Hi,
I have several servers in separate networks currently running samba
2.2.5. Each server can have aliases and I'm using the %L macro in share
path, so that each appear as a separate 'virtual' server - depending on
how the client calls it. There is at least one SMB users defined in
'smbpasswd' file.
Here is the current config:
> [global]
> workgroup = MYGROUP
> netbios name = server1
> netbios aliases = server2 server3 server4
> server string = Linux SMB Server
> interfaces = eth1
> bind interfaces only = yes
> encrypt passwords = Yes
> password level = 8
> security = share
> username level = 8
> username map = /etc/samba.d/smbusers
> max log size = 200
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> dns proxy = No
> log file = /var/log/samba.d/smb.%m
> log level = 2
> mangle case = yes
> preserve case = no
> short preserve case = no
> default case = lower
> oplocks = no
> level2 oplocks = no
> strict locking = yes
> stat cache = no
> load printers = no
> local master = no
>
> [myshare]
> comment = My Virtual Shares
> browseable = no
> writeable = yes
> path = /opt/myshare/vhosts/%L
With this I can use 'smbclient' to connect to
'//serverX/myshare' (where
X is 1-4) using the same user (myuser) and I can just 'browse' the
share.
I need to upgrade all servers to a newer distro - OpenSuSE 11.1 that
comes with Samba 3.2.7. Because there are some automated procedures
running on clients I need to make sure Samba works pretty much the same
as it does on the current production servers.
I had to change some obvious options in 'smb.conf' - paths (OpenSuSE is
using 'samba' instead 'samba.d'), 'mangle case' is no
longer a valid
option and I had to add 'client lanman auth = yes' option.
However, that alone is not enough - whenever I use 'smblcient', I get an
error:
> # smbclient //server1/myshare -U myuser
> Enter myuser's password:
> Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.2.7-11.2.1-2080-SUSE-CODE11]
> Server not using user level security and no password supplied.
> tree connect failed: NT_STATUS_WRONG_PASSWORD
I checked the obvious stuff - the username is OK, it exists in both
/etc/passwd and /etc/samba/smbpasswd and the path for the share also exists.
I then tried adding some options, but these didn't help:
> passdb backend = smbpasswd
> lanman auth = yes
> ntlm auth = yes
> smb encrypt = no
>
> client lanman auth = yes
> client plaintext auth = yes
>
The log shows this:
> ==> smb.172.16.0.123 <=> [2009/06/17 12:19:37, 2]
auth/auth.c:check_ntlm_password(318)
> check_ntlm_password: Authentication for user [myuser] -> [myuser]
> FAILED with error NT_STATUS_WRONG_PASSWORD
> [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318)
> check_ntlm_password: Authentication for user [myuser] -> [myuser]
> FAILED with error NT_STATUS_WRONG_PASSWORD
> [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318)
> check_ntlm_password: Authentication for user [myuser] -> [myuser]
> FAILED with error NT_STATUS_WRONG_PASSWORD
> [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318)
> check_ntlm_password: Authentication for user [myuser] -> [myuser]
> FAILED with error NT_STATUS_WRONG_PASSWORD
> [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318)
> Invalid username/password for [myshare]
Did 'security = share' change from Samba 2 to Samba 3?
What do I need to change to make Samba 3 behave like Samba 2 did - with
'security = share'?
Thanks, Danilo
