LinuxQuestions.org - [SOLVED] Samba rejects client passwords?

I'm not entirely sure I'm posting this in the right place - I'd certainly call myself a newbie and my question does involve Windows, but the Linux General sticky mentions samba as a reason not to post it there... If I'm in the wrong place feel free to move.

So a while back I decided I wanted to get to know Linux a little bit and I figured the most immediately useful thing for me would be a small home server. About this time I discovered plug computers and I eventually bought myself a Guruplug for this purpose - a small, cheap, power-efficient ARM architecture thing running Debian 5.0.6. Since then I've kind of ambled along with the project as and when time permitted (installing, tweaking, scouring manpages and tutorials is fun, but takes a lot of time), and have now finally got a nice big external harddrive formatted as ext3 and hooked up to it. The time seemed right to go for the samba install. I installed from the Debian repository, configured using SWAT and immediately hit problems.

Since the only user is me and the only access to the computer is over SSH, I have few accounts - there's root which I've disabled from access altogether, there's my sudoer account magnus, and there's my new test account magnus-smb. This one is a standard user, and has identical Unix password and samba password (added with smbpasswd). I intend to keep this up with a separate samba-access account - I'm a little paranoid about allowing any kind of access to sudoer accounts and won't even let SSHD accept password based logins.

Setting up samba, I basically tried to make it do as little as I needed to get a local file server going. The only share is homes, and its path goes to my external drive. The drive itself is mounted as rw,noexec,user from fstab.

Now, with all of that set up I'd hoped I'd be able to mount my homes shares and go. This proved not to be the case - if I set encrypted passwords = yes, my Windows 7 clients behave differently. The magnus account connects but can't authenticate - all passwords are rejected. The magnus-smb account is apparently accepted but then receives a "network path not found" error. If I set it to no, both accounts are prevented from even attempting to authenticate, and I get an error message about "this account is not approved for logging on from this station" (translation from Norwegian). I've been searching around but not finding much. I did find one article claiming this was easier after samba 3.3 and discovered that my manpages said samba 3.2. Yesterday I therefore decided to reinstall samba from source, only to find that the current stable release (3.5) also claims to be version 3.2 in it's manpages, so I probably might as well not have bothered. Oh well, at least I've installed something from source now. Should be useful experience.

I'm kind of lost in figuring out where it's going wrong, and I'm hoping some more experienced eyes can spot it.

My smb.conf:

Code:

# Samba config file created using SWAT

# from UNKNOWN (Q@)

# Date: 2010/12/08 12:59:41



[global]

        workgroup = HOME

        server string = %h server

        obey pam restrictions = Yes

        pam password change = Yes

        passwd program = /usr/bin/passwd %u

        passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

        unix password sync = Yes

        syslog = 0

        log file = /var/log/samba/log.%m

        max log size = 1000

        dns proxy = No

        panic action = /usr/share/samba/panic-action %d

        hosts allow = 10.0.0.0/255.255.255.0



[homes]

        comment = Home Directories

        path = /external/sambadata/%S

        valid users = %S

        read only = No

        create mask = 0700

        directory mask = 0700