I've been reading all over and I think I've tried everything except the right way, but I cannot seem to login to my samba server from windows. I am using Samba 3.0.33 on Linux as the server, and have Linux, windows XP, and Windows Vista clients. I am only on a home network so I don't have a need for fancy stuff, I am just setting up a means for filesharing besides ssh. I can see all of the shares from my windows clients, and shares that are guest readable I am able to read, but I cannot login to read shares that are not readable by guest or to write. I have added user 'brandon003' with smbpasswd, I try logging in with that username and the correct password but I get a message in Windows saying that I do not have permissions. My smb.conf file is a bit messy since I have been trying many different variations, but here it is: [global] workgroup = 713HOUSE netbios name = bdon-samba encrypt passwords = yes printcap name = cups load printers = yes printing = cups printcap = cups log file = /var/log/samba/log.%m max log size = 150 log level = 3 hosts allow = 192.168.0. guest account = guest713 map to guest = Bad User security = user socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Vista Compatibility client lanman auth = no client ntlmv2 auth = yes auth methods = guest wins support = yes #domain master = no [printers] comment = All Printers path = /var/spool/samba browseable = yes guest ok = yes #writable = yes read only = yes printable = yes printer admin = root,brandon003 write list = root,brandon003 public = yes [homes] read only = no browseable = no [music] path = /media/music browseable = yes public = yes write list = sftp003,brandon003 guest ok = yes [videos] path = /media/videos browseable = yes public = yes write list = sftp003,brandon003 guest ok = yes [documents] path = /media/documents browseable = yes public = yes write list = sftp003,brandon003 guest ok = no [software] path = /media/software browseable = yes public = yes write list = sftp003,brandon003 guest ok = yes *********************************************** Here is the last bit of a log file of me getting rejected: [2009/02/24 17:02:49, 3] smbd/password.c:register_vuid(304) User name: guest713 Real name: [2009/02/24 17:02:49, 3] smbd/password.c:register_vuid(325) UNIX uid 1001 is UNIX user guest713, and will be vuid 105 [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) Transaction 23 of length 90 [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) switch message SMBtconX (pid 4095) conn 0x0 [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] lib/access.c:check_access(312) check_access: no hostnames in host allow/deny list. [2009/02/24 17:02:49, 2] lib/access.c:check_access(323) Allowed connection from (192.168.0.103) [2009/02/24 17:02:49, 3] smbd/service.c:make_connection_snum(806) Connect path is '/tmp' for service [IPC$] [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(250) [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(251) se_access_check: user sid is S-1-5-21-2296279053-2380669162-4031805749-501 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-32-546 [2009/02/24 17:02:49, 3] smbd/vfs.c:vfs_init_default(95) Initialising default vfs hooks [2009/02/24 17:02:49, 3] smbd/vfs.c:vfs_init_custom(128) Initialising custom vfs hooks from [/[Default VFS]/] [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(250) [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(251) se_access_check: user sid is S-1-5-21-2296279053-2380669162-4031805749-501 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-32-546 [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (1001, 1004) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] smbd/service.c:make_connection_snum(1033) brandon-htpc (192.168.0.103) connect to service IPC$ initially as user guest713 (uid=1001, gid=1004) (pid 4095) [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] smbd/reply.c:reply_tcon_and_X(574) tconX service=IPC$ [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) Transaction 24 of length 118 [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) switch message SMBtrans2 (pid 4095) conn 0x7ff20f85c6d0 [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (1001, 1004) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] smbd/msdfs.c:get_referred_path(636) get_referred_path: |documents| in dfs path \BDON-SAMBA\documents is not a dfs root. [2009/02/24 17:02:49, 3] smbd/error.c:error_packet_set(106) error packet at smbd/trans2.c(6307) cmd=50 (SMBtrans2) NT_STATUS_NOT_FOUND [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) Transaction 25 of length 43 [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) switch message SMBulogoffX (pid 4095) conn 0x0 [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] smbd/reply.c:reply_ulogoffX(1560) ulogoffX vuid=105 [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) Transaction 26 of length 39 [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) switch message SMBtdis (pid 4095) conn 0x7ff20f85c6d0 [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:02:49, 3] smbd/service.c:close_cnum(1230) brandon-htpc (192.168.0.103) closed connection to service IPC$ [2009/02/24 17:02:49, 3] smbd/connection.c:yield_connection(69) Yielding connection to IPC$ [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:03:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:04:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:04:49, 3] smbd/process.c:check_reload(1310) Printcap cache time expired. [2009/02/24 17:04:49, 3] printing/pcap.c:pcap_cache_reload(117) reloading printcap cache [2009/02/24 17:04:49, 3] printing/pcap.c:pcap_cache_reload(223) reload status: ok [2009/02/24 17:04:49, 2] smbd/process.c:timeout_processing(1363) Closing idle connection [2009/02/24 17:04:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/02/24 17:04:49, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2009/02/24 17:04:49, 3] smbd/server.c:exit_server_common(768) Server exit (normal exit) ***************************************** Thanks for any help. Brandon
> I am using Samba 3.0.33 on Linux as the server, and have Linux, > windows XP, and Windows Vista clients.I would suggest that until you have a basic working setup that you test using a Linux client (smbclient), it doesn't have all of the fancy stuff (cached credentials, etc) that will just confuse things. Are the XP and Vista clients home/pro/business/ultimate/etc? Home is a bit quirky under some circumstances.> I have added user 'brandon003' with smbpasswd, I try logging in with > that username and the correct password but I get a message in Windows > saying that I do not have permissions.What do you mean logging in? Does the Windows machine have a user with the same name and password as the samba box? or are you prompted for credentials when browsing to the share?> My smb.conf file is a bit messy since I have been trying many > different variations, but here it is: > > [global] >Yuck, trim this back to basics. You have a lot of junk in there that you really don't need and which will just confuse matters. I just put this config file onto one of my 3.0.23 machines (yeah it's a bit outdated): [global] workgroup = foo [homes] comment = Home Directories browseable = no writable = yes [tmp] comment = Temporary file space path = /tmp read only = no public = no and then ran "smbpasswd -a mike" (where mike is a user that exists on my Vista box), set the password the same as my vista logon and it works fine. Once you have the basics, make a backup and then add things one at a time until you have all the functionality you require. *Michael Heydon - IT Administrator * michaelh@jaswin.com.au <mailto:michaelh@jaswin.com.au>
Assuming you are using a version of Windows (XP/pro, not home) that allows domain logins (accounts & passwords kept on server) then I suggest you install and use SWAT. Use the wizard to create a domain controller. Also, add and activate each user on the Password screen. Next you need to log into each Windows box using a privileged local account (e.g. administrator) and join the machine to the domain. Right-click on My Computer and select properties, then click on the Computer Name tab. Click on the "Change" button and follow the prompts. Brandon Dwiel wrote:> I've been reading all over and I think I've tried everything except > the right way, but I cannot seem to login to my samba server from > windows. I am using Samba 3.0.33 on Linux as the server, and have > Linux, windows XP, and Windows Vista clients. I am only on a home > network so I don't have a need for fancy stuff, I am just setting up a > means for filesharing besides ssh. I can see all of the shares from > my windows clients, and shares that are guest readable I am able to > read, but I cannot login to read shares that are not readable by guest > or to write. I have added user 'brandon003' with smbpasswd, I try > logging in with that username and the correct password but I get a > message in Windows saying that I do not have permissions. My smb.conf > file is a bit messy since I have been trying many different > variations, but here it is: > > [global] > > workgroup = 713HOUSE > netbios name = bdon-samba > encrypt passwords = yes > > printcap name = cups > load printers = yes > printing = cups > printcap = cups > > log file = /var/log/samba/log.%m > max log size = 150 > log level = 3 > > hosts allow = 192.168.0. > > guest account = guest713 > map to guest = Bad User > > security = user > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > # Vista Compatibility > > client lanman auth = no > client ntlmv2 auth = yes > auth methods = guest > wins support = yes > #domain master = no > > > [printers] > > comment = All Printers > path = /var/spool/samba > browseable = yes > guest ok = yes > #writable = yes > read only = yes > printable = yes > printer admin = root,brandon003 > write list = root,brandon003 > public = yes > > [homes] > > read only = no > browseable = no > > > [music] > > path = /media/music > browseable = yes > public = yes > write list = sftp003,brandon003 > guest ok = yes > > [videos] > > path = /media/videos > browseable = yes > public = yes > write list = sftp003,brandon003 > guest ok = yes > > [documents] > > path = /media/documents > browseable = yes > public = yes > write list = sftp003,brandon003 > guest ok = no > > [software] > > path = /media/software > browseable = yes > public = yes > write list = sftp003,brandon003 > guest ok = yes > > *********************************************** > Here is the last bit of a log file of me getting rejected: > > [2009/02/24 17:02:49, 3] smbd/password.c:register_vuid(304) > User name: guest713 Real name: > [2009/02/24 17:02:49, 3] smbd/password.c:register_vuid(325) > UNIX uid 1001 is UNIX user guest713, and will be vuid 105 > [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) > Transaction 23 of length 90 > [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) > switch message SMBtconX (pid 4095) conn 0x0 > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] lib/access.c:check_access(312) > check_access: no hostnames in host allow/deny list. > [2009/02/24 17:02:49, 2] lib/access.c:check_access(323) > Allowed connection from (192.168.0.103) > [2009/02/24 17:02:49, 3] smbd/service.c:make_connection_snum(806) > Connect path is '/tmp' for service [IPC$] > [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(250) > [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(251) > se_access_check: user sid is > S-1-5-21-2296279053-2380669162-4031805749-501 > se_access_check: also S-1-1-0 > se_access_check: also S-1-5-2 > se_access_check: also S-1-5-32-546 > [2009/02/24 17:02:49, 3] smbd/vfs.c:vfs_init_default(95) > Initialising default vfs hooks > [2009/02/24 17:02:49, 3] smbd/vfs.c:vfs_init_custom(128) > Initialising custom vfs hooks from [/[Default VFS]/] > [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(250) > [2009/02/24 17:02:49, 3] lib/util_seaccess.c:se_access_check(251) > se_access_check: user sid is > S-1-5-21-2296279053-2380669162-4031805749-501 > se_access_check: also S-1-1-0 > se_access_check: also S-1-5-2 > se_access_check: also S-1-5-32-546 > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (1001, 1004) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] smbd/service.c:make_connection_snum(1033) > brandon-htpc (192.168.0.103) connect to service IPC$ initially as > user guest713 (uid=1001, gid=1004) (pid 4095) > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] smbd/reply.c:reply_tcon_and_X(574) > tconX service=IPC$ > [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) > Transaction 24 of length 118 > [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) > switch message SMBtrans2 (pid 4095) conn 0x7ff20f85c6d0 > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (1001, 1004) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] smbd/msdfs.c:get_referred_path(636) > get_referred_path: |documents| in dfs path \BDON-SAMBA\documents is > not a dfs root. > [2009/02/24 17:02:49, 3] smbd/error.c:error_packet_set(106) > error packet at smbd/trans2.c(6307) cmd=50 (SMBtrans2) > NT_STATUS_NOT_FOUND > [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) > Transaction 25 of length 43 > [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) > switch message SMBulogoffX (pid 4095) conn 0x0 > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] smbd/reply.c:reply_ulogoffX(1560) > ulogoffX vuid=105 > [2009/02/24 17:02:49, 3] smbd/process.c:process_smb(1069) > Transaction 26 of length 39 > [2009/02/24 17:02:49, 3] smbd/process.c:switch_message(927) > switch message SMBtdis (pid 4095) conn 0x7ff20f85c6d0 > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:02:49, 3] smbd/service.c:close_cnum(1230) > brandon-htpc (192.168.0.103) closed connection to service IPC$ > [2009/02/24 17:02:49, 3] smbd/connection.c:yield_connection(69) > Yielding connection to IPC$ > [2009/02/24 17:02:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:03:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:04:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:04:49, 3] smbd/process.c:check_reload(1310) > Printcap cache time expired. > [2009/02/24 17:04:49, 3] printing/pcap.c:pcap_cache_reload(117) > reloading printcap cache > [2009/02/24 17:04:49, 3] printing/pcap.c:pcap_cache_reload(223) > reload status: ok > [2009/02/24 17:04:49, 2] smbd/process.c:timeout_processing(1363) > Closing idle connection > [2009/02/24 17:04:49, 3] smbd/sec_ctx.c:set_sec_ctx(241) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2009/02/24 17:04:49, 3] smbd/connection.c:yield_connection(69) > Yielding connection to > [2009/02/24 17:04:49, 3] smbd/server.c:exit_server_common(768) > Server exit (normal exit) > ***************************************** > > Thanks for any help. > > Brandon