Bruce Lane
2010-Jan-16  09:28 UTC
[Samba] Cannot connect from XP to Samba: Password prompt repeated
Fellow samba folk, This one's making me want to tear out what little hair I have left. THE *NIX PLATFORM: FreeBSD 7.0-RELEASE, Samba 3.3.8. THE ENVIRONMENT: Small domain, Windows 2003 servers and XP-pro based workstations. The FreeBSD server is a member server in the domain, so at least that works. THE SYMPTOMS: This is bizarre. I can, using mount_smbfs on the FreeBSD side, easily connect to shares on the Windows server. No hassle, no pain. It Just Works. HOWEVER -- When I try to connect to a share on the Samba side from any Windows system, I get repeated requests for the username and password, and no combination of such (not even one which I know to be valid) wants to work. Here's the paste from my smb.conf file. To save space, I have removed the sections I'm not using (as in the ones which I left commented out). #======================= Global Settings ====================================[global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH workgroup = BFT-INT # server string is the equivalent of the NT Description field server string = BFT Web Server # Security mode. Defines in which mode Samba will operate. Possible # values are share, user, server, domain and ads. Most people will want # user level security. See the Samba-HOWTO-Collection for details. security = ads password server = haku2.int.bluefeathertech.com client use spnego = yes # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page hosts allow = 192.168.42. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = no # Put a capping on the size of the log files (in Kb). max log size = 50 # Use the realm option only with security = ads # Specifies the Active Directory realm the host is part of realm = int.bluefeathertech.com # Backend to store user information in. New installations should # use either tdbsam or ldapsam. smbpasswd is available for backwards # compatibility. tdbsam requires no further configuration. passdb backend = tdbsam # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. interfaces = 192.168.42.130/24 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = no # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = no # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. domain logons = no # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server wins support = no # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both wins server = 192.168.42.90 # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The default is NO. dns proxy = no #============================ Share Definitions =============================[webstuff] comment = Featherweb doc directories path = /usr/local/www/htdocs browseable = yes writable = yes valid users = kyrrin jlanfri kathy write list = @www @wheel create mask = 0755 [logging] comment = Featherweb logging path = /var/log browseable = yes writable = no valid users = kyrrin jlanfri kathy featherweb# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- What puzzles me is this was working just fine for months, and then it failed for no apparent reason. Any guesses? Thanks much. -=-=-=-=-=-=-=-=-=-=-=- Bruce Lane, Owner & Head Hardware Heavy, Blue Feather Technologies -- http://www.bluefeathertech.com kyrrin (at) bluefeathertech do/t c=o=m "Quid Malmborg in Plano..."
