Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Peculiar authentication problem with samba

  1. #1

    Default Peculiar authentication problem with samba

    Hello!

    I am setting up a samba fileserver for a smaller network in a shool. It is actually the first time im doing this so the answer might be simple.

    The problem: The fileserver doesn't recognize the user accounts. You get access as guest and can share files in the folders that allow guests to do so, but as soon as guests are not allowed to touch anything it shuts the users that should be able to read and write out.

    I do not believe this is a smb.conf problem. I've been trying to work this out for quite some time now, to no avail. In threads i've looked into they speak about setting the primary login to "Windows-login" instead of client for microsoft networks, but the hosts are Windows XP computers and i cant seem to find any such option on my network connection. Tried to uncheck the "Client for Microsoft networks" box but then i cant access the server at all.

    I have added users to the server, added smbpasswd to these and added users withe the same name to the windows host.
    I am aware that linux is case sensitive. I have tried adding the users to hosts files in both windows and linux and i have tried to have the passwords in linus both exactly the same and different.

    Pasting the smb.conf just in case (as it might contain errors):
    Code:
    # Samba config file created using SWAT
    # from 127.0.0.1 (127.0.0.1)
    # Date: 2009/10/08 11:18:03
    
    [global]
    	workgroup = MIKAEL
    	netbios name = server1
    	map to guest = Bad User
    	printcap name = cups
    #	logon path = \\%L\profiles\.msprofile
    #	logon drive = P:
    #	logon home = \\%L\%U\.9xprofile
    	usershare allow guests = Yes
    	usershare path = /etc/samba/usershares
    	printing = cups
    	include = /etc/samba/dhcp.conf
    	local master = Yes
    	preferred master = Yes
    	os level = 65
    	security = user
    	add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s /bin/false %m$
    	domain logons = Yes
    	domain master = Yes
    	usershare max shares = 100
    	en crypt passwords = true
    
    [homes]
    	comment = Home Directories
    	valid users = %S, %D%w%S
    	read only = No
    	inherit acls = Yes
    	browseable = No
    
    [profiles]
    	comment = Network Profiles Service
    	path = %H
    	read only = No
    	create mask = 0600
    	directory mask = 0700
    	store dos attributes = Yes
    
    [users]
    	comment = All users
    	path = /home
    	read only = No
    	inherit acls = Yes
    	veto files = /aquota.user/groups/shares/
    
    [groups]
    	comment = All groups
    	path = /home/groups
    	read only = No
    	inherit acls = Yes
    	browseable = No
    
    [printers]
    	comment = All Printers
    	path = /var/tmp
    	create mask = 0600
    	printable = Yes
    	browseable = No
    
    [print$]
    	comment = Printer Drivers
    	path = /var/lib/samba/drivers
    	write list = @ntadmin, root
    	force group = ntadmin
    	create mask = 0664
    	directory mask = 0775
    
    [netlogon]
    	comment = Network Logon Service
    	path = /var/lib/samba/netlogon
    	write list = root
    
    [elev]
    	comment = Fr elever
    	path = /home/elev
    	admin users = @larare
    	read only = No
    	create mask = 0765
    	inherit acls = Yes
    
    [kansli]
    	path = /home/kansli
    	read only = No
    	inherit acls = Yes
    
    [larare]
    	path = /home/larare
    	read only = No
    	inherit acls = Yes
    
    [tmp]
    	comment = temporary file space
    	path = /tmp
    	read only = No
    	guest ok = Yes
    Thanks in advance!

  2. #2
    Vahis NNTP User

    Default Re: Peculiar authentication problem with samba

    skydesign wrote:
    > Hello!
    >
    > I am setting up a samba fileserver for a smaller network in a shool. It
    > is actually the first time im doing this so the answer might be simple.
    >
    >
    > The problem: The fileserver doesn't recognize the user accounts.


    The samba server requires the users to have samba username and password.
    These can be but do not have to be the same as their normal usernames
    and passwords.

    You add them for each user as follows, as root:
    smbpasswd -a <username>

    You will be prompted to re-enter the passwords.

    --
    Vahis

  3. #3

    Red face Re: Peculiar authentication problem with samba

    Thanks for the fast reply. However, I have typed in smbpasswd's for every user.

  4. #4
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,698
    Blog Entries
    1

    Default Re: Peculiar authentication problem with samba

    Review this guide. Maybe you've missed something.

  5. #5

    Default Re: Peculiar authentication problem with samba

    The guide is now reviewed. Have made new user and usergroup in linux, new user in samba and windows. The username is larare1. Have made a new diskquota named larare of 2gb and have granted the "larare" group read and write permissions.

    In windows i left the username without password, so when i try to access the server it asks for it. I enter the password and can view the files on the server. I can access, read and write in larare1's personal folder.

    I can also access the larare quota and view the files in there, but i can not create anything. Pasting the smb.conf again:

    Code:
    # Samba config file created using SWAT
    # from 127.0.0.1 (127.0.0.1)
    # Date: 2009/10/08 11:18:03
    
    [global]
    	workgroup = MIKAEL
    	netbios name = server1
    	map to guest = Bad User
    	printcap name = cups
    #	logon path = \\%L\profiles\.msprofile
    #	logon drive = P:
    #	logon home = \\%L\%U\.9xprofile
    	usershare allow guests = Yes
    	usershare path = /etc/samba/usershares
    	printing = cups
    	include = /etc/samba/dhcp.conf
    	local master = Yes
    	preferred master = Yes
    	os level = 65
    	security = user
    	add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s /bin/false %m$
    	domain logons = Yes
    	domain master = Yes
    	usershare max shares = 100
    	encrypt passwords = true
    	usershare owner only = False
    	guest account = nobody
    
    [homes]
    	comment = Home Directories
    	valid users = %S, %D%w%S
    	read only = No
    	inherit acls = Yes
    	browseable = yes
    
    [profiles]
    	comment = Network Profiles Service
    	path = %H
    	read only = No
    	create mask = 0600
    	directory mask = 0700
    	store dos attributes = Yes
    
    [users]
    	comment = All users
    	path = /home
    	read only = No
    	inherit acls = Yes
    	veto files = /aquota.user/groups/shares/
    
    [groups]
    	comment = All groups
    	path = /home/groups
    	read only = No
    	inherit acls = Yes
    	browseable = No
    
    [printers]
    	comment = All Printers
    	path = /var/tmp
    	create mask = 0600
    	printable = Yes
    	browseable = No
    
    [print$]
    	comment = Printer Drivers
    	path = /var/lib/samba/drivers
    	write list = @ntadmin, root
    	force group = ntadmin
    	create mask = 0664
    	directory mask = 0775
    
    [netlogon]
    	comment = Network Logon Service
    	path = /var/lib/samba/netlogon
    	write list = root
    
    [elev]
    	comment = Fr elever
    	path = /home/elev
    	read only = No
    	inherit acls = Yes
    	browseable = yes
    	
    	
    
    [kansli]
    	path = /home/kansli
    	read only = No
    	inherit acls = Yes
    	valid users = kanslist
    	browseable = no
    
    [larare]
    	path = /home/larare
    	read only = No
    	inherit acls = Yes
    	browseable = yes
    	valid users = larare1
    	writable = yes
    
    [tmp]
    	comment = temporary file space
    	path = /tmp
    	read only = No
    	guest ok = Yes

  6. #6
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,698
    Blog Entries
    1

    Default Re: Peculiar authentication problem with samba

    I can also access the larare quota and view the files in there, but i can not create anything.
    I don't have experience here, so I don't have a good handle on this. Have you checked permissions of the larare share for r/w access?

  7. #7

    Default Re: Peculiar authentication problem with samba

    The funny thing is that even if the shared folder is set so that larare1 is owner, we cant write anything to that folder.

    Something tells me that the server doesn't recognize the user properly. As soon as we activate write permissions for "others" ie. guests, larare1 and all other accounts can write to the folder.

    smbstatus shows that larare1 is logged in, is member of group larare and it shows the ip of the machine connected.

    :^(

  8. #8
    PV NNTP User

    Default Re: Peculiar authentication problem with samba

    On Fri October 9 2009 05:16 am, skydesign wrote:

    >
    > The funny thing is that even if the shared folder is set so that larare1
    > is owner, we cant write anything to that folder.
    >
    > Something tells me that the server doesn't recognize the user
    > properly. As soon as we activate write permissions for "others" ie.
    > guests, larare1 and all other accounts can write to the folder.
    >
    > smbstatus shows that larare1 is logged in, is member of group larare
    > and it shows the ip of the machine connected.
    >
    > :^(
    >
    >

    skydesign;
    While you are testing this add the following to /etc/samba/smb.conf.
    Code:
    log level = 1 auth:3
    This will log authentication for the users. You can read this information in:
    /var/log/samba/log.smbd

    You might see right away the problem.

    Remember that Samba must obey linux permissions, so what are the permissions
    for /home/larare
    Code:
    ls -ld /home/larare
    --
    P. V.
    "We're all in this together, I'm pulling for you." Red Green

  9. #9

    Default Re: Peculiar authentication problem with samba

    ls -ld /home/larare shows that it has read and write rights so the problem should not be there.

    When i check smbstatus i can see that larare1 is logged in and is a part of group larare. Though it seems that when i try to write to the folder/quota that the group larare and the user larare1 should have access to, it doesnt recognize larare1 as anything else than a guest to that folder.

    Could this be some kind of login problem?

  10. #10
    PV NNTP User

    Default Re: Peculiar authentication problem with samba

    On Tue October 13 2009 08:06 am, skydesign wrote:

    >
    > ls -ld /home/larare shows that it has read and write rights so the
    > problem should not be there.
    >
    > When i check smbstatus i can see that larare1 is logged in and is a
    > part of group larare. Though it seems that when i try to write to the
    > folder/quota that the group larare and the user larare1 should have
    > access to, it doesnt recognize larare1 as anything else than a guest to
    > that folder.
    >
    > Could this be some kind of login problem?
    >
    >

    skydesign;

    What do the logs show? Please post the authentication pieces. Can you post
    the results of "ls -ld"? I assume "larare1" is a user and "larare" is a
    group, so who owns /home/larare?

    If in fact the logs show that larare1 is a guest then there is something wrong
    with the authentication; either you have not added larare1 as a user
    with "smbpasswd -a" or you are using the wrong username/password. Remember
    that each Samba user must also be a valid Linux user.
    --
    P. V.
    "We're all in this together, I'm pulling for you." Red Green

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •