help w/ samba+win2k

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Mon Mar 26 15:02:23 GMT 2001 

Hello Johnathan,
I would highly recommend that you use security=user instead of
security=share.
Samba does a LOT of things in the background to try to authenticate with 
security=share, and in addition, with security=share, you are basically
skipping
the whole user authentication thing, and going straight to a treeconnect&X,
where
it is expecting you to give it a password for the SHARE, not the user.
Since you only have 2 machines and the samba server, it should not require a
lot
of admin;
simply:
workgroup= <whatever workgroup your two win2k machines are>  [not required,
but nice]
security=user
encrypt passwords = yes

Then you will need to add the user that you login to the three machines into
the 
encrypted smbpasswd file via the command (run from root):
smbpasswd -a username

when it asks for the password, give it the same password as you use on your
user when
you log into bsd.  The reason you have to do this is because the 1 way
encryption that 
Microsoft does is different than the 1 way encryption that Unix uses, and
you can't translate back and forth.  When you attach to your home dir from
the win2k clients,
the smbpasswd will be parsed; when you attach via telnet, etc directly to
the bsd box,
the /etc/passwd file will be parsed.
Hope this helps,
Don


-----Original Message-----
From: Jonathan Chan [mailto:jchan at broadcast.com]
Sent: Saturday, March 24, 2001 5:18 PM
To: samba-ntdom at us5.samba.org
Subject: help w/ samba+win2k


i've searched the archives, and couldnt find a solution for my scenerio.

i'm running bsd and samba 2.0.7, and i want my two win2k boxes to see/use 
my samba shares.
i do not have (nor want) to setup a pdc since it is just two computers i'm 
working with and i'm the only user on both computers. my user account and 
password is the same across all three boxes.
when i try to hit the home directory win2k keeps prompting for a username 
and password. i did notice that the prompt is including the 
netbios/hostname of the samba server. what i would like is for the share to 
authenticate using my bsd account. i went through encryption.txt but i'm 
still stumped. any help/pointers would be appreciated.
...

here's my conf file.

[global]

    workgroup = WORKGROUP

    server string = Samba Server

    log file = /var/log/log.%m

    max log size = 50

# Security mode. Most people will want user level security. See
# security_level.txt for details.
;   security = user
security = share

# Use password server option only with security = server
;   password server = <NT-Server-Name>

encrypt passwords = yes

    socket options = TCP_NODELAY

domain master = no


domain logons = no


#============================ Share Definitions
==============================
[homes]
    comment = Home Directories
    browseable = no
    writeable = yes
;   public = yes


jon

More information about the samba-ntdom mailing list