I've migrated from an old Centos to SLES10, and I'm trying to setup Samba again. I'm able to connect to my 2 partitions, but there's no authentication ! Just goes straight to the folders . Can someone take a look at my smb.conf and tell me what's wrong here. I have kind of a mishmash of the old Centos and the smb.conf settings that were part of SLES10.



[global]

workgroup = SmbTest
server string = Samba Test
encrypt passwords = True
security = user
smb passwd file = /etc/samba/smbpasswd
log file = /var/log/samba/log.%m
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain master = No
local master = Yes
preferred master = No
os level = 65
dns proxy = No
name resolve order = lmhosts host bcast
# bind interfaces only = True
hosts allow = 192.168.
debug level = 1
create mask = 0644
directory mask = 0775
level2 oplocks = True
read raw = no
write cache size = 262144
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
# winbind use default domain = no
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$

[data1]
comment = Master
path = /data1
read only = Yes
[data3]
comment = Backup
path = /data3
read only = Yes



I want 2 things actually.

1) For anyone to connect to my IP to be prompted a login/password, which if located in the smbpasswd file and would grand them access. Right now this is not happening, so anyone can just connect to the IP and get access.

2) I'v noticed that despite the user closing the session on their end (like closing Windows Explorer) the PID remains open, so if say someone is using a public PC and leaves the station without logging off (but closing the WinExplorer) another person can just open WinExplorer and they take that person's samba session and can browse the files on my machine

security = user

try changing that to secuirty = domain

and make sure you set smbpasswd for the users you want to add to samba. if you are using windows vista with samba make sure you have

client lanman auth = no
client ntlmv2 auth = yes
domain logons = yes

set in your global config in samba.

or the samba share wont show up on vista. good luck


1) For anyone to connect to my IP to be prompted a login/password, which if located in the smbpasswd file and would grand them access. Right now this is not happening, so anyone can just connect to the IP and get access.



you might want to setup a ssh server for that... its pretty insecure to setup a samba share over the internet... the netbios protocol is a easy attack. just my two cents.

but if you do want to open it you have to open the netbios port on your router.

secuirty = domain

security = domain

sorry about that type o .

Thanks Crow.

Now that I changed it to domain, it takes forever to reply, but it gives me a login window, however I'm not able to login with the root password or a local user that I have created. I'm using XP/2000 (no Vista atm)

then do not use
client lanman auth = no
client ntlmv2 auth = yes
domain logons = yes

windows vista uses NTLMV2 security level but windows xp uses NTLMV1 which is set by default. so make sure you don't have in your config file unless you have made windows xp use the NTLMV2 security.

glad it works. I would still setup a ssh if you want users to access data. opening netbios port over the internet is not a good thing to do.

crow.

Its not really working the way it should be .

When I put

“security = user”

It logs without any kind of authentication, without any delays

With

“security = domain"

It takes about 30-45 seconds to get the login window, and then even if I try to authenticate with the user/password in the smbpasswd file, its not working.

:confused:

I'm not using Vsita so Im not passing any of the parameters you suggested

I was wondering if there's a way to FORCE samba to use only the passwd file without looking at anything else, domains, hosts, etc. Just read the #$*#&$( smbpasswd file for authentication.

I'm playing around with the options in smb.conf and it doesnt' look like anything's being accessed. When I tail files in /var/log/samba they're not producting anything new. I go get a security window where I can login, but it doesn't let me login.

So my question is, how do you by-pass EVERYTHING that's in smb.conf to read access purely from the smbpasswd file. I don't want to use anything but the smbpasswd file.

What would be the simplest configuration for this ?




security = user
smb passwd file = /etc/samba/smbpasswd

PROBLEM FIXED!!

I gotta smack Novell for wasting my time.

Samba 3.0.22-13.16 DOES NOT WORK !!! You have to patch it with YUM to
3.0.22-13.27-1162, then it works...

:mad:

glad its fixed. so was it a distro problem ?

i use gentoo and it of coarse builds if from source by using emerge pacakge manager.......