i’m setting up samba between opensuse 11.4, windows 7 and os x snow leopard.
From windows 7 my suse pc is seen but only the printer is there, this despite i activated the [homes] share and opened the firewall using yast samba config tool and alos swerdna’s tutorial on the firewall to allow all networks broadcasting on the external zone . Is this supposed to be ?
Thanks ;=)
cat /etc/samba/smb.conf
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
# Date: 2011-03-01
[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
# logon path = \\%L\profiles\.msprofile
# logon home = \\%L\%U\.9xprofile
# logon drive = P:
usershare allow guests = Yes
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
domain logons = No
domain master = No
netbios name = os114
security = user
wins support = No
name resolve order = bcast host lmhosts wins
local master = yes
preferred master = yes
os level = 65
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
## Share disabled by YaST
# [profiles]
# comment = Network Profiles Service
# path = %H
# read only = No
# store dos attributes = Yes
# create mask = 0600
# directory mask = 0700
## Share disabled by YaST
# [users]
# comment = All users
# path = /home
# read only = No
# inherit acls = Yes
# veto files = /aquota.user/groups/shares/
## Share disabled by YaST
# [groups]
# comment = All groups
# path = /home/groups
# read only = No
# inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
## Share disabled by YaST
# [netlogon]
fabrice@linux-l4t8:~>
i was wondering about this too, but as i activated it with yast i thought it would be ok , why isn’t it ?
i changed this option to “Yes”
Now windows can see the share but can’t access to \OS114\homes even though i have restarted nmb, smb and suse firewall .
, same error when i add the path ( path = /home/user ) .
On Sat August 27 2011 03:46 pm, manchette fr wrote:
>
> Hello ;=)
>
> i was wondering about this too, but as i activated it with yast i
> thought it would be ok , why isn’t it ?
> i changed this option to “Yes”
>
>
Setting the parameter “browseable = no” in the [homes] section of smb.conf,
means that only the owner of an “auto home” directory will see the share. If
you use “auto homes”, i.e. no path, and you have three Samba users, JohnD,
SusieQ and MaryS. Then JohnD will see only the home directory of JohnD, he
will not see either SusieQ’s nor MaryS’s home directory. Similarly SusieQ will
see only her home directory and neither those of JohnD nor MaryS. Should the
Windows user Sam_Baa sign in, then given the above mentioned globals, Sam_Baa
will authenticate as guest (i.e. bad user) and not see any home directory. I
suspect that the real problem is that your Windows username/password does not
match you Samba username/password and you are authenticating as guest.
See the write up on [homes] in man smb.conf. In particular:
The browseable flag for auto home directories will be inherited from the global
browseable flag, not the [homes] browseable flag. This is useful as it means
setting browseable = no in the [homes] section will hide the [homes] share but
make any auto home directories visible.
–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
Glad it’s working for you. I see you’ve disabled the [homes] share. BTW the parameter “guest only = Yes” will only work if there exists also the parameter “guest ok = yes”. If you are looking for passwordless access to /home/fabrice in a totally insecure way, you might use this structure:
[home]
path = /home/fabrice
force user = fabrice
guest ok = yes
inherit acls = Yes
read only = No
Obviously, since this is world-accessible, you would not have any protection for sensitive data in the [home] share.
On Sun August 28 2011 03:16 am, manchette fr wrote:
>
> Hello,
>
> how do you choose the windows authentification ? When i click on the
> opensuse 11.4 homes share nothing is asked for (no id, nor password) .
>
>
manchette fr;
By default Windows will send the Windows login name and associated password when
accessing network shares (or network computers). You can ask Windows to pass a
different name/password on a per server basis. With Samba3 you can use the
smbusers file (Opensuse uses /etc/samba/smbusers by default) to map a Windows
username to a linux user name. To use this file add the following parameter
to the [Global] section of /etc/samba/smb.conf.
username map = /etc/samba/smbusers
Note: username map file could have any name, not just smbusers, but you need to
adjust the “username map” parameter to point to this file.
The password you set with smbpasswd should agree with your Windows password; it
need not agree with your linux password.
A username map is particularly helpful when the Windows username has white
spaces( i.e. “manchette fr” rather than say “manchettefr”.) I seems that nearly
all our non domain Windows users seem to have spaces in their username and need
to be mapped to a valid linux name.
where have i disabled the homes share ? with the ash for valid users ?
it’s not that i’m willing something insecure, at the opposit, but i’d like something where the seven user accesses suse pc easily (even though i do not have really sensitive data in home )
shall i had username map = /etc/samba/smbusers to the smb.conf, and then erase the user ( sudo smbpasswd -x fabrice) then re add it with windows password (??)
You should take the property “guest ok = yes” out of the [homes] stanza because the [homes] share is programmed to reveal the individual /homes/xxx to the named individual owners (so they can’t be unnamed guests).
i erased guest ok = yes in homes
i also added the username map line in the global part of the smb.conf.
I’m not sure to understand how works /etc/samba/smbusers and username map parameter.
Are the user and password supposed to be the same than the ones on windows ? (You said the password is supposed to be the same than in windows)
On Tue August 30 2011 03:46 pm, manchette fr wrote:
>
> ok,
>
> i erased guest ok = yes in homes
> i also added the username map line in the global part of the smb.conf.
>
> I’m not sure to understand how works /etc/samba/smbusers and username
> map parameter.
> Are the -user- and password supposed to be the same than the ones on
> windows ? (You said the password is supposed to be the same than in
> windows)
>
>
manchette fr;
The Windows and Samba/Linux Usernames need to agree, at least after the map. If
your Windows Username does not agree with the Samba/Linux user name the
username map file can be used to make the Windows username agree with a
Samba/Linux username.
The Windows password should agree with your Samba password (the one you set
with “smbpasswd”.) This Samba password need NOT be the same as your Linux
login password.
If you want to see how authorizations are being applied by Samba, add this
parameter to the [Global] section of /etc/samba/smb.conf:
log level = 1 auth:3
You can now look in /var/log/samba/log.smbd. (This assumes you did not change
the log file in smb.conf.) Once you are satisfied everything is working as you
wish, remove or comment out the above parameter
–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
in seven i have john as a user, and fabrice in suse.
I added fabrice + john’s password in samba.
But still seven can’t acces the homes share. Why isn’t seven asking for ID and password when os x is ? (from os x i enter the home and homes share using fabrice + john’s password, which looks ok for it’s the content of /etc/samba/smbusers).
my smb.conf :
> cat /etc/samba/smb.conf
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
# Date: 2011-03-01
[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
# logon path = \\%L\profiles\.msprofile
# logon home = \\%L\%U\.9xprofile
# logon drive = P:
usershare allow guests = Yes
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
domain logons = No
domain master = No
netbios name = os114
security = user
wins support = No
name resolve order = bcast host lmhosts wins
local master = yes
preferred master = yes
os level = 65
username map = /etc/samba/smbusers
[homes]
comment = Home Directories
# valid users = %S, %D%w%S
path = /home/fabrice
browseable = Yes
read only = No
inherit acls = Yes
[home]
guest only = Yes
inherit acls = Yes
path = /home/fabrice
read only = No
## Share disabled by YaST
# [profiles]
# comment = Network Profiles Service
# path = %H
# read only = No
# store dos attributes = Yes
# create mask = 0600
# directory mask = 0700
## Share disabled by YaST
# [users]
# comment = All users
# path = /home
# read only = No
# inherit acls = Yes
# veto files = /aquota.user/groups/shares/
## Share disabled by YaST
# [groups]
# comment = All groups
# path = /home/groups
# read only = No
# inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
## Share disabled by YaST
# [netlogon]
You make the address \servername\username (not \servername\homes)
I would uncomment the valid users for added security, but it’s not mandatory, you can leave it commented and it should still work.
i was just clicking on the shares : [homes] and [home] , and while you do so for [homes] only \OS114 is used … (i saw this after a while ) , how come i’ve got no clue. WIndows never asks for IDs but answers the share can’t be found.
when i enter manually a path : \os114\fabrice then windows is asking for id and password and as i’m able to provide them i can enter it . This is a good point
I guess this is the equivalent of the [home] share.
i still don’t get why clicking on the [homes] share is ko. Is not the [homes] share supposed to link to the home of the user ? (/home/fabrice) .
Which path shall i enter then (if different than \os114\fabrice) ?
Why is windows not able to ask for id and password when clicking on the [homes] share ?
I have duplicated your stanzas for [home] and [homes] like this:
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = Yes
read only = No
inherit acls = Yes
[home]
######guest only = Yes {guest only doesn't work}
inherit acls = Yes
path = /home/john
read only = No
From windows 7 I see shares called john, home and homes. The share “john” is autogenerated by the [homes]stanza. If you set “browseable = no” then this duplication/ambiguity will go away. Ordinarily this address \servername\john" will trigger the first recognoition of “john” and windows 7 will remember it and automatically present it in the future.
You’ve got duplication and confusion from the similarity betweed the stanzas and behaviour for [home] and [homes] plus the extra ambiguity of having “browseable = yes”. I’d just have only this:
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
and address it as \os114\fabrice or \os114\any_linux_login_username
On Wed August 31 2011 04:36 am, manchette fr wrote:
>
> in seven i have john as a user, and fabrice in suse.
> I added fabrice + john’s password in samba.
>
> But still seven can’t acces the homes share. Why isn’t seven asking for
> ID and password when os x is ? (from os x i enter the home and homes
> share using fabrice + john’s password, which looks ok for it’s the
> content of /etc/samba/smbusers).
>
> my smb.conf :
>
>
> Code:
> --------------------
<snip>
>
>
>
> [homes]
> comment = Home Directories
> # valid users = %S, %D%w%S
path = /home/fabrice
> browseable = Yes
> read only = No
> inherit acls = Yes
>
manchette fr;
As Swerdna has told you do not use a path statement in the [homes] section.
You also need to add a line to /etc/samba/smbusers of the form:
!fabrice = john WORKGROUP\john
(In a workgroup setting the last entry “WORKGROUP\john” is not technically
needed but it does no harm and my prove useful in the future.)
The directory fabrice should appear in “Network” as a share of the server
os114. Remember that Windows will send your username,password when it
accesses os114 as its default action.
As Windows 7 no longer defaults to the older style windows networking, you may
need to configure Windows 7 a tad. See this HowTo if you have not done so
already: http://opensuse.swerdna.org/susesambawin7.html
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
