Find the answer to your Linux question:
Results 1 to 7 of 7
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    how to troubleshoot samba


    i just configure samba and then trying to connect it from windows client. however, things didn't work as expected.

    here is the configuration of smb.conf

    # This is the main Samba configuration file. You should read the
    # smb.conf(5) manual page in order to understand the options listed
    # here. Samba has a huge number of configurable options (perhaps too
    # many!) most of which are not shown in this example
    #
    # For a step to step guide on installing, configuring and using samba,
    # read the Samba-HOWTO-Collection. This may be obtained from:
    # http://www.samba.org/samba/docs/Samb...Collection.pdf
    #
    # Many working examples of smb.conf files can be found in the
    # Samba-Guide which is generated daily and can be downloaded from:
    # http://www.samba.org/samba/docs/Samba-Guide.pdf
    #
    # Any line which starts with a ; (semi-colon) or a # (hash)
    # is a comment and is ignored. In this example we will use a #
    # for commentry and a ; for parts of the config file that you
    # may wish to enable
    #
    # NOTE: Whenever you modify this file you should run the command "testparm"
    # to check that you have not made any basic syntactic errors.
    #
    #======================= Global Settings =====================================
    [global]

    # workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
    workgroup = mygroup

    # server string is the equivalent of the NT Description field
    server string = Samba Server

    # Security mode. Defines in which mode Samba will operate. Possible
    # values are share, user, server, domain and ads. Most people will want
    # user level security. See the Samba-HOWTO-Collection for details.
    ; security = user

    # This option is important for security. It allows you to restrict
    # connections to machines which are on your local network. The
    # following example restricts access to two C class networks and
    # the "loopback" interface. For more examples of the syntax see
    # the smb.conf man page
    ; hosts allow = 192.168.1. 192.168.2. 127.

    # If you want to automatically load your printer list rather
    # than setting them up individually then you'll need this
    load printers = yes

    # you may wish to override the location of the printcap file
    ; printcap name = /etc/printcap

    # on SystemV system setting printcap name to lpstat should allow
    # you to automatically obtain a printer list from the SystemV spool
    # system
    ; printcap name = lpstat

    # It should not be necessary to specify the print system type unless
    # it is non-standard. Currently supported print systems include:
    # bsd, cups, sysv, plp, lprng, aix, hpux, qnx
    ; printing = cups

    # This option tells cups that the data has already been rasterized
    cups options = raw

    # Uncomment this if you want a guest account, you must add this to /etc/passwd
    # otherwise the user "nobody" is used
    ; guest account = pcguest

    # this tells Samba to use a separate log file for each machine
    # that connects
    log file = /var/log/samba/%m.log

    # Put a capping on the size of the log files (in Kb).
    max log size = 50

    # Use password server option only with security = server
    # The argument list may include:
    # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
    # or to auto-locate the domain controller/s
    # password server = *
    ; password server = <NT-Server-Name>

    # Use the realm option only with security = ads
    # Specifies the Active Directory realm the host is part of
    ; realm = MY_REALM

    # Backend to store user information in. New installations should
    # use either tdbsam or ldapsam. smbpasswd is available for backwards
    # compatibility. tdbsam requires no further configuration.
    ; passdb backend = tdbsam

    # Using the following line enables you to customise your configuration
    # on a per machine basis. The %m gets replaced with the netbios name
    # of the machine that is connecting.
    # Note: Consider carefully the location in the configuration file of
    # this line. The included file is read at that point.
    ; include = /usr/local/samba/lib/smb.conf.%m

    # Configure Samba to use multiple interfaces
    # If you have multiple network interfaces then you must list them
    # here. See the man page for details.
    ; interfaces = 192.168.12.2/24 192.168.13.2/24

    # Browser Control Options:
    # set local master to no if you don't want Samba to become a master
    # browser on your network. Otherwise the normal election rules apply
    ; local master = no

    # OS Level determines the precedence of this server in master browser
    # elections. The default value should be reasonable
    ; os level = 33

    # Domain Master specifies Samba to be the Domain Master Browser. This
    # allows Samba to collate browse lists between subnets. Don't use this
    # if you already have a Windows NT domain controller doing this job
    ; domain master = yes

    # Preferred Master causes Samba to force a local browser election on startup
    # and gives it a slightly higher chance of winning the election
    ; preferred master = yes

    # Enable this if you want Samba to be a domain logon server for
    # Windows95 workstations.
    ; domain logons = yes

    # if you enable domain logons then you may want a per-machine or
    # per user logon script
    # run a specific logon batch file per workstation (machine)
    ; logon script = %m.bat
    # run a specific logon batch file per username
    ; logon script = %U.bat

    # Where to store roving profiles (only for Win95 and WinNT)
    # %L substitutes for this servers netbios name, %U is username
    # You must uncomment the [Profiles] share below
    ; logon path = \\%L\Profiles\%U

    # Windows Internet Name Serving Support Section:
    # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
    ; wins support = yes

    # WINS Server - Tells the NMBD components of Samba to be a WINS Client
    # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
    ; wins server = w.x.y.z

    # WINS Proxy - Tells Samba to answer name resolution queries on
    # behalf of a non WINS capable client, for this to work there must be
    # at least one WINS Server on the network. The default is NO.
    ; wins proxy = yes

    # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
    # via DNS nslookups. The default is NO.
    dns proxy = no
    username map = /etc/samba/smbusers
    ; security = user
    ; encrypt passwords = yes
    guest ok = yes
    guest account = root

    # These scripts are used on a domain controller or stand-alone
    # machine to add or delete corresponding unix accounts
    ; add user script = /usr/sbin/useradd %u
    ; add group script = /usr/sbin/groupadd %g
    ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
    ; delete user script = /usr/sbin/userdel %u
    ; delete user from group script = /usr/sbin/deluser %u %g
    ; delete group script = /usr/sbin/groupdel %g


    #============================ Share Definitions ==============================
    [homes]
    comment = Home Directories
    browseable = no
    writeable = yes

    # Un-comment the following and create the netlogon directory for Domain Logons
    ; [netlogon]
    ; comment = Network Logon Service
    ; path = /usr/local/samba/lib/netlogon
    ; guest ok = yes
    ; writable = no
    ; share modes = no


    # Un-comment the following to provide a specific roving profile share
    # the default is to use the user's home directory
    ;[Profiles]
    ; path = /usr/local/samba/profiles
    ; browseable = no
    ; guest ok = yes


    # NOTE: If you have a BSD-style print system there is no need to
    # specifically define each individual printer
    [printers]
    comment = All Printers
    path = /usr/spool/samba
    browseable = no
    # Set public = yes to allow user 'guest account' to print
    ; guest ok = no
    ; writeable = no
    printable = yes

    # This one is useful for people to share files
    ;[tmp]
    ; comment = Temporary file space
    ; path = /tmp
    ; read only = no
    ; public = yes

    # A publicly accessible directory, but read only, except for people in
    # the "staff" group
    ;[public]
    ; comment = Public Stuff
    ; path = /home/samba
    ; public = yes
    ; writable = yes
    ; printable = no
    ; write list = @staff

    # Other examples.
    #
    # A private printer, usable only by fred. Spool data will be placed in fred's
    # home directory. Note that fred must have write access to the spool directory,
    # wherever it is.
    ;[fredsprn]
    ; comment = Fred's Printer
    ; valid users = fred
    ; path = /homes/fred
    ; printer = freds_printer
    ; public = no
    ; writable = no
    ; printable = yes

    # A private directory, usable only by fred. Note that fred requires write
    # access to the directory.
    ;[fredsdir]
    ; comment = Fred's Service
    ; path = /usr/somewhere/private
    ; valid users = fred
    ; public = no
    ; writable = yes
    ; printable = no

    # a service which has a different directory for each machine that connects
    # this allows you to tailor configurations to incoming machines. You could
    # also use the %U option to tailor it by user name.
    # The %m gets replaced with the machine name that is connecting.
    ;[pchome]
    ; comment = PC Directories
    ; path = /usr/pc/%m
    ; public = no
    ; writable = yes

    # A publicly accessible directory, read/write to all users. Note that all files
    # created in the directory by users will be owned by the default user, so
    # any user with access can delete any other user's files. Obviously this
    # directory must be writable by the default user. Another user could of course
    # be specified, in which case all files would be owned by that user instead.
    ;[public]
    ; path = /usr/somewhere/else/public
    ; public = yes
    ; only guest = yes
    ; writable = yes
    ; printable = no

    # The following two entries demonstrate how to share a directory so that two
    # users can place files there that will be owned by the specific users. In this
    # setup, the directory should be writable by both users and should have the
    # sticky bit set on it to prevent abuse. Obviously this could be extended to
    # as many users as required.
    ;[myshare]
    ; comment = Mary's and Fred's stuff
    ; path = /usr/somewhere/shared
    ; valid users = mary fred
    ; public = no
    ; writable = yes
    ; printable = no
    ; create mask = 0765


    [home]
    path = /home
    ; writeable = no
    browseable = yes
    guest ok = yes

    [tmp]
    comment = lalala
    path = /tmp
    writeable = yes
    browseable = yes
    guest ok = yes

  2. #2
    i just configure samba and then trying to connect it from windows client. however, things didn't work as expected.
    Can I point out that you haven't actually asked a question, and even if you had, you have given exactly zero explanation of what your problem is. You then post a very heavily commented config and expect people to scour it to fix said non-specified question?

    You're kidding, right?

  3. #3
    i'm unable to connect from my windows client... here is the error

    C:\>net view \\192.168.58.137
    System error 53 has occurred.

    The network path was not found.
    when i check on local system with nmap, seems like there are no problems.

    [root@localhost samba]# nmap localhost

    Interesting ports on localhost.localdomain (127.0.0.1):
    Not shown: 1672 closed ports
    PORT STATE SERVICE
    22/tcp open ssh
    25/tcp open smtp
    111/tcp open rpcbind
    139/tcp open netbios-ssn
    445/tcp open microsoft-ds
    631/tcp open ipp
    773/tcp open submit
    6000/tcp open X11

    Nmap finished: 1 IP address (1 host up) scanned in 1.487 seconds
    however, when i scan it from windows client, i found out certain important ports that related to windows sharing is closed.

    C:\>sl 192.168.58.137
    --------------------------------------------------------
    192.168.58.137
    Responded in 0 ms.
    0 hops away
    Responds with ICMP unreachable: No
    TCP ports: 21 22 25 110 119 143
    UDP ports:
    so i suspect the problem is come from iptables. unfortunately, i'm not really familiar with it. here is the configuration of iptables

    [root@localhost etc]# iptables -L
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    RH-Firewall-1-INPUT all -- anywhere anywhere

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination
    RH-Firewall-1-INPUT all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    Chain RH-Firewall-1-INPUT (2 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
    ACCEPT icmp -- anywhere anywhere icmp any
    ACCEPT esp -- anywhere anywhere
    ACCEPT ah -- anywhere anywhere
    ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
    ACCEPT udp -- anywhere anywhere udp dpt:ipp
    ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
    ACCEPT all -- anywhere anywhere state RELATED,ESTAB
    LISHED
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s
    sh
    REJECT all -- anywhere anywhere reject-with icmp-ho
    st-prohibited
    do you think the problems come from iptable? thanks in advance

  4. $spacer_open
    $spacer_close
  5. #4
    try disabling your firewall temporarily and see if it works I think you need port 137-139 open

  6. #5
    stop iptables service

    service iptables stop
    scan linux machine from windows box

    C:\>sl 192.168.58.137
    ScanLine (TM) 1.01
    Copyright (c) Foundstone, Inc. 2002
    Foundstone - A division of McAfee

    Scan of 1 IP started at Sat Dec 15 15:20:19 2007

    -------------------------------------------------------------------------------
    192.168.58.137
    Responded in 0 ms.
    0 hops away
    Responds with ICMP unreachable: Yes
    TCP ports: 21 22 25 110 111 119 139 143 445 6000
    UDP ports: 68 69 111 123 135 137 138 161 191 192 256 260 407 445 500 514 520 1009 1024 102
    5 1027 1028 1030 1033 1034 1035 1037 1041 1058 1060 1091 1352 1434 1645 1646 1812 1813 190
    0 1978 2002 2049 2140 2161 2301 2365 2493 2631 2967 3179 3327 3456 4045 4156 4296 4469 480
    2 5631 5632 11487 31337 32768 32769 32770 32771 32778 32779 32780 32781 32782 32783 32784
    32785 32786 32787 32788 32789 32790 43981

    -------------------------------------------------------------------------------

    Scan finished at Sat Dec 15 15:20:32 2007

    1 IP and 267 ports scanned in 0 hours 0 mins 13.41 secs
    yeah...seems iptables block samba.

    but when i try to connect again, another error has occured. instead of network path not found, system error 5 has occured

    C:\>net view \\192.168.58.137
    System error 5 has occurred.

    Access is denied.
    mmm...what else i need to check

  7. #6
    I think you need to google system error 5

  8. #7

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •