[Samba] problems with samba share

Alex Florescu alex at acasa.ro
Sun Feb 7 16:58:35 MST 2010 

Hi everyone,

I want to achieve the following setup:

- have a share that is read-only and accessible for guest users;

- have the same share be modified by an authenticated specific user.

 

This is running on debian lenny, samba 3.2.5.

My smb.conf is as follows:

 

[global]

   workgroup = WORKGROUP

   netbios name = cast

   remote announce = 192.168.1.99/WORKGROUP

   server string = %h server

   dns proxy = no

   interfaces = eth0

   hosts allow = 192.168.1.0/24

  username map = /etc/samba/usermap

security = share

   client plaintext auth = yes

   encrypt passwords = no

  passdb backend = smbpasswd

lanman auth = yes

   client lanman auth = yes

 load printers = no

   printing = none

socket options = TCP_NODELAY IPTOS_LOWDELAY

 

[workplace]

        comment = workplace

        browseable = yes

        path = /var/workplace

        guest ok = yes

        public = yes

        read only = yes

 

[admin]

        comment = cristi admin

        browseable = yes

        path = /var/workplace

        public = yes

        guest ok = no

        read only = no

        writeable = yes

        username = cristi

        admin users = cristi

        valid users = cristi

 

I did smbpasswd -a cristi and also smbpasswd -e cristi. User cristi also has
an account on the linux box. The passwords are the same. /etc/samba/usermap
contains: cristi = cristi .

 

I can access \\192.168.1.99\workplace <file:///\\192.168.1.99\workplace>
without authentication, everything is read-only, as it should. When
accessing \\192.168.1.99\admin <file:///\\192.168.1.99\admin> , I get a
User\Password prompt, exactly the way I want it, but when typing cristi +
password it says that the login is invalid. I also tried to map the share
from windows, same thing.

                The odd this is that if I issue  'smbclient -U cristi
//192.168.1.99/admin'  on the server CLI it logs me in (with the following
message: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.2.5] Server not using
user level security and no password supplied.). That aside, I do have admin
privileges.

 

                But this works only when accessing from the server. If I am
on another machine, it will fail. Logs say the following thing:

check_ntlm_password:  Authentication for user [cristi] -> [cristi] FAILED
with error NT_STATUS_LOGON_FAILURE

  check_ntlm_password:  Checking password for unmapped user
[WORKGROUP]\[cristi]@[192.168.1.13] with the new password interface

  check_ntlm_password:  mapped user is: [CAST]\[cristi]@[192.168.1.13]

  check_ntlm_password:  Authentication for user [cristi] -> [cristi] FAILED
with error NT_STATUS_LOGON_FAILURE

                So I am out of alternatives. I have tried almost every
combination the past 4 days. Please don't suggest using security = user.

 

                Help me oh please.

Alex F.

More information about the samba mailing list