Hello Everyone! I've spent quite a bit trying to get these shares to work just right. I'll past the output of my smb.conf at the end of this message. If anyone has any advice on this, that would be great. My first problem is that I'm trying to sync up my /etc/passwd with the /etc/samba/smbpasswd file. (I'm using Mandrake 9.0 and Samba 2.2.6-1.0.pre2.2.mdk. Mandrake puts the smbpasswd file in the /etc/samba directory. When I do this command cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd It does create a smbpasswd file. However, then None of the users can log in to the shares. I can log into the win98 client, and then see the user's home directory, the care directory, and the public directory but can't log in to them. I've also tried to create the smbpasswd file with webmin, but that doesn't seem to work either, it gives me three options: For newly created users, set the password to 1. no password, 2. account locked, 3. use this password What if I want the same password as the linux password? argh! The only way I can log into the shares is to actually create an individual password using smbpasswd -a username. What am I missing? I know I have successfully done this in the past? When I do create the password with smbpasswd, I can log in, see the shares, and actually log in, but Ihave to enter in the password again to access the shares. Should I have to log in twice? Sorry for the double questions, Any advice would be very much appreciated. Thanks, Bob # Global parameters [global] workgroup = PARADISE netbios name = SERVER server string = Linux Server %v interfaces = 127.0.0.1, 192.168.0.254 hosts allow = 192.168.0. security = SHARE encrypt passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n unix password sync = Yes log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = lpstat dns proxy = No printing = cups wins support = yes os level = 65 local master = yes domain master = yes preferred master = yes [homes] comment = Home Directory read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 guest ok = Yes printable = Yes print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpstat -o %p lprm command = cancel %p-%j browseable = No [public] comment = Public Directory path = /home/samba/public write list = @staff guest ok = No read only = No [care] comment = Careware Data path = /home/samba/careware valid users = sara, jim, bob read only = No browseable = Yes
On Sun, 5 Jan 2003, Bob wrote:> Hello Everyone! > > I've spent quite a bit trying to get these shares to work just right. > I'll past the output of my smb.conf at the end of this message. If > anyone has any advice on this, that would be great. > > My first problem is that I'm trying to sync up my /etc/passwd with the > /etc/samba/smbpasswd file. (I'm using Mandrake 9.0 and Samba > 2.2.6-1.0.pre2.2.mdk. Mandrake puts the smbpasswd file in the /etc/samba > directory. When I do this command > > cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswdDid you then also set a password in smbpasswd for each user? Use 'smbpasswd 'username' to add the password. You can use the same password for both the Linux system and for samba, but since you are using encrypted passwords you do need to have both password records in place. One in your smbpasswd file and the other in /etc/passwd (/etc/shadow). - John T.> > It does create a smbpasswd file. However, then None of the users can log > in to the shares. I can log into the win98 client, and then see the > user's home directory, the care directory, and the public directory but > can't log in to them. > > I've also tried to create the smbpasswd file with webmin, but that > doesn't seem to work either, it gives me three options: For newly > created users, set the password to 1. no password, 2. account locked, 3. > use this password > > What if I want the same password as the linux password? argh! > > The only way I can log into the shares is to actually create an > individual password using smbpasswd -a username. > > What am I missing? I know I have successfully done this in the past? > > > When I do create the password with smbpasswd, I can log in, see the > shares, and actually log in, but Ihave to enter in the password again to > access the shares. Should I have to log in twice? > > Sorry for the double questions, Any advice would be very much appreciated. > > Thanks, > > Bob > > # Global parameters > [global] > workgroup = PARADISE > netbios name = SERVER > server string = Linux Server %v > interfaces = 127.0.0.1, 192.168.0.254 > hosts allow = 192.168.0. > security = SHARE > encrypt passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n > unix password sync = Yes > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = lpstat > dns proxy = No > printing = cups > wins support = yes > os level = 65 > local master = yes > domain master = yes > preferred master = yes > > [homes] > comment = Home Directory > read only = No > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > create mask = 0700 > guest ok = Yes > printable = Yes > print command = lpr-cups -P %p %s > # using cups own drivers (use generic PostScript on clients). > lpq command = lpstat -o %p > lprm command = cancel %p-%j > browseable = No > > [public] > comment = Public Directory > path = /home/samba/public > write list = @staff > guest ok = No > read only = No > > [care] > comment = Careware Data > path = /home/samba/careware > valid users = sara, jim, bob > read only = No > browseable = Yes > > > >-- John H Terpstra Email: jht@samba.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1> Message: 22 > Date: Sun, 5 Jan 2003 08:21:49 -0800 > From: "Bob" <Bob@yellowbugcomputers.com> > Reply-To: <Bob@yellowbugcomputers.com> > To: <samba@lists.samba.org> > Subject: [Samba] mksmbpasswd.sh and passwd sync problems... > > Hello Everyone! > > I've spent quite a bit trying to get these shares to work just right. > I'll past the output of my smb.conf at the end of this message. If > anyone has any advice on this, that would be great. >> My first problem is that I'm trying to sync up my /etc/passwd with the > /etc/samba/smbpasswd file. (I'm using Mandrake 9.0 and Samba > 2.2.6-1.0.pre2.2.mdk.There have been security updates to 2.2.7, but you may want to wait a bit for 2.2.7a ...> Mandrake puts the smbpasswd file in the > /etc/samba directory. When I do this command > > cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd > > It does create a smbpasswd file. However, then None of the users can > log in to the shares. I can log into the win98 client, and then see > the user's home directory, the care directory, and the public > directory but can't log in to them.This command only makes an empty smbpassd file, which really serves no purpose, you may as well just do: # smbpasswd -a <user> for each user Why? The linux and windows password hashes are incompatible, the only way to derive one from the other is to brute-force them. This is the whole reason for the smbpasswd file.> > I've also tried to create the smbpasswd file with webmin, but that > doesn't seem to work either, it gives me three options: > For newly created users, set the password to 1. no password, 2. > account locked, 3. use this password > > What if I want the same password as the linux password? argh!You could use something like pam_smbpass so that if the linux password is changed, that the samba password is also changed. Or, set it to a known value and let the users change the samba password from windows. Or authenticate all other linux services via pam_smb or pam_winbind ....> > The only way I can log into the shares is to actually create an > individual password using smbpasswd -a username. > > What am I missing? I know I have successfully done this in the past?You might want to tell us how ... unless it was using clear-text passwords and hacking the registry on all the clients, and not being able to do domain logons at all.> > > When I do create the password with smbpasswd, I can log inLog in how. Please be clear. Was this into windows? Which version? , see the> shares, and actually log inAgain, log in where?>, but Ihave to enter in the password again > to access the shares. Should I have to log in twice?No, you shouldn't be prompted for a password on connecting to a samba server using encrypted passwords if the username and password on the client (what the user logged into windows with) match that of the server> > Sorry for the double questions, Any advice would be very muchappreciated.> > Thanks, > > Bob > > # Global parameters > [global] > workgroup = PARADISE > netbios name = SERVER > server string = Linux Server %v > interfaces = 127.0.0.1, 192.168.0.254 > hosts allow = 192.168.0. > security = SHARE^^^^^^^^^^^^^^^^ You really should use 'security=user' here IMHO.> encrypt passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n*ReType*new*UNIX*password* %n\n> unix password sync = Yes > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = lpstat > dns proxy = No > printing = cups > wins support = yes > os level = 65 > local master = yes > domain master = yes > preferred master = yes > > [homes] > comment = Home Directory > read only = No > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > create mask = 0700 > guest ok = Yes > printable = Yes > print command = lpr-cups -P %p %s > # using cups own drivers (use generic PostScript on clients). > lpq command = lpstat -o %p > lprm command = cancel %p-%j > browseable = No > > [public] > comment = Public Directory > path = /home/samba/public > write list = @staff > guest ok = No > read only = No > > [care] > comment = Careware Data > path = /home/samba/careware > valid users = sara, jim, bob > read only = No > browseable = Yes- -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+GaEhrJK6UGDSBKcRAunTAJ9TvTfe9961Sl/qERIZnZ8hGw+NWACgv6SQ LexfbQUKJ+89Bcc2ibZm9bc=J3gY -----END PGP SIGNATURE-----