NTDOM: Windows NT logon and browsing errors
Andre Gerhard
andre at lme.usp.br
Mon Jan 12 18:05:11 GMT 1998
Hello,
I have installed the latest version of the BRANCH_NTDOM Samba code (from CVS).
It compiled OK (my server machine is a Pentium PC Linux RedHat 4.1), but I am
not able to:
1. Browse the server from a NT Workstation or NT Server computer
(it works if I browse from Win95, and if I issue commands like:
net use x: \\server_name\share
)
2. Set the domain of the NT Workstation to the Samba Server.
I really want to know if my setup was done correctly; in particular, I didn't
understand very well how to configure the 'guest' account, so this is the first
suspect for me ...
Is it necessary to have a guest account in the NT workstation ? What is the
password of this account ?
My smb.conf file:
; The global setting for a default install
; Copyright(C) John H Terpstra - 1997
;======================= Global Settings =====================================
[global]
; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
workgroup = PROCECM
encrypt passwords = yes
; comment is the equivalent of the NT Description field
comment = Samba Server - Pro Aluno
; printing = BSD or SYSV or AIX, etc.
printing = bsd
printcap name = /etc/printcap
load printers = yes
; Uncomment this if you want a guest account, you must add this to /etc/passwd
guest account = nobody
log file = /usr/local/samba/var/log.%m
; Put a capping on the size of the log files (in Kb)
max log size = 50
; Options for handling file name case sensitivity and / or preservation
; Case Sensitivity breaks many WfW and Win95 apps
; case sensitive = yes
short preserve case = yes
preserve case = yes
; Security and file integrity related options
lock directory = /usr/local/samba/var/locks
locking = yes
share modes = yes
; Security modes: USER uses Unix username/passwd, SHARE uses WfW type passwords
; SERVER uses an other SMB server (eg: Windows NT Server or Samba)
; to provide authentication services
security = user
; Use password server option only with security = server
; password server = <NT-Server-Name>
; Configuration Options ***** The location of this entry in your smb.conf
; heirachy determines which parameters are overwritten - please watch out!
; Where %m is any SMBName (machine name, or computer name) for which a custom
; configuration is desired
; include = /usr/local/samba/lib/smb.conf.%m
; Performance Related Options
; Before setting socket options read the smb.conf man page!!
socket options = TCP_NODELAY
; Socket Address is used to specify which socket Samba
; will listen on (good for aliased systems)
; socket address = aaa.bbb.ccc.ddd
; Use keep alive only if really needed!!!!
; keep alive = 60
; Configure Samba to use multiple interfaces
; Samba will auto-detect network interfaces - only use this if
; the auto-detection does not deliver the needed results
; interfaces = 192.168.12.2/24 176.16.111.22/19 10.11.13.14/255.255.252.0
; Browser Control Options:
; Local Master set to True causes Samba to participate in browser elections
; the default setting is true, this causes Samba to behave like a
; Windows NT server. Setting this to false turns off all browser
; election participation.
local master = yes
; OS Level gives Samba the power to win browser elections. Windows NT = 32
; Any value < 32 means NT wins as Master Browser, > 32 Samba gets it
; default = 0, this ensures that Samba will NOT win the browser election.
os level = 33
; Domain Master specifies Samba to be the Domain Master Browser
; Only ever set this if there is NO Windows NT Domain Controller on the
; network
domain master = yes
; Preferred Master causes Samba to force a local browser election on startup
preferred master = yes
; Use with care only if you have an NT server on your network that has been
; configured at install time to be a primary domain controller.
; domain controller = <NT-Domain-Controller-SMBName>
domain sid = S-1-5-21-123-456-789-123
; Domain Logon Service Options:
; Domain logon control can be a good thing! See [netlogon] share section below!
; Do NOT set this to yes if there is an Windows NT domain controller
; on the network
domain logons = yes
domain admin users = root admin
domain guest users = nobody
domain hosts allow = 143.107.70.104
; run a specific logon batch file per workstation (machine)
; logon script = %m.bat
; run a specific logon batch file per username
; logon script = %u.bat
; Where to store roving profiles (only for Win95 and WinNT)
; %L substitutes for the SMB name we are called, %U is username
; You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
; Windows Internet Name Serving Support Section:
; WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; the default is NO. If you have an Windows NT Server WINS use it!
; Samba defaults to wins support = no
wins support = yes
; WINS Server - Tells the NMBD components of Samba to be a WINS Client
; Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
; WINS Proxy - Tells Samba to answer name resolution queries on behalf of a non
; WINS Client capable client, for this to work there must be at least one
; WINS Server on the network. The default is NO.
; wins proxy = yes
;============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
; Un-comment the following and create the netlogon directory for Domain Logons
[netlogon]
comment = Samba Network Logon Service
path = /usr/local/samba/lib/netlogon
; Case sensitivity breaks logon script processing!!!
case sensitive = no
guest ok = no
locking = no
writable = no
; For browseable say NO if you want to hide the NETLOGON share
browseable = yes
; Un-comment the following to provide a specific roving profile share
; the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; printable = no
; guest ok = yes
; NOTE: There is NO need to specifically define each individual printer
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
printable = yes
; Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
create mask = 0700
; A publicly accessible directory, but read only, except for people in
; the staff group
[public]
comment = Public Stuff
path = /home/samba
public = yes
writable = yes
printable = no
write list = @users
[win95.net]
comment = Win95.NET directory
path = /home/admin/win95.net
public = yes
browseable = yes
available = yes
writable = yes
printable = no
create mask = 0765
[win95.mac]
comment = Win95.MAC directory
path = /home/admin/win95.mac
public = yes
browseable = yes
available = yes
writable = yes
printable = no
create mask = 0765
[IPC$]
comment = IPC$ share
browseable = yes
available = yes
public = yes
path = /tmp
[tmp]
comment = the garbage dump
browseable = yes
available = yes
public = yes
read only = no
printable = no
path = /tmp
create mask = 0777
My /etc/passwd file:
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/adm:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news:/var/spool/news:
uucp:x:10:14:uucp:/var/spool/uucp:
operator:x:11:0:operator:/root:
games:x:12:100:games:/usr/games:
gopher:x:13:30:gopher:/usr/lib/gopher-data:
ftp:x:14:50:FTP User:/home/ftp:
nobody:x:99:99:Nobody:/:
epellini:x:500:500:Usuario pro TUDA 8),somewhere.in.time,011-1406,011-1406,:/home/epellini:/bin/tcsh
andre:x:501:501:Andre Gerhard,,,,:/home/andre:/bin/tcsh
admin:x:502:502:Windows 95 Administrator:/home/admin:/bin/tcsh
guest:x:503:503:RHS Linux User:/home/guest:/bin/bash
My /etc/shadow file (edited):"
root:AAAAAAAAAAAAAAA:-1:-1:-1:-1:-1:-1
bin:*:10165:-1:-1:-1:-1:-1:-1
daemon:*:10165:-1:-1:-1:-1:-1:-1
adm:*:10165:-1:-1:-1:-1:-1:-1
lp:*:10165:-1:-1:-1:-1:-1:-1
sync:*:10165:-1:-1:-1:-1:-1:-1
shutdown:*:10165:-1:-1:-1:-1:-1:-1
halt:*:10165:-1:-1:-1:-1:-1:-1
mail:*:10165:-1:-1:-1:-1:-1:-1
news:*:10165:-1:-1:-1:-1:-1:-1
uucp:*:10165:-1:-1:-1:-1:-1:-1
operator:*:10165:-1:-1:-1:-1:-1:-1
games:*:10165:-1:-1:-1:-1:-1:-1
gopher:*:10165:-1:-1:-1:-1:-1:-1
ftp:*:10165:-1:-1:-1:-1:-1:-1
nobody:*:10165:-1:-1:-1:-1:-1:-1
epellini:BBBBBBBBBBBBBBB:10165:-1:-1:-1:-1:-1:-1
andre:CCCCCCCCCCCCCCCc:10165:-1:-1:-1:-1:-1:-1
admin:DDDDDDDDDDDDDDD:10172:-1:-1:-1:-1:-1:-1
guest:EEEEEEEEEEEEEEe:10233:-1:-1:-1:-1:-1:-1
My smbpasswd file (edited):
#
# SMB password file.
#
root:0:01234567890123456789012345678901:01234567890123456789012345678901:root:/root:/bin/bash
bin:1:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:bin:/bin:
daemon:2:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:daemon:/sbin:
adm:3:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:adm:/var/adm:
lp:4:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:lp:/var/spool/lpd:
sync:5:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:sync:/sbin:/bin/sync
shutdown:6:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:shutdown:/sbin:/sbin/shutdown
halt:7:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:halt:/sbin:/sbin/halt
mail:8:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:mail:/var/spool/mail:
news:9:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:news:/var/spool/news:
uucp:10:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:uucp:/var/spool/uucp:
operator:11:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:operator:/root:
games:12:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:games:/usr/games:
gopher:13:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:gopher:/usr/lib/gopher-data:
ftp:14:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:FTP User:/home/ftp:
nobody:99:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Nobody:/:
epellini:500:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Usuario pro TUDA 8),somewhere.in.time,011-1406,011-1406,:/home/epellini:/bin/tcsh
andre:501:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Andre Gerhard,,,,:/home/andre:/bin/tcsh
admin:01234567890123456789012345678901:01234567890123456789012345678901:Windows 95 Administrator:/home/admin:/bin/tcsh
guest:503:01234567890123456789012345678901:01234567890123456789012345678901:Guest User,,,,:/home/guest:/bin/tcsh
The guest account in the smb.conf points to the nobody account. In the smbpasswd file I tried first 'as is', i.e, with X in the place of the password.
Then a decided to use NO PASSWORD, but it didn't work. I also tried to use
the guest account, with no success.
Thanks in advance,
Andre Gerhard
Network administrator
University of Sao Paulo - SP - Brazil
More information about the samba
mailing list