Find the answer to your Linux question:
Results 1 to 3 of 3
List, things are strange here. We have a PDC (Windows based) that is out from our office and in our local network we have machines (windows xp, some with SP2 ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2010
    Posts
    6

    Samba authentication mystery?


    List,

    things are strange here. We have a PDC (Windows based) that is out from our office and in our local network we have machines (windows xp, some with SP2 and others with SP3) that log in the domain and others donīt. Weīve been using samba just to share some directories in our internal development server. The mystery is that some users have access while others donīt, although they are all created using the same commands/configuration...

    useradd -d /home/someuser -g users -m -s /bin/bash someuser smbpasswd -L -a someuser

    We can check that they are created in both linux and samba: home directory is there, ssh logins are possible but mapping the shares...no way. Issuing a smbclient command like...

    smbclient -L fpwdev04 -U someuser

    ...shows the expected output (listing of shares defined).

    By how far we investigated, things do not seem much logical, since we have Windows XP SP2 in which things work and others not. The same for machines with SP3. This also applies to machines logging or not in the domain.

    Actually, we have 4 servers, all running their own samba, with a very similar configuration. The main differences are attributes like "server string", "force user", "guest ok" and the shares themselves. Letīs call it "our main samba" has its "force user" set to "samba" and "guest ok" to "no". The others, have "force user" to "%U" and "guest ok", some to "yes" and others to "no". Since in the "global" section they are all set to...

    local master = no
    prefered master = no
    domain master = no
    domain logons = no
    wins proxy = no
    dns proxy = no
    os level = 0

    ...and we specify the server when we map a share, I do not believe they are competing with each other and causing this behavior.

    Have you ever experienced something like that?

    Below I paste our smb.conf. If you can help us in anyway, it would be very appreciated! Thanks you all in advance.

    [global]

    workgroup = workgroup
    server string = Development 4 Server
    local master = no
    prefered master = no
    domain master = no
    domain logons = no
    wins proxy = no
    dns proxy = no
    os level = 0
    smb ports = 139
    security = user
    passdb backend = smbpasswd:/etc/samba/smbpasswd
    encrypt passwords = yes

    invalid users = root bin daemon adm lp sync shutdown halt mail news uucp operator games gopher ftp nobody rpm dbus nscd vcsa pcap rpc mailnull smmsp avahi sshd rpcuser nfsnobody haldaemon distcache apache postgres mysql webalizer squid ntp xfs gdm sabayon ais pegasus piranha luci ricci cvs oracle10 ldap ra ca_admin gpo avahi-autoipd csvn trainee vpndial oraclebpa intranet

    force user = samba
    force group = users
    guest ok = no
    create mode = 0770
    directory mode = 0770
    force create mode = 0770
    force directory mode = 0770

    wins server = 172.26.129.25

    load printers = no
    guest account = nobody
    printcap name = /etc/printcap

    username map = /etc/samba/smbusers

    [VM]
    comment = Virtual Machines Files
    path = /data1/home/samba/repository/VM
    writeable = yes
    browseable = yes
    valid users = users (the group users. Had to remove the 'at' to post)
    vfs object = vscan-clamav
    vscan-clamav: config-file = /etc/samba/vscan-clamav.conf

    [Projects]
    comment = Projects
    path = /data1/home/samba/repository/Projects
    writeable = yes
    browseable = yes
    valid users = users (the group users. Had to remove the 'at' to post)
    vfs object = vscan-clamav
    vscan-clamav: config-file = /etc/samba/vscan-clamav.conf

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    anything in your logs? you may need to add the following line as well to smb.conf:
    Code:
    log level = 2
    its on a scale from 1 to 10. You don't want go higher than 3 really. by not mapping is it saying 'Access Denied' or 'Timeout' or just give you the authentication box over and over again?

    alos if you want to see individual hosts, i usually put this line in:

    Code:
    log file = /var/log/samba/log-%m
    linux user # 503963

  3. #3
    Just Joined!
    Join Date
    Feb 2010
    Posts
    6
    Hello Scathefire,

    the login box keep on showing again and again and nothing is wrote on the logs. Now, almost all people are able to map and use the shares and the problem seems to be vanished. As there is still one login that is not working, I applied your tips and will be checking the results. Thanks for you feedback!

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •