Browsing Problems

Stephen L Arnold arnold.steve at ensco.com
Thu Feb 4 20:44:12 GMT 1999 

When the world was young, Wolf Paul carved some runes like this:

> Yesterday, I asked:
> > Are you sure you want WINS support = yes? Isn't one of your NT 
> > boxes providing the WINS service? What about the results of the 
> > test steps in diagnosis.txt? Browsing is a function of nmbd (not 
> > smbd)... I've never seen the "RPC error" (but we only have one NT4
> > workstation machine on the LAN). More Info? 
> 
> No, we don't have another WINS server in our network; but no, I am not
> sure that I want SAMBA to provide that functionality either. Our network
> seems to work fine without it.
> 
> The reason I turned it in is just in case my browsing problem is a name
> resolution problem and this might just help  ... but I am nowhere near
> sure.

It could be related to name resolution; do you have local DNS? Are 
you running any protocols besides TCP/IP (eg, NetBlooie, IPX)?

> In fact my network administrators and the NT platform admins would prefer
> that my SAMBA server only talk when directly spoken to, and does not
> respond to broadcasts since they are afraid that this might confuse the
> genuine NT servers/clients.

Typical - be afraid of (and blame problems on) anything you don't 
understand.  Our LAN guy kept blaming our browsing problems on my 
linux/samba box, until he removed a big chunk of coax and the 
problems cleared up :-o.  Samba is actually very well done, and 
more compliant with their own specs than most M$ products are.  In 
my experience, most problems are actually caused by the broken M$ 
network redirector (and other broken/stupid/brain damaged parts of 
windoze) than anything else.

> More info:
> 
> The exact error message was not "RPC error" but as I said in a later
> message,
> 
>  "\\Atunfs is not accessible. The remote procedure call failed." 
> 
> Variously, as I specify different options for "guest account" or 
> "local master", "os level", etc, the error message changes; sometimes
> prompting me for a password and then (regardless of the password given)
> complaining about a wrong password for the IPC$ service. (This seems the
> standard error when trying to browse from a Win98 machine).

Try going back to the recommended settings, but set the guest 
account to ftp.  Let me know what happens...

> I just went through the tests in DIAGNOSIS.txt, and here are the results:
> 
>    Test  1:  testparm does not report any errors.

[snip] - all tests work through step 7
> 
>    Test  8:  net view \\atunfs does NOT work, produces the error msg,
>             "System error 1726 has occurred". 
>             "net helpmsg 1726" produces, "The remote procedure call
>             failed".
> 
>    Test  9:  connecting to shares with "net use" using explicit paths
>    works.
> 
>    Test 10:  Browsing from File Mangaer& My Computer Map Network Drive
>              or from Network Neighborhood does not work but says either
>              "\\Atunfs is not accessible. The remote procedure call
>              failed." (Network Neighborhood) or "The remote procedure call
>              failed." (My Compter & File Manager Map Network Drive).
> 
> The above results for Tests 8 and 10 applies to NT 4.0; from a Win98
> client on the same network both Tests 8 and 10 succeed; similarly from a
> Win95 client.
> 
> 
> All of this is independent of whether SECURITY is set to SERVER or to
> DOMAIN, and whether WINS is enabled or disabled on the Samba server. For
> the sake of completeness here is my GLOBAL section again:
> 
>         workgroup = ALCATEL
>         netbios name = ATUNFS
>         server string = ATUNFS Samba Server
>         interfaces = 146.112.129.100/19
>         security = DOMAIN
>         encrypt passwords = Yes
>         password server = attdcp attnt1 attnt2 attnt3
>         username map = /usr/local/samba/lib/smbusers
>         password level = 9
>         username level = 9
>         log level = 3
>         log file = /var/log/samba/log.%m
>         max log size = 50
>         name resolve order = host bcast
>         socket options = TCP_NODELAY
>         printcap name = /etc/printcap
>         lm announce = True
>         local master = No
>         printing = bsd
>         case sensitive = Yes
>         guest account = pcguest
> 
> I have no smbpasswd file (since I use security=DOMAIN); I have a 
> usermap file which maps NT users to UNIX users (this works when 
> connecting a share using the explicit path \\atunfs\sharename);
> for all but a handfull of system accounts my UNIX passwd info comes via
> NIS; the guest user "pcguest" is one of the local users in /etc/passwd,
> with a '*' in the password field. (This is a change from yesterday, to
> make things clearer I changed the guest account from nobody to pcguest.)

I tried to replicate your problem, but failed.  I couldn't even 
replicate the NT4SP3 problem mentioned in the docs (NT4SP3 can't 
browse a samba server (in user-level security mode) without an open 
connection (ie, a drive mapped via Net Use)).  Go figure...

My setup is ~20 win95 (OSR2) clients, one NT4SP3 Wkst, one RedHat 
4.2(kernel 2.0.30) box with samba 1.9.18p8, apache, etc.  No local 
DNS or WINS (I have host and lmhost files on all machines).  I had 
performance problems with some clients (who had RWIN=2144) until I 
changed to RWIN=4288, but no browsing problems (except for the 
previously mentioned one caused by too much coax on a linear bus 
ethernet).  I can't try server or domain level security, because we 
have no NT server boxes.  I have the win95 client machine names the 
same as the linux account names (everybody's last name).  I have 
username map settings for a couple of shared machines (including 
the NT box) pointing to my linux account name.  I also use my linux 
account password to login on my windoze network login (that seems 
to work well).  And everyone uses plaintext passwords (private LAN).

Here is my smb.conf for what it's worth:

[global]
   hosts allow = 192.168.0.  127.
   name resolve order = lmhosts host bcast
   guest account = ftp
   security = user
   username map = /etc/smbusers
   socket options = TCP_NODELAY
   local master = yes
   os level = 65
   domain master = yes
   preferred master = yes
   wins support = no
   preserve case = yes
   short preserve case = yes
   mangle case = yes

[homes]
   comment = Your Home Directory
   browseable = no
   writable = yes
   alternate permissions = yes
   force directory mode = 0755
   create mode = 0644
[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
# Set public = yes to allow user 'guest account' to print
   guest ok = no
   writable = no
   printable = yes
[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes
[public]
   comment = HTML Document Tree
   path = /home/httpd
   public = yes
   writable = yes
   printable = no
   write list = me, root, admin, other_me 
[docs]
  comment = Linux docs
  path = /usr/doc
  public = yes
  writable = yes
  printable = no 
  write list = me, root, admin, other_me
[source]
  comment = Source Code
  path = /usr/src
  valid users = (list of tech staff user names)
  public = no
  writable = yes
  printable = no

****************************************************************
Stephen L. Arnold                        Senior Systems Engineer
ENSCO Inc.                        email:  arnold.steve at ensco.com
P.O. Box 5488                         www:  http://www.ensco.com
Vandenberg AFB, CA  93437             voice: 805.734.8232 x68838
                                               fax: 805.734.4779
#include <std_disclaimer.h>
****************************************************************

More information about the samba mailing list