have a server here running opensuse 11.3 that I need to access via network using samba.
Samba is working so far and I can ping the serve and browse the shares from windows (WinXP) computers; but only via the IP.
Now I’ve read up on samba on this forum and other sources, like the official samba documentation and compared my smb.conf with an older one on another server which works (and even copied this one over to the new one) - to no avail.
I seem to be missing something and I just can’t find it.
Since the problem is probably not in the smb.conf (previously working one doesn’t work on new server) - where else could I have screwed up?
Are you trying to connect to samba with opensuse 11.3?
If you are then go to Yast and look at your firwall settings, under Allowed Services. You might have to put the allowed services in for samba client and samba server, that will open up a port in you firewall so you can see samba.
>
> Actually I’m trying to connect a Win computer to a samba share on a Suse
> 11.3 server - firewall is disabled.
>
>
rekcebC;
Name resolution in Samba is carried out by nmbd. Make sure nmbd is running.
su
rcnmb status
If it is not started go to YaST>System>System Services (Runlevel) and set the
service to run at boot.
Then make sure that the allowed service in the firewall include the Netbios
server (nmbd)
The default value of name resolution is a bit unfriendly so add, if not
included, to /etc/samba/smb.conf the following parameter:
name resolve order = bcast host lmhosts
You will most likely want bcast in first position.
If these modifications do not help, please post the contents
of /etc/samba/smb.conf. You can conceal any sensitive information (public
IPs etc.) with substitute values.
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
Nmbd and smbd are both running. As I said, firewall is off; I added the samba server and nmbd to the exception list nevertheless (changes nothing, however, which is exactly what I expected).
I also added “name resolve oder = bcast host lmhosts” to smb.conf, again to no avail.
The smb.conf is as follows (please note that this is the one I copied over from the other server, where it works)
[global]
workgroup = WORKGROUP
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = S:
usershare allow guests = No
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
domain logons = No
domain master = No
security = user
netbios name = WORKGROUP
name resolve order = bcast host lmhosts
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
[samba]
comment = Datenordner
inherit acls = Yes
path = /srv
read only = No
## Share disabled by YaST
# [netlogon]
[share]
guest ok = Yes
inherit acls = No
path = /srv/Share
read only = No
share modes = Yes
username = Customer
[123]
guest ok = Yes
inherit acls = No
path = /home/123
read only = No
share modes = Yes
username = Customer
[share1]
guest ok = Yes
inherit acls = No
path = /srv/Share1
read only = No
share modes = Yes
username = Customer
Admittedly, I don’t really know why the person who set this up chose “WORKGROUP” as the netbios name - nevertheless, it works on the old server (and I tried changing the value to “SERVER” (which is the name the logon script of the DOS Shell on the Windows machine tries to connect to), which again did nothing)
Moreover, this seems to be a smb.conf that has mainly been written by Yast and which contains a lot of unneeded stuff. A simple smb.conf which just allows any connected user read/write access to the two shares /srv/share and /srv/share1 and identifies in a Windows network as SERVER would be enough.
Security is not an issue here.
I already did this but again name resolution did not work.
Using testparm I verified that this conf was valid, but I do get some warning:
“rlimit_max (1024) is below minimum Windows limit (16384)”
Unfortunately I found no place where I could change this and honestly I don’t think this has anything to do with name resolution. If it is the cause of my problem, please tell me where I can set this value.
>
> Hello,
>
> thank you for your input.
>
> Nmbd and smbd are both running. As I said, firewall is off; I added the
> samba server and nmbd to the exception list nevertheless (changes
> nothing, however, which is exactly what I expected).
>
> I also added “name resolve oder = bcast host lmhosts” to smb.conf,
> again to no avail.
>
> The smb.conf is as follows (please note that this is the one I copied
> over from the other server, where it works)
>
>
> Code:
> --------------------
>
>
> [global]
> workgroup = WORKGROUP
> printing = cups
> printcap name = cups
> printcap cache time = 750
> cups options = raw
> map to guest = Bad User
> include = /etc/samba/dhcp.conf
> logon path = \%L\profiles.msprofile
> logon home = \%L%U.9xprofile
> logon drive = S:
> usershare allow guests = No
> add machine script = /usr/sbin/useradd -c
Machine -d /var/lib/nobody -s /bin/false %m$
> domain logons = No
> domain master = No
> security = user
> netbios name = WORKGROUP
> name resolve order = bcast host lmhosts
> [homes]
> comment = Home Directories
> valid users = %S, %D%w%S
> browseable = No
> read only = No
> inherit acls = Yes
> [profiles]
> comment = Network Profiles Service
> path = %H
> read only = No
> store dos attributes = Yes
> create mask = 0600
> directory mask = 0700
> [users]
> comment = All users
> path = /home
> read only = No
> inherit acls = Yes
> veto files = /aquota.user/groups/shares/
> [groups]
> comment = All groups
> path = /home/groups
> read only = No
> inherit acls = Yes
> [printers]
> comment = All Printers
> path = /var/tmp
> printable = Yes
> create mask = 0600
> browseable = No
> [print$]
> comment = Printer Drivers
> path = /var/lib/samba/drivers
> write list = @ntadmin root
> force group = ntadmin
> create mask = 0664
> directory mask = 0775
>
> [samba]
> comment = Datenordner
> inherit acls = Yes
> path = /srv
> read only = No
>
> ## Share disabled by YaST
> # [netlogon]
>
> [share]
> guest ok = Yes
> inherit acls = No
> path = /srv/Share
> read only = No
> share modes = Yes
> username = Customer
>
> [123]
> guest ok = Yes
> inherit acls = No
> path = /home/123
> read only = No
> share modes = Yes
> username = Customer
>
> [share1]
> guest ok = Yes
> inherit acls = No
> path = /srv/Share1
> read only = No
> share modes = Yes
> username = Customer
>
>
>
> --------------------
>
>
> Admittedly, I don’t really know why the person who set this up chose
> “WORKGROUP” as the netbios name - nevertheless, it works on the old
> server (and I tried changing the value to “SERVER” (which is the name
> the logon script of the DOS Shell on the Windows machine tries to
> connect to), which again did nothing)
>
> Moreover, this seems to be a smb.conf that has mainly been written by
> Yast and which contains a lot of unneeded stuff. A simple smb.conf which
> just allows any connected user read/write access to the two shares
> /srv/share and /srv/share1 and identifies in a Windows network as SERVER
> would be enough.
> Security is not an issue here.
> I already did this but again name resolution did not work.
>
> Using testparm I verified that this conf was valid, but I do get some
> warning:
> “rlimit_max (1024) is below minimum Windows limit (16384)”
> Unfortunately I found no place where I could change this and honestly I
> don’t think this has anything to do with name resolution. If it is the
> cause of my problem, please tell me where I can set this value.
>
> Regadrs
> Christian
>
>
Christian;
You have the workgroup parameter and the netbios name both set to WORKGROUP.
This is a name conflict. The workgroup parameter must be the same as the
name of the workgroup on your windows machines, the netbios name should be a
different value. By default the netbios name will be the same as the host
name, truncated to 15 characters if needed. Just use a netbios name of less
than 15 characters or let it use the default. You will want to restart smbd
and nmbd after making those changes. Note that testparm only checks syntax
not semantics. You might find it helpful to read this HowTo by Swerdna: http://opensuse.swerdna.org/suselanprimer.html
One other point. For broadcasts to work all of your workgroup computers need
to be on the same subnet (e.g. 192.168.0.0/24). If this is not the case you
either need to run a WINS server and point the Windows machine to the IP of
you WINS server or configure the lmhosts file on all your machines. (In this
later case you will want to move lmhosts to first position in your name
resolve parameter.)
–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
I’m pretty sure broadcasts work only on the same physical network segment(behind the same router(s)) generally, not the same logical NetworkID. The diff would only be in situations where multiple logical networks would be configured and some might be overlapping or promiscuous. In other words, broadcasts will be heard by all hosts on the physical segment but will <generally> but not always be ignored by any machine’s network card that isn’t configured with the same NetworkID.
If you choose to use LMhosts files, a good thing to know is that most DHCP will support distributing the file to all clients along with the usual network configuration (if you don’t want to support a WINS). Typically the order the order of client machine name resolution can also be set by DHCP, AFAIK that shouldn’t be specific to OS.