LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-27-2007, 01:43 AM   #1
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Rep: Reputation: 0
Cannot connect to smb server even from Linux box


I keep getting errors when I try to logon:
Code:
root@MediaMadness:/etc/samba# smbclient -L mediamadness -U mcman -W mshome
Password:
tree connect failed: Call returned zero bytes (EOF)
If I do a simpler way, another problem:
Code:
mcdizz@MediaMadness:/var/log/samba$ smbclient -L localhost
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
I have googled my brains out and still cannot figure out why. I am pretty new to this so it is probably pretty easy.

Here is my smb.conf:
Code:
[global]
   workgroup = MSHOME
   nt acl support = no
   server string = %h server (Samba, Ubuntu)
   netbios name = MediaMadness
   wins support = yes
   dns proxy = no
   bind interfaces only = true
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog only = no
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   security = share
   encrypt passwords = yes
   passdb backend = tdbsam
   guest account = smbguest, mcman, mcdizz
   invalid users = root
   hosts allow = 192.168.0.65, 127.0.0.1
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
   smb passwd file = /etc/samba/smbpasswd
   domain logons = yes
   logon path = \\%N\profiles\%U
   logon drive = M:
   logon home = \\%N\%U
   socket options = TCP_NODELAY IPTOS_LOWDELAY
   domain master = auto

[homes]
   comment = Home Directories
   browseable = no
   path = /home/%U
   valid users = %S
   writable = no
   create mask = 0600
   directory mask = 0700
I tried to keep it as simple as necessary given all the options they initially had... I have "mcman" as a user and the smbpasswd file shows it. testparm passes. I also get a "System error 5 has occurred" on my XP machine when I do "net view \\192.168.0.100"

Any ideas?
 
Old 04-27-2007, 02:16 AM   #2
deadeyes
Member
 
Registered: Aug 2006
Posts: 609

Rep: Reputation: 79
Quote:
Originally Posted by McManCSU
I keep getting errors when I try to logon:
Code:
root@MediaMadness:/etc/samba# smbclient -L mediamadness -U mcman -W mshome
Password:
tree connect failed: Call returned zero bytes (EOF)
If I do a simpler way, another problem:
Code:
mcdizz@MediaMadness:/var/log/samba$ smbclient -L localhost
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
I have googled my brains out and still cannot figure out why. I am pretty new to this so it is probably pretty easy.

Here is my smb.conf:
Code:
[global]
   workgroup = MSHOME
   nt acl support = no
   server string = %h server (Samba, Ubuntu)
   netbios name = MediaMadness
   wins support = yes
   dns proxy = no
   bind interfaces only = true
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog only = no
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   security = share
   encrypt passwords = yes
   passdb backend = tdbsam
   guest account = smbguest, mcman, mcdizz
   invalid users = root
   hosts allow = 192.168.0.65, 127.0.0.1
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
   smb passwd file = /etc/samba/smbpasswd
   domain logons = yes
   logon path = \\%N\profiles\%U
   logon drive = M:
   logon home = \\%N\%U
   socket options = TCP_NODELAY IPTOS_LOWDELAY
   domain master = auto

[homes]
   comment = Home Directories
   browseable = no
   path = /home/%U
   valid users = %S
   writable = no
   create mask = 0600
   directory mask = 0700
I tried to keep it as simple as necessary given all the options they initially had... I have "mcman" as a user and the smbpasswd file shows it. testparm passes. I also get a "System error 5 has occurred" on my XP machine when I do "net view \\192.168.0.100"

Any ideas?
It has been a long time that I used this.
First you should check if the service is running:
ps aux | grep <nameOfSambaProcess>

If it is not running.
Start it.

Do an nmap scan on the host where samba is running.
Then try it on the host you are connecting to.

Then try to list the shares and look if the ones that you want to access is actually there.

Then try to connect.
Be shure your syntax is good.


But you tell me you can't see the shares.
So the service is probably not started or the firewall blocks it.
 
Old 04-27-2007, 10:53 AM   #3
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
Well the processes smnb and nmbd are running, so thats not a problem. Can you elaborate on the firewall? I have read some people talk about using iptables to open some ports, etc, but I haven't looked into it much since it is a lot to swallow... Like I said, I did testparm, so i am 'shure' my syntax is good
 
Old 04-30-2007, 10:28 AM   #4
deadeyes
Member
 
Registered: Aug 2006
Posts: 609

Rep: Reputation: 79
Quote:
Originally Posted by McManCSU
Well the processes smnb and nmbd are running, so thats not a problem. Can you elaborate on the firewall? I have read some people talk about using iptables to open some ports, etc, but I haven't looked into it much since it is a lot to swallow... Like I said, I did testparm, so i am 'shure' my syntax is good
To open the firewall:
iptables -F
iptables -F nat
iptables -X
iptables -X nat

Now try to connect to the samba share from the localhost.

I don't know what testparm has to do with this. This tool is for optimizing your hard drive.
I meant the syntax for connecting to the share.
And also, first try to list the shares and see if it is there.

Also try to do an nmap. (you probably have to install it)
nmap localhost
and look if the ports are open
 
Old 05-01-2007, 12:40 AM   #5
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
Thanks, I got it up and running and can be seen on my XP machine. The problem is that I can't write to my mounted drive. This is what I have done so far to try and fix this:
1) created new group ('datamod') and added my computer name as a user in this group
2) changed the mounted directory to be in the 'datamod' group.
3) made the directory read only except for a few users and the 'datamod' group...

After playing with it and doing the above, I actually cannot even access it anymore haha (I see it, but 'dont have permissions'). I prompts for a UN/PW which are not accepted even though they are right..

What else am I missing? EDIT: Note that I am trying to connect to 'data' share

Code:
[global]
netbios name = MediaMadness
workgroup = MSHOME
security = user
encrypt passwords = yes
wins support = yes

[homes]
read only = no
browseable = no
path = /home/%U
create mask = 0664
directory mask = 0775

[data]
path = /mnt/raid
browseable = yes
public = yes
read only = yes
write list = @datamod, root, mcdizz, mcman

Last edited by McManCSU; 05-01-2007 at 12:42 AM.
 
Old 05-01-2007, 12:47 AM   #6
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
Do the samba logs reveal anything? Also, try resetting the user in the smbpasswd store.
 
Old 05-01-2007, 01:23 AM   #7
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
Did both, logs didnt show anything relevant, pw reset didnt help... Other ideas?
 
Old 05-01-2007, 01:42 AM   #8
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
Could you list the permissions of the /mnt/raid directory.

Quote:
created new group ('datamod') and added my computer name as a user
I don't get this part. What kind of user are you talking about.

Last edited by jschiwal; 05-01-2007 at 02:13 AM.
 
Old 05-01-2007, 10:20 AM   #9
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
The group is defined for the users who have permissions to alter the contents/structure of the mounted directory. For example, I want my XP computer to be part of this group so that I can change what is on the drive.
 
Old 05-01-2007, 06:56 PM   #10
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
The user would be the user logging into that XP computer, and not the XP hostname.

You could add the users who login to that computer to a group and use that group for the write list.

It looks like you started out with a domain, but changed that since the first message. So I don't think you can use machine accounts. I think that you need a Unix account on the Samba server for each user. So every user/password on the Samba server matches their user/password in Windows.

I don't believe that users who are members of a machine or domain are automatically added with the default "security = user" type server. The first configuration was for a stand-alone PDC samba server. The second is for a non-dc samba server.

If you use domain security, then you need to go through a process of adding machines to the domain, (creating a Unix user corresponding for each machine). There are other types of backends that samba uses to store account information, but my main point is that a user account is created and not a group account.
Both the Samba3-byExample and Samba3-Howto outline the process of adding machines and users if you use domain security. This process can be done on the fly when you add a machine to the domain.

One other thing to watch for is that you only have one machine configured as a WINS server.
Code:
[global]
netbios name = MediaMadness
workgroup = MSHOME
security = user
encrypt passwords = yes
wins support = yes
Also, make sure that the workgroup name matches on all of the other hosts, and that they have the Samba servers IP address as the WINS address in their configuration. On way to do this is to supply Samba Servers IP address as the WINS server using DHCP. Even a Linksys NAT router has an entry for the WINS server.

Last edited by jschiwal; 05-01-2007 at 07:09 PM.
 
Old 05-01-2007, 08:56 PM   #11
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
Awesome, all i had to do was add my Windows UN (vs computer name-used for domain though, right?). One concern is that my XP computer asks for my login at start up and I have a blank password cause its annoying for XP. Obviously this means that PW on my server has to be blank. Is there a way around this w/o adding a PW for Windows?

You might say "make it a domain", but I dont know if I need a domain, you tell me. This is what I ultimately want to do to it:
1) Short term: use the server to stream media to my xbox, etc (geebox or something of the sort)
2) Long term: make my server available via a php home page to the outside world for 'trusted' friends as well as myself if I am away from home. Even to just log onto it via ssh or whatever would be nice from outside...

Maybe a better definition of the difference between a workgroup and a domain would be helpful... Ill Google and see what I find, but if you have some good differences to point out, dont hesitate.

Thanks again for the help!

Last edited by McManCSU; 05-01-2007 at 08:58 PM.
 
Old 05-02-2007, 01:33 AM   #12
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
NT domains are a non-hierarchal authorization scheme where hosts are added as members, and users can login to any domain host. The username/password information is contained with the domain controller. It allows roaming profiles and single sign-on. Windows 98se/2000/NT/XP pro machines can join a domain. Windows XP home can not join a domain.

WINS is a kind of host DNS, that allows one host to locate another without using broadcasts, as was the case with Windows 95/98.

With Windows 2000, Microsoft introduced Active Domain Control, which is hierarchal. This works better for very large networks. The technology is based on ldap which is a general directory service. Samba's version uses OpenLDAP. Doing this you could use OpenLDAP for other things as well, and the Samba books recommend becoming familiar with ldap instead of using a boilerplate solution.

Quote:
1) Short term: use the server to stream media to my xbox, etc (geebox or something of the sort)
2) Long term: make my server available via a php home page to the outside world for 'trusted' friends as well as myself if I am away from home. Even to just log onto it via ssh or whatever would be nice from outside...
1.) I'm not familiar with the xbox, but you might look into gstreamer or VideoLan.
2.) Setting up ssh would be the most secure and easiest to use. You can even use putty on windows to access your computer. Be sure to A) disable root logins B) Use "allow users" to control who can login. c) Disable the ssh-1 protocol. Many people also change the port from 22 to one over 1024 to reduce the number of script kiddie attacks.
 
Old 05-02-2007, 01:44 AM   #13
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
Thanks! So it sounds like I dont really need to change anything if I want to add access to the outside world in terms changing to a domain. Changing the ssh port is a good idea. Other than that, I just have to open the right ssh port for this system to gain access from outside right?
 
Old 05-03-2007, 01:21 AM   #14
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
You need to forward the port at the router and open the port at the computers firewall. Your router may be able to forward and translate a port as well. For example, the router may be able to forward port 1024 to port 22. Then you wouldn't need to make changes on the computer. You will need to use the new port on the client when you run ssh or putty from the outside however. What this will accomplish is being missed when a script kiddie tries port 22 on a range of IP addresses. However, if they scan for all ports, they may still find it. It will reduce the number of brute force attacks, not eliminate them.

Last edited by jschiwal; 05-03-2007 at 01:24 AM.
 
Old 05-03-2007, 11:06 AM   #15
McManCSU
LQ Newbie
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 23

Original Poster
Rep: Reputation: 0
So let me get this right: When using a workgroup, I cannot access the server drive (map it) as any other user except my current XP's user?

For example, if I remove my XP login name from smb, but have others defined in smb: If I try to map a drive, XP will pop up asking for a UN and PW (instead of just mapping it w/o any questions being asked). However, no matter what I do, it will not let me sign in under any of the other user accounts. The UNs and PWs are being typed correctly... The smb log files state errors regarding the password. I would think that if it asks for a UN/PW I should be able to 'sign on' as another user...

Is this not so with workgroups??
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Getting Linux to connect to SMB server gvaught Linux - Server 12 04-26-2007 07:26 PM
Cannot connect to SMB server Lenard Spencer Mandriva 1 08-28-2006 08:03 PM
(Windows) Only one Linux box can mount a smb share Artimus General 1 07-21-2004 01:12 PM
unable to connect to smb shares on linux RH9.0 cvc505 Linux - Newbie 5 05-06-2004 08:46 PM
Problems with smb.conf - only Linux box on a 3-computer network [42]Sanf0rd Linux - Newbie 2 04-23-2004 12:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 06:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration