I'm sorry for asking a question which has been asked so many times before, but I can't seem to find the answer... How do I get to access my home directory on a Linux server running Samba from a Windows XP client? I'm getting "NT MD4 password check failed" in the log file even though the Windows client is listed in hosts.equiv. More information below... I have a small home network consisting of a Linux (SuSE 10.0) server and two Windows XP clients. Since I can't get things working properly, I've added log level = 10 to my smb.conf. The two users on my network are my wife and myself. I want to map drive H (for home :)) on the Windows clients to the home directory on the Linux server. So, I have a standard [homes] section in my smb.conf. Both of the accounts on the clients have a capitalized first letter and the Linux usernames are all lowercase. So, I have added the usernames to /etc/samba/smbusers so that the Windows username will map properly to the Linux usernames. This seems to be working properly: [2005/11/17 11:37:29, 10] lib/username.c:user_in_list(583) user_in_list: checking user Vince in list [2005/11/17 11:37:29, 10] lib/username.c:user_in_list(587) user_in_list: checking user |Vince| against |Vince| [2005/11/17 11:37:29, 3] lib/username.c:map_username(212) Mapped user Vince to vince Neither of our accounts on the Windows XP clients have passwords. We just use the Welcome screen and click on our names. So, I have added the host names to /etc/hosts.equiv and added hosts equiv /etc/hosts.equiv to smb.conf so that, when the client tries to connect to the server it shouldn't need to provide a password to go with the username. This is the part that doesn't seem to be working: [2005/11/17 11:37:29, 9] passdb/passdb.c:pdb_update_autolock_flag(2333) pdb_update_autolock_flag: Account vince not autolocked, no check needed [2005/11/17 11:37:29, 4] libsmb/ntlm_check.c:ntlm_password_check(326) ntlm_password_check: Checking NT MD4 password [2005/11/17 11:37:29, 3] libsmb/ntlm_check.c:ntlm_password_check(344) ntlm_password_check: NT MD4 password check failed for user vince Does anyone know the solution to this problem? Thank you, Vince Aggrippino vaggrippino@gmail.com
hi, check the permission settings on the share or the home directory, Check your global settings: logon home = \\%L\%U\.profile logon drive = H: and the permissions on the share: [homes] comment = Home Directories valid users = %U writeable = yes browseable = no read only = no guest ok = no printable = no and it can only be mapped automatically if your PC is the domain member else you have to go to run and type "\\samba server name" and see whether you are able to see your home directory. I used to have this error if the smbpassword is different from the Linux Local user password. Vincente Aggrippino wrote:>I'm sorry for asking a question which has been asked so many times >before, but I can't seem to find the answer... > >How do I get to access my home directory on a Linux server running >Samba from a Windows XP client? > >I'm getting "NT MD4 password check failed" in the log file even though >the Windows client is listed in hosts.equiv. More information >below... > >I have a small home network consisting of a Linux (SuSE 10.0) server >and two Windows XP clients. Since I can't get things working >properly, I've added log level = 10 to my smb.conf. > >The two users on my network are my wife and myself. > >I want to map drive H (for home :)) on the Windows clients to the home >directory on the Linux server. So, I have a standard [homes] section >in my smb.conf. > >Both of the accounts on the clients have a capitalized first letter >and the Linux usernames are all lowercase. So, I have added the >usernames to /etc/samba/smbusers so that the Windows username will map >properly to the Linux usernames. This seems to be working properly: > >[2005/11/17 11:37:29, 10] lib/username.c:user_in_list(583) > user_in_list: checking user Vince in list >[2005/11/17 11:37:29, 10] lib/username.c:user_in_list(587) > user_in_list: checking user |Vince| against |Vince| >[2005/11/17 11:37:29, 3] lib/username.c:map_username(212) > Mapped user Vince to vince > > >Neither of our accounts on the Windows XP clients have passwords. We >just use the Welcome screen and click on our names. So, I have added >the host names to /etc/hosts.equiv and added hosts equiv >/etc/hosts.equiv to smb.conf so that, when the client tries to connect >to the server it shouldn't need to provide a password to go with the >username. This is the part that doesn't seem to be working: > >[2005/11/17 11:37:29, 9] passdb/passdb.c:pdb_update_autolock_flag(2333) > pdb_update_autolock_flag: Account vince not autolocked, no check needed >[2005/11/17 11:37:29, 4] libsmb/ntlm_check.c:ntlm_password_check(326) > ntlm_password_check: Checking NT MD4 password >[2005/11/17 11:37:29, 3] libsmb/ntlm_check.c:ntlm_password_check(344) > ntlm_password_check: NT MD4 password check failed for user vince > > >Does anyone know the solution to this problem? > >Thank you, > Vince Aggrippino > vaggrippino@gmail.com > >-- Pavan Krishna L Systems Administrator Diversity Arrays Technology Pty Ltd Ph: +61 2 6281 8512 Fax: +61 2 6281 8533 Mob: +61 423 411 281
Pavan: Thank you for your response. I did my homework before posting my question :) please read below... On 11/17/05, Pavan krishna <p.krishna@diversityarrays.com> wrote:> > hi, > > check the permission settings on the share or the home directory,My home directory permissions are 0755. It's my home directory, if I didn't have the necessary permissions, I wouldn't even be able to log on to the Linux server directly.> > Check your global settings: > logon home = \\%L\%U\.profileI do have this line in my global settings, but it doesn't have anything to do with authentication or permissions. This is only used if I do something equivalent to NET USE H: /HOME.> logon drive = H:This is only useful if Samba is set up as a login server. If you log on to a domain and the logon server is a Samba server, then this drive will already be mapped. Then, if you open a command prompt window, you will be in this drive by default.> > and the permissions on the share: > [homes] > comment = Home Directories > valid users = %UActually, the documentation recommends valid users = %S. The difference in my case is that %U would resolve to valid users Vince, but %S would resolve to valid users = vince. %U would definitely fail in my case because my session username does not match the name of the current service. Note that in the case of the special [homes] section, the share (or service) name is changed from homes to the located username. I commented this out completely so that anyone can log in. Maybe this is a security problem, but it's a good step for troubleshooting because it ensures that I'm not prevented from accessing a share by a mistaken user name.> writeable = yesI have the inverse of this: read only = no> browseable = no > read only = noThis is redundant. read only = no is the same as writeable = yes> guest ok = no > printable = noI don't have these set, but they're the defaults, so it works out the same way.> > and it can only be mapped automatically if your PC is the domain > member else you have to go to run and type "\\samba server name" and see > whether you are able to see your home directory.There is no domain. This is a workgroup. Please keep in mind that this whole network is just three computers, including the server. At this point, all I'm trying to do is see the share by typing \\home. When I'm able to do that without being presented with a username and password prompt, I'll be able to have it mapped automatically by checking the box on the Windows client that says "Reconnect at logon". If it was working the way I understand it should, then Samba would identify my computer as one found in the hosts equiv file and identify my username, Vince, with vince from my username map file. It shouldn't try to check the password at all because of the hosts equiv match, but it's trying to check the password. Since windows is sending a username without a password, or with a blank password, the password check is failing. home is the name of my server. The DNS is working because I can ping home from the Windows clients and get good replies.> I used to have this error if the smbpassword is different from the > Linux Local user password.When I try to access \\home, I'm presented with a username and password prompt. If I type my username (lowercase "vince") and password as it is for my Linux account on the server, then I have access to the shares without difficulty. So, I'm trying to get around typing that username and password, if possible. It should be possible, unless I'm misunderstanding the documentation. Thanks, Vince
On Thu, 2005-11-17 at 13:11 +0800, Vincente Aggrippino wrote:> I'm sorry for asking a question which has been asked so many times > before, but I can't seem to find the answer... > > How do I get to access my home directory on a Linux server running > Samba from a Windows XP client? > > I'm getting "NT MD4 password check failed" in the log file even though > the Windows client is listed in hosts.equiv. More information > below...> Neither of our accounts on the Windows XP clients have passwords. We > just use the Welcome screen and click on our names. So, I have added > the host names to /etc/hosts.equiv and added hosts equiv > /etc/hosts.equiv to smb.conf so that, when the client tries to connect > to the server it shouldn't need to provide a password to go with the > username. This is the part that doesn't seem to be working:hosts.equiv isn't really supported in Samba3. I removed the main option in the smb.conf, and hid the functionality in an auth module that nobody used (I know, because nobody reported the segfault bug in it...).> [2005/11/17 11:37:29, 9] passdb/passdb.c:pdb_update_autolock_flag(2333) > pdb_update_autolock_flag: Account vince not autolocked, no check needed > [2005/11/17 11:37:29, 4] libsmb/ntlm_check.c:ntlm_password_check(326) > ntlm_password_check: Checking NT MD4 password > [2005/11/17 11:37:29, 3] libsmb/ntlm_check.c:ntlm_password_check(344) > ntlm_password_check: NT MD4 password check failed for user vince > > > Does anyone know the solution to this problem?Seting a null password on the accounts should do what you want. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20051117/05579bda/attachment.bin
Reasonably Related Threads
- smb_ldap_setup_connection failed with blank user Password
- samba 3.0.x / roaming profiles / NT MD4 problems
- samba bad password count reset between logins (not loaded from login_cache.tdb)
- smbclient with lanman auth=no unable to connect
- Cannot access Samba 4 via old Windows CE