Yes, I know, XP-SP3 is very old. It works for what I need it for. I have
some programs that will never be updated for Win 7.
Note that XP-SP3 and Fedora 14 work together just fine, so I'm guessing that
a newer version of Samba is what is keeping me from logging in from XP.
But, I do not know what to put in the smb.conf file to allow XP to mount
a share.
Here is the output from testparm:
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[usenet]"
Processing section "[video]"
Processing section "[website]"
Processing section "[tmp]"
Loaded services file OK.
Server role: ROLE_STANDALONE
# Global parameters
[global]
server string = Linux Samba Server
workgroup = VIDIOT
log file = /var/log/samba/log.%m
max log size = 50
security = USER
idmap config * : backend = tdb
cups options = raw
hosts allow = 127. 192.168.1.
[homes]
comment = Home Directories
browseable = No
read only = No
[usenet]
comment = Linux usenet area
path = /WebDisk/share_download/usenet
read only = No
[video]
comment = Video Files Workspace
path = /WebDisk/ftp/pub
read only = No
[website]
comment = Web Server HTML Area
path = /WebDisk/http/htdocs/vidiot
read only = No
[tmp]
comment = Temporary file space
path = /WebDisk/tmp
guest ok = Yes
read only = No
When I try and map "W: \\192.168.1.11\website" and use brown as the
login
name and my password, it goes off to do its thing and a wee bit later it
comes back with the login GUI. The only entries in the log file are those
resulting from stopping and starting the smb service with restart (in order
to reread the config file).
Tried it with encryption of the password with yes (default) and no.
Thanks for any tips that might fix this issue.
MB
--
e-mail: vidiot at vidiot.com | vidiot at vidiot.net /~\ The ASCII
6082066843 at email.uscc.net (140 char limit) \ / Ribbon Campaign
Visit - URL: http://vidiot.com/ X Against
http://vidiot.net/ / \ HTML Email
"You're Sherlock Holmes, wear the damn hat!" - Watson to Sherlock
Sherlock - The Abominable Bride - 1/01/16
On Sun, 2017-06-11 at 20:08 -0500, Mike Brown via samba wrote:> Yes, I know, XP-SP3 is very old. It works for what I need it for. I > have > some programs that will never be updated for Win 7. > > Note that XP-SP3 and Fedora 14 work together just fine, so I'm > guessing that > a newer version of Samba is what is keeping me from logging in from > XP. > But, I do not know what to put in the smb.conf file to allow XP to > mount > a share.Try configuring XP to use NTLMv2 (ideally), or set 'ntlm auth = yes' if you really can't set that for some reason (it is a security policy setting on the client, in local security policies). Andrew Bartlett -- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Development and Support, Catalyst IT https://catalyst.net.nz/services/samba
On Mon, Jun 12, 2017 at 01:53:10PM +1200, Andrew Bartlett via samba wrote:> On Sun, 2017-06-11 at 20:08 -0500, Mike Brown via samba wrote: > > Yes, I know, XP-SP3 is very old.????It works for what I need it for.????I > > have > > some programs that will never be updated for Win 7. > > > > Note that XP-SP3 and Fedora 14 work together just fine, so I'm > > guessing that > > a newer version of Samba is what is keeping me from logging in from > > XP. > > But, I do not know what to put in the smb.conf file to allow XP to > > mount > > a share. > > Try configuring XP to use NTLMv2 (ideally), or set 'ntlm auth = yes' if > you really can't set that for some reason (it is a security policy > setting on the client, in local security policies).I found the instruction on the net on how to set it using NTLMv2 and refuse the other two. That resulted in my having to log in to my NAS server, which I initially only had to do the first time around. Not much of a big deal, since the XP-64 box always asks for the login info. But, trying to connect to the F25 server now results in network path not being found. But, when I dismiss that error dialog and try again, then all it does is present me with the login GUI. When I try this with my XP-64 box, the same thing happens, in that it just presents me with the login GUI. I did not change the NTLMv2 setting on that box. MB -- e-mail: vidiot at vidiot.com | vidiot at vidiot.net /~\ The ASCII 6082066843 at email.uscc.net (140 char limit) \ / Ribbon Campaign Visit - URL: http://vidiot.com/ X Against http://vidiot.net/ / \ HTML Email "You're Sherlock Holmes, wear the damn hat!" - Watson to Sherlock Sherlock - The Abominable Bride - 1/01/16
On Mon, Jun 12, 2017 at 01:53:10PM +1200, Andrew Bartlett via samba wrote:> On Sun, 2017-06-11 at 20:08 -0500, Mike Brown via samba wrote: > > Yes, I know, XP-SP3 is very old.????It works for what I need it for.????I > > have > > some programs that will never be updated for Win 7. > > > > Note that XP-SP3 and Fedora 14 work together just fine, so I'm > > guessing that > > a newer version of Samba is what is keeping me from logging in from > > XP. > > But, I do not know what to put in the smb.conf file to allow XP to > > mount > > a share. > > Try configuring XP to use NTLMv2 (ideally), or set 'ntlm auth = yes' if > you really can't set that for some reason (it is a security policy > setting on the client, in local security policies).I just noticed that the log file for the working F14 system doesn't log any connections. Kinda hard to troubleshoot when the log doesn't contain any entries for good/bad attempts. Is there a way to get the log to contain connections and attempts that fail, and why they fail? MB -- e-mail: vidiot at vidiot.com | vidiot at vidiot.net /~\ The ASCII 6082066843 at email.uscc.net (140 char limit) \ / Ribbon Campaign Visit - URL: http://vidiot.com/ X Against http://vidiot.net/ / \ HTML Email "You're Sherlock Holmes, wear the damn hat!" - Watson to Sherlock Sherlock - The Abominable Bride - 1/01/16
On Mon, Jun 12, 2017 at 01:53:10PM +1200, Andrew Bartlett via samba wrote:> On Sun, 2017-06-11 at 20:08 -0500, Mike Brown via samba wrote: > > Yes, I know, XP-SP3 is very old.????It works for what I need it for.????I > > have > > some programs that will never be updated for Win 7. > > > > Note that XP-SP3 and Fedora 14 work together just fine, so I'm > > guessing that > > a newer version of Samba is what is keeping me from logging in from > > XP. > > But, I do not know what to put in the smb.conf file to allow XP to > > mount > > a share. > > Try configuring XP to use NTLMv2 (ideally), or set 'ntlm auth = yes' if > you really can't set that for some reason (it is a security policy > setting on the client, in local security policies).My bad. It was originally set to NTLMv2 response only. I'm guessing this is the one you wanted. MB -- e-mail: vidiot at vidiot.com | vidiot at vidiot.net /~\ The ASCII 6082066843 at email.uscc.net (140 char limit) \ / Ribbon Campaign Visit - URL: http://vidiot.com/ X Against http://vidiot.net/ / \ HTML Email "You're Sherlock Holmes, wear the damn hat!" - Watson to Sherlock Sherlock - The Abominable Bride - 1/01/16
On Mon, Jun 12, 2017 at 01:53:10PM +1200, Andrew Bartlett via samba wrote:> On Sun, 2017-06-11 at 20:08 -0500, Mike Brown via samba wrote: > > Yes, I know, XP-SP3 is very old.????It works for what I need it for.????I > > have > > some programs that will never be updated for Win 7. > > > > Note that XP-SP3 and Fedora 14 work together just fine, so I'm > > guessing that > > a newer version of Samba is what is keeping me from logging in from > > XP. > > But, I do not know what to put in the smb.conf file to allow XP to > > mount > > a share. > > Try configuring XP to use NTLMv2 (ideally), or set 'ntlm auth = yes' if > you really can't set that for some reason (it is a security policy > setting on the client, in local security policies).Damn firewall. By default, Samba isn't allowed to connect. Found it by using wireshark to look at the packets and that gave me the clue. MB -- e-mail: vidiot at vidiot.com | vidiot at vidiot.net /~\ The ASCII 6082066843 at email.uscc.net (140 char limit) \ / Ribbon Campaign Visit - URL: http://vidiot.com/ X Against http://vidiot.net/ / \ HTML Email "You're Sherlock Holmes, wear the damn hat!" - Watson to Sherlock Sherlock - The Abominable Bride - 1/01/16