I'm sorry for asking a question which has been asked so many times
before, but I can't seem to find the answer...
How do I get to access my home directory on a Linux server running
Samba from a Windows XP client?
I'm getting "NT MD4 password check failed" in the log file even
though
the Windows client is listed in hosts.equiv. More information
below...
I have a small home network consisting of a Linux (SuSE 10.0) server
and two Windows XP clients. Since I can't get things working
properly, I've added log level = 10 to my smb.conf.
The two users on my network are my wife and myself.
I want to map drive H (for home :)) on the Windows clients to the home
directory on the Linux server. So, I have a standard [homes] section
in my smb.conf.
Both of the accounts on the clients have a capitalized first letter
and the Linux usernames are all lowercase. So, I have added the
usernames to /etc/samba/smbusers so that the Windows username will map
properly to the Linux usernames. This seems to be working properly:
[2005/11/17 11:37:29, 10] lib/username.c:user_in_list(583)
user_in_list: checking user Vince in list
[2005/11/17 11:37:29, 10] lib/username.c:user_in_list(587)
user_in_list: checking user |Vince| against |Vince|
[2005/11/17 11:37:29, 3] lib/username.c:map_username(212)
Mapped user Vince to vince
Neither of our accounts on the Windows XP clients have passwords. We
just use the Welcome screen and click on our names. So, I have added
the host names to /etc/hosts.equiv and added hosts equiv /etc/hosts.equiv to
smb.conf so that, when the client tries to connect
to the server it shouldn't need to provide a password to go with the
username. This is the part that doesn't seem to be working:
[2005/11/17 11:37:29, 9] passdb/passdb.c:pdb_update_autolock_flag(2333)
pdb_update_autolock_flag: Account vince not autolocked, no check needed
[2005/11/17 11:37:29, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
ntlm_password_check: Checking NT MD4 password
[2005/11/17 11:37:29, 3] libsmb/ntlm_check.c:ntlm_password_check(344)
ntlm_password_check: NT MD4 password check failed for user vince
Does anyone know the solution to this problem?
Thank you,
Vince Aggrippino
vaggrippino@gmail.com
hi,
check the permission settings on the share or the home directory,
Check your global settings:
logon home = \\%L\%U\.profile
logon drive = H:
and the permissions on the share:
[homes]
comment = Home Directories
valid users = %U
writeable = yes
browseable = no
read only = no
guest ok = no
printable = no
and it can only be mapped automatically if your PC is the domain
member else you have to go to run and type "\\samba server name" and
see
whether you are able to see your home directory.
I used to have this error if the smbpassword is different from the
Linux Local user password.
Vincente Aggrippino wrote:
>I'm sorry for asking a question which has been asked so many times
>before, but I can't seem to find the answer...
>
>How do I get to access my home directory on a Linux server running
>Samba from a Windows XP client?
>
>I'm getting "NT MD4 password check failed" in the log file
even though
>the Windows client is listed in hosts.equiv. More information
>below...
>
>I have a small home network consisting of a Linux (SuSE 10.0) server
>and two Windows XP clients. Since I can't get things working
>properly, I've added log level = 10 to my smb.conf.
>
>The two users on my network are my wife and myself.
>
>I want to map drive H (for home :)) on the Windows clients to the home
>directory on the Linux server. So, I have a standard [homes] section
>in my smb.conf.
>
>Both of the accounts on the clients have a capitalized first letter
>and the Linux usernames are all lowercase. So, I have added the
>usernames to /etc/samba/smbusers so that the Windows username will map
>properly to the Linux usernames. This seems to be working properly:
>
>[2005/11/17 11:37:29, 10] lib/username.c:user_in_list(583)
> user_in_list: checking user Vince in list
>[2005/11/17 11:37:29, 10] lib/username.c:user_in_list(587)
> user_in_list: checking user |Vince| against |Vince|
>[2005/11/17 11:37:29, 3] lib/username.c:map_username(212)
> Mapped user Vince to vince
>
>
>Neither of our accounts on the Windows XP clients have passwords. We
>just use the Welcome screen and click on our names. So, I have added
>the host names to /etc/hosts.equiv and added hosts equiv
>/etc/hosts.equiv to smb.conf so that, when the client tries to connect
>to the server it shouldn't need to provide a password to go with the
>username. This is the part that doesn't seem to be working:
>
>[2005/11/17 11:37:29, 9] passdb/passdb.c:pdb_update_autolock_flag(2333)
> pdb_update_autolock_flag: Account vince not autolocked, no check needed
>[2005/11/17 11:37:29, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
> ntlm_password_check: Checking NT MD4 password
>[2005/11/17 11:37:29, 3] libsmb/ntlm_check.c:ntlm_password_check(344)
> ntlm_password_check: NT MD4 password check failed for user vince
>
>
>Does anyone know the solution to this problem?
>
>Thank you,
> Vince Aggrippino
> vaggrippino@gmail.com
>
>
--
Pavan Krishna L
Systems Administrator
Diversity Arrays Technology Pty Ltd
Ph: +61 2 6281 8512
Fax: +61 2 6281 8533
Mob: +61 423 411 281
Pavan:
Thank you for your response. I did my homework before posting my
question :)
please read below...
On 11/17/05, Pavan krishna <p.krishna@diversityarrays.com>
wrote:>
> hi,
>
> check the permission settings on the share or the home directory,
My home directory permissions are 0755. It's my home directory, if I
didn't have the necessary permissions, I wouldn't even be able to log
on to the Linux server directly.
>
> Check your global settings:
> logon home = \\%L\%U\.profile
I do have this line in my global settings, but it doesn't have
anything to do with authentication or permissions. This is only used
if I do something equivalent to NET USE H: /HOME.
> logon drive = H:
This is only useful if Samba is set up as a login server.
If you log on to a domain and the logon server is a Samba server, then
this drive will already be mapped. Then, if you open a command prompt
window, you will be in this drive by default.
>
> and the permissions on the share:
> [homes]
> comment = Home Directories
> valid users = %U
Actually, the documentation recommends valid users = %S.
The difference in my case is that %U would resolve to valid users Vince, but %S
would resolve to valid users = vince.
%U would definitely fail in my case because my session username does
not match the name of the current service. Note that in the case of
the special [homes] section, the share (or service) name is changed
from homes to the located username.
I commented this out completely so that anyone can log in. Maybe this
is a security problem, but it's a good step for troubleshooting
because it ensures that I'm not prevented from accessing a share by a
mistaken user name.
> writeable = yes
I have the inverse of this: read only = no
> browseable = no
> read only = no
This is redundant. read only = no is the same as writeable = yes
> guest ok = no
> printable = no
I don't have these set, but they're the defaults, so it works out the
same way.
>
> and it can only be mapped automatically if your PC is the domain
> member else you have to go to run and type "\\samba server name"
and see
> whether you are able to see your home directory.
There is no domain. This is a workgroup. Please keep in mind that
this whole network is just three computers, including the server.
At this point, all I'm trying to do is see the share by typing \\home.
When I'm able to do that without being presented with a username and
password prompt, I'll be able to have it mapped automatically by
checking the box on the Windows client that says "Reconnect at logon".
If it was working the way I understand it should, then Samba would
identify my computer as one found in the hosts equiv file and identify
my username, Vince, with vince from my username map file.
It shouldn't try to check the password at all because of the hosts
equiv match, but it's trying to check the password. Since windows is
sending a username without a password, or with a blank password, the
password check is failing.
home is the name of my server.
The DNS is working because I can ping home from the Windows clients
and get good replies.
> I used to have this error if the smbpassword is different from the
> Linux Local user password.
When I try to access \\home, I'm presented with a username and
password prompt. If I type my username (lowercase "vince") and
password as it is for my Linux account on the server, then I have
access to the shares without difficulty.
So, I'm trying to get around typing that username and password, if
possible. It should be possible, unless I'm misunderstanding the
documentation.
Thanks,
Vince
On Thu, 2005-11-17 at 13:11 +0800, Vincente Aggrippino wrote:> I'm sorry for asking a question which has been asked so many times > before, but I can't seem to find the answer... > > How do I get to access my home directory on a Linux server running > Samba from a Windows XP client? > > I'm getting "NT MD4 password check failed" in the log file even though > the Windows client is listed in hosts.equiv. More information > below...> Neither of our accounts on the Windows XP clients have passwords. We > just use the Welcome screen and click on our names. So, I have added > the host names to /etc/hosts.equiv and added hosts equiv > /etc/hosts.equiv to smb.conf so that, when the client tries to connect > to the server it shouldn't need to provide a password to go with the > username. This is the part that doesn't seem to be working:hosts.equiv isn't really supported in Samba3. I removed the main option in the smb.conf, and hid the functionality in an auth module that nobody used (I know, because nobody reported the segfault bug in it...).> [2005/11/17 11:37:29, 9] passdb/passdb.c:pdb_update_autolock_flag(2333) > pdb_update_autolock_flag: Account vince not autolocked, no check needed > [2005/11/17 11:37:29, 4] libsmb/ntlm_check.c:ntlm_password_check(326) > ntlm_password_check: Checking NT MD4 password > [2005/11/17 11:37:29, 3] libsmb/ntlm_check.c:ntlm_password_check(344) > ntlm_password_check: NT MD4 password check failed for user vince > > > Does anyone know the solution to this problem?Seting a null password on the accounts should do what you want. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20051117/05579bda/attachment.bin
Reasonably Related Threads
- smb_ldap_setup_connection failed with blank user Password
- samba 3.0.x / roaming profiles / NT MD4 problems
- samba bad password count reset between logins (not loaded from login_cache.tdb)
- smbclient with lanman auth=no unable to connect
- Cannot access Samba 4 via old Windows CE