samba

Wu, Hu-Hwa HU@cceng.com
Thu, 14 Dec 2000 14:45:21 -0500


You have 

;encrypt passwords = yes

commented out.

Did you make registry changes on the Windows PC to allow for Plain text
passwords ??

Win 9x

HKEY_LOCAL_MACHINE
 System
  CurrentControlSet
   Services
    VxD
     VNETSUP

Win NT

HKEY_LOCAL_MACHINE
 System
  CurrentControlSet
   Services
    Rdr
     Parameters


->New ->DWORD-"EnablePlainTextPassword"

Enter "1" as its value

If not, then you have to use 

;encrypt passwords = yes

un comment this and add yourself as a user with 

-> smbadduser linuxuser:smbuser

change the password with -> smbpasswd smbuser

then it should let you in.

Why it doesn't appear in the Workgroup list is that the Master-Browser on
Windows workgorup system has not refreshed as of yet.

Or if you have a domain it takes a while to refresh the master browser which
is usually the domain controller.

Have you tried to connect to it using -> smbclient 

-> smbclient -L netbiosname -N

to see if it is working.

If you have a domain controller/NT server setting your domain
controller/server to service the passwords is really the way to go.
Otherwise you have to maintain two sets of passwords.



Hope this helps

-Hu































Hu-Hwa Wu
Director of Information Systems and Technology
hu@cceng.com
Capital Consultants 
725 Prudden Street
Lansing, MI  48906
Office: 517.371.1200
Fax:    517.371.2013

http://www.cceng.com



> -----Original Message-----
> From: Adam Pitcher [mailto:pitcher2@cse.msu.edu]
> Sent: Thursday, December 14, 2000 2:04 PM
> To: Scott Overfield 7239; linux-user@egr.msu.edu
> Subject: Re: samba
> 
> 
> How are you trying to get to it?  I see you are trying to map a guest
> user to fnac, then use that guest for a share.  Or is it the other
> shares for valid users?
> If its to map to guests, there is some entry about "map to guest = bad
> user" And something in the share about "guest ok".
> If its for valid users, then you need password encryption and use
> smbpasswd.
> 
> Give us a little more detail.
> 
> Adam
> 
> Scott Overfield 7239 wrote:
> > 
> > help..please
> > no matter what i enter in the hosts allow, i cannot connect 
> to the linux box
> > from a windoze PC
> > 
> > redhat7
> > samba ver. 2.0.7
> > 
> > also does not show up in network neighborhood but i can 
> search and find it
> > 
> > when i try to connect it tells me the user is not allowed 
> to log in from this
> > workstation
> > 
> > ;
> > ;
> > ;======================= Global Settings
> > =====================================
> > [global]
> > ; workgroup = NT-Domain-Name or Workgroup-Name, eg: WINERS
> >  workgroup = FIRST_NATIONAL
> > ; domain controller = ashton
> >  netbios name = elproducto
> > ; comment is the equivalent of the NT Description field
> >  comment = Appraisals Server and Intranet
> >   hosts allow = 172.28.31.246
> > ; valid users= guest
> > 
> > ; printing = BSD or SYSV or AIX, etc.
> > ; printing = bsd
> > ; printcap name = /etc/printcap
> > ; load printers = yes
> > ; load printers = no
> > 
> > ; Uncomment this if you want a guest account, you must add this to
> > /etc/passwd
> >  guest account = fnac
> > ; log file = /var/log/samba.d/%m
> >  log file = /var/log/samba.d/smblog
> > 
> > ; Put a capping on the size of the log files (in Kb)
> >    max log size = 50
> > 
> > ; Options for handling file name case sensitivity and / or 
> preservation
> > ; Case Sensitivity breaks many WfW and Win95 apps
> >    case sensitive = yes
> >     short preserve case = yes
> >     preserve case = yes
> > 
> > ; Security and file integrity related options
> >    lock directory = /usr/local/samba/var/locks
> >    locking = no
> > ; Strict locking is available for paranoid locking situations only
> > ;        enabling this severely degrades read / write performance.
> > ;   strict locking = yes
> > ;   fake oplocks = yes
> > ;   share modes = yes
> > ;   status = yes
> >    debuglevel = 1
> > 
> > ;password level = 4
> > ;encrypt passwords = yes
> > ;update encrypted = yes
> > 
> > ; Security modes: USER uses Unix username/passwd, SHARE 
> uses WfW type passwords
> > ;        SERVER uses an other SMB server (eg: Windows NT 
> Server or Samba)
> > ;        to provide authentication services
> >    security = user
> > ;  security = share
> > ;  security = domain
> > ;  security = server
> > ; Use password server option only with security = server
> > ;  password server = ashton
> > 
> > ; Configuration Options ***** The location of this entry in 
> your smb.conf
> > ; heirachy determines  which parameters are overwritten - 
> please watch out!
> > ; Where %m is any SMBName (machine name, or computer name) 
> for which a custom
> > ; configuration is desired
> > ;   include = /etc/smb.conf.%m
> > 
> > ; Performance Related Options
> > ; Before setting socket options read the smb.conf man page!!
> >    socket options = TCP_NODELAY
> > ; Socket Address is used to specify which socket Samba
> > ; will listen on (good for aliased systems)
> > ;   socket address = aaa.bbb.ccc.ddd
> > ; Use keep alive only if really needed!!!!
> > ;   keep alive = 60
> > ; Configure Samba to use multiple interfaces
> > ;        Samba will auto-detect network interfaces - only 
> use this if
> > ;        the auto-detection does not deliver the needed results
> > ;   interfaces = 192.168.12.2/24 176.16.111.22/19 
> 10.11.13.14/255.255.252.0
> > 
> > ; Browser Control Options:
> > ; Local Master set to True causes Samba to participate in 
> browser elections
> > ;       the default setting is true, this causes Samba to 
> behave like a
> > ;       Windows NT server. Setting this to false turns off 
> all browser
> > ;       election participation.
> > ;   local master = true
> > 
> > ; OS Level gives Samba the power to win browser elections. 
> Windows NT = 32
> > ;       Any value < 32 means NT wins as Master Browser, > 
> 32 Samba gets it
> > ;       default = 0, this ensures that Samba will NOT win 
> the browser election.
> > ;   os level = 33
> > 
> > ; Domain Master specifies Samba to be the Domain Master Browser
> > ;       Only ever set this if there is NO Windows NT Domain 
> Controller on the
> > ;       network
> > ;   domain master = yes
> > 
> > ; Preferred Master causes Samba to force a local browser 
> election on startup
> > ;   preferred master = yes
> > 
> > ; Use with care only if you have an NT server on your 
> network that has been
> > ; configured at install time to be a primary domain controller.
> >    domain controller = ashton
> > 
> > ; Domain Logon Service Options:
> > ; Domain logon control can be a good thing! See [netlogon] 
> share section below!
> > ;       Do NOT set this to yes if there is an Windows NT 
> domain controller
> > ;       on the network
> > ;   domain logons = yes
> > 
> > ; run a specific logon batch file per workstation (machine)
> > ;   logon script = %m.bat
> > ; run a specific logon batch file per username
> > ;   logon script = %u.bat
> > 
> > ; Where to store roving profiles (only for Win95 and WinNT)
> > ;        %L substitutes for the SMB name we are called, %U 
> is username
> > ;        You must uncomment the [Profiles] share below
> > ;   logon path = \\%L\Profiles\%U
> > 
> > ; Windows Internet Name Serving Support Section:
> > ; WINS Support - Tells the NMBD component of Samba to 
> enable it's WINS Server
> > ;       the default is NO. If you have an Windows NT Server 
> WINS use it!
> > ;       Samba defaults to wins support = no
> > ;   wins support = yes
> > 
> > ; WINS Server - Tells the NMBD components of Samba to be a 
> WINS Client
> > ;       Note: Samba can be either a WINS Server, or a WINS 
> Client, but NOT both
> >    wins server = 172.28.1.23
> > 
> > ; WINS Proxy - Tells Samba to answer name resolution 
> queries on behalf of a non
> > ;       WINS Client capable client, for this to work there 
> must be at least one
> > ;       WINS Server on the network. The default is NO.
> > ;   wins proxy = yes
> > 
> > ;============================ Share Definitions 
> ==============================
> > ;[homes]
> > ;   comment = Home Directories
> > ;   browseable = no
> > ;   read only =no
> > ;   create mode = 0750
> > 
> > ; Un-comment the following and create the netlogon 
> directory for Domain Logons
> > ; [netlogon]
> > ;   comment = Samba Network Logon Service
> > ;   path = /usr/local/samba/lib/netlogon
> > ; Case sensitivity breaks logon script processing!!!
> > ;   case sensitive = no
> > ;   guest ok = yes
> > ;   locking = no
> > ;   writable = no
> > ;   For browseable say NO if you want to hide the NETLOGON share
> > ;   browseable = yes
> > 
> > ; Un-comment the following to provide a specific roving 
> profile share
> > ; the default is to use the user's home directory
> > ;[Profiles]
> > ;    path = /usr/local/samba/profiles
> > ;    browseable = no
> > ;    printable = no
> > ;    guest ok = yes
> > 
> > ; NOTE: There is NO need to specifically define each 
> individual printer
> > ;[printers]
> > ;   comment = All Printers
> > ;   path = /usr/spool/samba
> > ;   browseable = no
> > ;   printable = yes
> > ; Set public = yes to allow user 'guest account' to print
> > ;   guest ok = no
> > ;   writable = no
> > ;   create mask = 0700
> > 
> > [scanning]
> >    comment = Share for scanning station
> >    path = /usr/apr
> >    public = no
> >    user = fnac
> >    read only = no
> >    valid users = fnac ddonovan
> >    writable = yes
> > [chuck]
> >    comment = Chuck's IntrAnet access
> >    path = /home/httpd/html/geeks
> >    user = guest
> >    read only = no
> >    read only = no
> >    writable = yes
> >    valid users = craig ddonovan cgilbert
> > 
> > [amanion]
> >    comment = amanion
> >    path = /home/httpd/html/amanion
> > ; user = guest
> >    read only = no
> >    writable = yes
> >    valid users = ddonovan amanion fnac
> > 
> > [eqv]
> >    comment = eqv
> >    path = /home/eqv
> > ; user = guest
> >    read only = no
> >    writable = yes
> >    valid users = ddonovan eqv
> > 
> > [David]
> >    comment = David
> >    path = /home/ddonovan
> > ; user = guest
> >    read only = no
> >    writable = yes
> >    valid users = ddonovan
> > 
> > [Craig]
> >    comment = Craig's Web Folder
> >    path = /home/httpd/html/geek/mis/
> >    read only = no
> >    writable = yes
> >    valid users = craig
> > 
> > ; A publicly accessible directory, but read only, except 
> for people in
> > ; the staff group
> > 
> > [public]
> > ;   user =app
> >     comment = apps
> >     path = /
> > ;   public = yes
> >     writable = no
> > ;   printable = no
> >     valid users = root npc
> > 
> > ;A directory for mapping to NT and reading the bios into PowerDynamo
> > [bios]
> >     comment = Employee Bio Space
> >     path = /new/apr/employees/bios/
> >     public = yes
> >     read only = yes
> >     guest ok = yes
> > 
> > [photos]
> >     comment = Employee New Photo Space
> >     path = /new/apr/new_photos/
> >     valid users = sam alkinoos npc
> >     public = no
> > ;    read only = no
> > ;    guest ok = no
> >     writable = yes
> > ;    printable = no
> > 
> > [emp]
> >     comment = Employee Space
> >     path = /new/apr/employees/
> >     valid users = sam alkinoos npc
> >     public = no
> > ;    read only = no
> > ;    guest ok = no
> >     writable = yes
> > 
> > [fam]
> >     comment = Employee Family Space
> >     path = /new/apr/families/
> >     valid users = sam alkinoos npc
> >     public = no
> > ;    read only = no
> > ;    guest ok = no
> >     writable = yes
> > 
> > [web]
> >     comment = Link to Web-incoming folder
> >     path = /home/httpd/html/
> >     valid users = npc
> >     public = no
> > ;    read only = no
> > ;    guest ok = no
> >     writable = yes
> > 
> > ; Other examples.
> > ;
> > ; A private printer, usable only by fred. Spool data will 
> be placed in fred's
> > ; home directory. Note that fred must have write access to 
> the spool directory,
> > ; wherever it is.
> > ;[fredsprn]
> > ;   comment = Fred's Printer
> > ;   valid users = fred
> > ;   path = /homes/fred
> > ;   printer = freds_printer
> > ;   public = no
> > ;   writable = no
> > ;   printable = yes
> > ;
> > ; A private directory, usable only by fred. Note that fred 
> requires write
> > ; access to the directory.
> > ;[fredsdir]
> > ;   comment = Fred's Service
> > ;   path = /usr/somewhere/private
> > ;   valid users = fred
> > ;   public = no
> > ;   writable = yes
> > ;   printable = no
> > ;
> > ; a service which has a different directory for each 
> machine that connects
> > ; this allows you to tailor configurations to incoming 
> machines. You could
> > ; also use the %u option to tailor it by user name.
> > ; The %m gets replaced with the machine name that is connecting.
> > ;[pchome]
> > ;  comment = PC Directories
> > ;  path = /usr/pc/%m
> > ;  public = no
> > ;  writable = yes
> > ;
> > ;
> > ; A publicly accessible directory, read/write to all users. 
> Note that all files
> > ; created in the directory by users will be owned by the 
> default user, so
> > ; any user with access can delete any other user's files. 
> Obviously this
> > ; directory must be writable by the default user. Another 
> user could of course
> > ; be specified, in which case all files would be owned by 
> that user instead.
> > ;[public]
> > ;   path = /usr/somewhere/else/public
> > ;   public = yes
> > ;   only guest = yes
> > ;   writable = yes
> > ;   printable = no
> > ;
> > ;
> > ; The following two entries demonstrate how to share a 
> directory so that two
> > ; users can place files there that will be owned by the 
> specific users. In this
> > ; setup, the directory should be writable by both users and 
> should have the
> > ; sticky bit set on it to prevent abuse. Obviously this 
> could be extended to
> > ; as many users as required.
> > ;[myshare]
> > ;   comment = Mary's and Fred's stuff
> > ;   path = /usr/somewhere/shared
> > ;   valid users = mary fred
> > ;   public = no
> > ;   writable = yes
> > ;   printable = no
> > ;   create mask = 0765
> > 
> > _______________________________________________
> > linux-user mailing list
> > linux-user@egr.msu.edu
> > http://www.egr.msu.edu/mailman/listinfo/linux-user
> 
> -- 
> Adam Pitcher
> _______________________________________________
> linux-user mailing list
> linux-user@egr.msu.edu
> http://www.egr.msu.edu/mailman/listinfo/linux-user
>