should not be members of that, either, leaving you all designated as "others", who--in a perfect world-- should have no permissions at all).
What I did to solve a similar problem, as I said-- bearing in mind that I am not on a domain, and I am using Samba 3-- was to set
[homes]
comment = Home Directories
browseable = no
writable = yes
in smb.conf, which enabled the Win 2K PC user to see his own /home folder, although he was still unable to access my visible shares. When I noticed that he was actually in /home, seeing /home/his_username, upon opening Network Neighborhood=>Workgroup=>My Server, rather than being inside his username folder directly, I had the brilliant idea of making a new folder, /home/shared (which I owned, and where the group ownership belonged to a group we are both members of, with group members having full permissions), into which I then mounted the shared partitions, and also created a free folder for "stuff he downloaded for me and wanted to get off his HDD ", all of which I symlinked into my $HOME, so that I wouldn't have to browse up and down to get to the data in either folder. This all worked out, so that I didn't have to spend endless hours trying to understand why Samba was unwilling to allow access to certain shares or share locations and get on with my life , as I am not a network guru, and the local network guru doesn't use Linux.
So my questions are: Are the users bill and ted (not their real names ) users on your PC, with home folders? And you did remember to add and enable them in smbpasswd, right?
Did you set home directories to shareable in smb.conf, and if so, can bill and ted reach at least those? If so, you might want to try my trick.
If you don't want to, then you should probably check the permissions on /data/ and its subfolders, especially if they are mounted via /etc/fstab.
these are the current smb.conf setting for homes and no, bill & ted are both users on the XP machine but cannot see their home folders from the XP Machine
The samba server appears under workgroup computers, however whenever I double click it - i keep getting the network path not found error message.
bill & ted both have read persmission on the /data/ directory.
they both appear in the smbpasswd file
and they both appear in the smbusers file
so if they can't see their home dirs i dont think what you've suggested will work either ....
... unfortunately there are no network gurus here ....
OK, I'm shooting in the dark here, as I said, because when this happened to me I really just bashed away until something worked (since I could not find any settings either on the Windows side or the Linux side that would reasonably be causing this to happen).
1) Which XP (Home or Pro)?
2) Firewall possibly blocking port 139 (the default Samba port)?
3) Have you looked at /var/log/samba.log and/or the Windows Event Viewer or network logs to see if there is more information as to which side is blocking the connection?
4) Try turning on guest access to see if the users can then connect to the shares.
5) (I hate to say this, but....) try giving the users Admin privileges under Windows to see if they can then connect to the shares. You'd be amazed how many problems can be solved by knocking a big fat hole in your security .
6) Try upgrading to Samba 3.
I'm really sorry not to be more helpful, but afaics, this should be working. I thought my settings should be working, too, and all the man pages and Samba documentation in the world did not indicate why they weren't. Hence the bashing away.
However, maybe you'll see something in the docs I didn't:
Could it be possible that some of the settings on the XP box are wrong? When I started on Samba I had problems, and most of them boiled down to some of the XP settings for installed services and some of the names.
I've been having the exact problem..
Of course it totally opens up your box but i guess it means you have to open up the samba port on the firewall. But im not that advanced yet
OK... so its taken me a bit to find time to tackle this again ...
but i have made a nice mess now which is quite interesting!
this is my current smb.conf
Code:
[global]
workgroup = Jcyounggroup
netbios name = jcyoungserver
server string = Samba Server
security = USER
username map = /etc/samba/smbusers
smb passwd file = /etc/samba/smbpasswd
log level = 1
log file = /var/log/samba.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# os level = 20
encrypt passwords = yes
# hosts allow = 127.0.0.1 10.232. 192.168.
bind interfaces only = yes
preferred master = No
domain master = No
dns proxy = No
logon home = \\jcyoungserver\%U
# logon drive = s:
[homes]
read only = no
browseable = no
create mask = 0664
directory mask = 0775
[music]
path = /data/music
browesable = yes
valid users = claire, jeromy
write list = claire, jeromy
create mask = 0664
directory mask = 0775
[apps]
path = /data/apps
browseable = yes
valid users = claire, jeromy
write list = claire, jeromy
create mask = 0664
directory mask = 0775
I made a bit of a mistake when I tried to set up the network again on the WinXP box and renamed the working group jyounggroup by mistake. Now if I go into smb:/// i can see jyounggroup which contains the WinXP machine and then jcyoungroup which has the redhat machine in it. I can access all the shares from both xp and rh from the linux machine as claire. In xp the same two workgroups are listed. for jyounggroup the xp box is in this workgroup and accesible for the other work group name the error cant access this network resource is given when double clicked! So I can basically access the xp from rh but not vice versa? WinXP is pro version.
I am reluctant to switch off iptables as I have a web server running on rh. this is the output of iptables -L
I do think it could be a problem with the XP settings. I have tried to open port 139 a couple of times and then only open it for the ip address of the xp machine, however i've changed the config so many times I am not sure if its had any effect.
the most recent entries in the samba.log file are as follows
Code:
[2004/05/27 17:04:35, 1] smbd/reply.c:reply_sesssetup_and_X(1001)
Rejecting user 'root': authentication failed
[2004/05/27 17:04:35, 1] smbd/reply.c:reply_sesssetup_and_X(1001)
Rejecting user 'root': authentication failed
[2004/05/27 19:03:15, 1] smbd/reply.c:reply_sesssetup_and_X(1001)
Rejecting user 'root': authentication failed
[2004/05/27 19:03:53, 1] smbd/reply.c:reply_sesssetup_and_X(1001)
Rejecting user 'root': authentication failed
[2004/05/27 19:12:05, 1] smbd/service.c:make_connection(636)
jcyoungserver (172.16.24.146) connect to service claire as user claire (uid=500, gid=500) (pid 3283)
[2004/05/27 19:12:09, 1] smbd/service.c:make_connection(636)
jcyoungserver (172.16.24.146) connect to service apps as user claire (uid=500, gid=500) (pid 3284)
so im guessing the samba server can't authenticate the info coming from xp?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.