Hi folks, I'm having a strange problem with a client for whom I've set up Samba (2.0.7 - packages samba-common-2.0.7-18mdk & samba-2.0.7-18mdk) on a server with Linux-Mandrake 7.2. The client uses both Win95 and Win98 workstations. The problem is that there appears to be no password checking at all, i.e a user with a valid login (i.e. a user in /etc/smbuser) can login without a password or even with a wrong one. They can cancel out of the subsequent Windows Logon, but still get their proper [homes] share and other network drive mappings (using a batch file in the [netlogon] share). Has anyone ever seen this before?? I have implemented roaming profiles, and am using domain logins. Note, all smbusers are members of unix group "staff". Could this be a shadow passwords issue? Pam?? I've used Webmin to synchronise the smbpasswd file to the /etc/passwd file. My /etc/smb.conf file is below for reference (note, I've commented out options I tried to see if they'd change the situation, but which didn't make a difference) Thanks for any insight anyone might be able to provide. Regards, Dave Lane --------- /etc/smb.conf ------------------ # Samba config file created using SWAT # from UNKNOWN (0.0.0.0) # Date: 2001/04/30 16:47:07 # Global parameters [global] netbios name = SERVER server string = File Server interfaces = eth0 bind interfaces only = Yes encrypt passwords = Yes # unix password sync = Yes debug level = 5 log file = /var/log/samba/log.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon script = netlogon.bat logon home = /home/%U domain logons = Yes # preferred master = Yes domain master = Yes comment = Linux Server running Samba # guest account = ftp # valid users = @staff # read list = @staff # write list = @staff oplocks = No # null passwords = No [netlogon] path = /home/netlogon [homes] comment = Home Directories writeable = Yes [printers] comment = All Printers path = /var/spool/samba printable = Yes [share] path = /home/share writeable = Yes create mask = 0777 directory mask = 0777 [apps] path = /home/apps writeable = Yes create mask = 0777 directory mask = 0777 [mail] path = /home/mail writeable = Yes create mask = 0733 directory mask = 0733 [backup] comment = share for backup of user data path = /home/sambadirs -- ********************************************************************* * David Lane, Director www.egressive.co.nz | dlane@egressive.co.nz * * Linux: it just tastes better. Christchurch, New Zealand * *********************************************************************
Sorry to respond to this myself, but I've found my problem with users able to login without (or with incorrect) passwords... When I use Webmin's (version 0.80 w/ Linux-Mandrake) Samba module to "Convert Users" from being listed only in the /etc/passwd file to being listed also in the /etc/smbpasswd file, there is an option "For newly created users, set password to: X - no password o - account locked o - use this password _______________ And, by default, it would seem, "no password" is selected. This means that any new user added to smbpasswd from /etc/passwd automatically gets the "no password" option, leading to the problem I encountered. This may be changed in more recent versions of Webmin (www.webmin.com). By simply re-entering the user passwords (either through smbpasswd on the command line or through the Samba Users screen in Webmin), I was able to set the proper passwords, which forces users to enter them properly. Sorry for the trouble - hope this helps someone else! Thanks for a great application that has been very important to my business. I'm looking forward to implementing my first Samba 2.2.x installation in the next week or so. Regards, Dave -- ********************************************************************* * David Lane, Director www.egressive.co.nz | dlane@egressive.co.nz * * Linux: it just tastes better. Christchurch, New Zealand * *********************************************************************