Some problems with samba 2.0.7
MCCALL,DON (HP-USA,ex1)
don_mccall at hp.com
Wed Mar 14 17:11:39 GMT 2001
Hi Peer,
based on your smb.conf, since you don't explicitly set the global parameters
security=
and
encrypt passwords =
they will take the default, which is
security= user
and
encrypt passwords=no
What this means is that if your client is not capable of sending plaintext
password (which win98 and win95withlatestservicepack are NOT) then it will
fail to negotiate protocol with the server. Older WinNT clients (before
sp3,
I believe) by default would send a plaintext password to a server if it was
required. In this case, the plaintext password is authenticated against
your
/etc/passwd file, and would succeed.
This might be the issue you are experiencing. Check the archives for this
list,
we've posted the registry hacks to make win98 and win95 enable plaintext
passwords
if thats the way you want to go; the other option is to set encrypt
passwords=yes
and create and populate an smbpasswd file with the smbpasswd command, so
that your
encrypted passwords from your users can be authenticated.
See the "Using Samba" online manual (or better yet, buy one!) at
http://us2.samba.org/samba/oreilly/using_samba/
Chapter 6 deals with this topic among others.
Hope this helps,
Don
-----Original Message-----
From: Peer-Joachim Koch [mailto:pkoch at bgc-jena.mpg.de]
Sent: Wednesday, March 14, 2001 4:38 AM
To: MCCALL,DON (HP-USA,ex1); samba at us5.samba.org
Subject: Re: Some problems with samba 2.0.7
"MCCALL,DON (HP-USA,ex1)" wrote:
>
> Hello Peer,
> We really need to know a bit more about your setup to be able to answer
> appropriately.
> For instance, answering the following questions will help:
> 1. if you try to access Samba shares from and NT workstation and a WIN98
> workstation using the SAME username and password, does it still only work
> on the NT workstation?
Yes, I used my account and CAN access everything without any problems
from NT, but not from 95,98.
> 2. you might want to post your smb.conf file (stripped of comments of
> course) back
> to this list, so we can see what type of security you are using
> (share,user,domain, etc).
---------smb.conf---------
[global]
workgroup = BGC
netbios name = ORCA
netbios aliases = ATLAS
server string = HPUX_Samba FILE/PRINT Server
keepalive = 90
read prediction = Yes
read size = 65535
os level = 2
wins server = 141.5.16.29
hosts allow = 141.5.16.0/255.255.252.0
printing = cups
log file = /var/adm/samba/%m.log
log level = 1
[homes]
comment = Homedirectories %U
path = /mnt/Local/Homes/%U
read only = No
create mask = 0750
guest ok = Yes
browseable = No
------------end smb.conf (there are more shares, but all the same
structure)
> 3. if you set debug level=10 and log file = /var/opt/samba/log.%m in the
> global section
> of your smb.conf file, and then make the attempt to access a share on
one
> of the nonworking pcs, you will get a log file named
> log.<netbiosmachinename> for the machine that you made the attempt from.
> USUALLY one of us can look at this and pinpoint a problem like this pretty
> quickly - I'd be willing to take a look at it if you send it OFFlist to
me.
> You would probably want to include a WORKING log as well, from an attempt
> from your working NT workstation, for comparison. Just makes things
easier.
> Remember to use the same username and password on both machines for the
> test.
I used log-level=3 I hope this is OK. Another problem: I tested my old
privat
laptop (win98) and - it WORKED. Using the same settings on other laptops
it won't work. So I'm no longer sure who causes the problems:
log-file from thew working win98 notebook:
----------------------------
[2001/03/14 09:47:27, 3] param/loadparm.c:(1594)
adding IPC service
[2001/03/14 09:47:27, 2] lib/interface.c:(83)
added interface ip=141.5.16.12 bcast=141.5.19.255 nmask=255.255.252.0
[2001/03/14 09:47:27, 3] lib/interface.c:(63)
not adding duplicate interface 141.5.16.22
[2001/03/14 09:49:27, 3] smbd/process.c:(618)
Transaction 169 of length 39
[2001/03/14 09:49:27, 3] smbd/process.c:(448)
switch message SMBtdis (pid 1107)
[2001/03/14 09:49:27, 3] smbd/service.c:(581)
mobila23 (141.5.19.48) closed connection to service IPC$
[2001/03/14 09:49:27, 3] smbd/connection.c:(45)
Yielding connection to IPC$
[2001/03/14 09:49:27, 0] lib/util_sock.c:(477)
read_socket_data: recv failure for 4. Error = Connection timed out
[2001/03/14 09:49:27, 3] smbd/process.c:(862)
receive_smb error (Connection timed out) exiting
[2001/03/14 09:49:27, 2] smbd/server.c:(408)
Closing connections
[2001/03/14 09:49:27, 3] smbd/server.c:(435)
Server exit (normal exit)
[2001/03/14 09:52:18, 3] smbd/process.c:(618)
Transaction 1 of length 158
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBnegprot (pid 1281)
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [DOS LM1.2X002]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [DOS LANMAN2.1]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [Windows for Workgroups 3.1a]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [NT LM 0.12]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(424)
Selected protocol NT LM 0.12
[2001/03/14 09:52:18, 3] smbd/process.c:(618)
Transaction 2 of length 152
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1281)
[2001/03/14 09:52:18, 3] smbd/reply.c:(804)
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:52:18, 3] smbd/reply.c:(809)
sesssetupX:name=[PKOCH]
[2001/03/14 09:52:18, 1] smbd/reply.c:(925)
Rejecting user 'pkoch': authentication failed
[2001/03/14 09:52:18, 3] smbd/error.c:(133)
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:52:18, 3] smbd/process.c:(856)
end of file from client
[2001/03/14 09:52:18, 2] smbd/server.c:(408)
Closing connections
[2001/03/14 09:52:18, 3] smbd/server.c:(435)
Server exit (normal exit)
[2001/03/14 09:52:18, 3] smbd/process.c:(618)
Transaction 1 of length 158
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBnegprot (pid 1283)
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [DOS LM1.2X002]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [DOS LANMAN2.1]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [Windows for Workgroups 3.1a]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(341)
Requested protocol [NT LM 0.12]
[2001/03/14 09:52:18, 3] smbd/negprot.c:(424)
Selected protocol NT LM 0.12
[2001/03/14 09:52:18, 3] smbd/process.c:(618)
Transaction 2 of length 154
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1283)
[2001/03/14 09:52:18, 3] smbd/reply.c:(804)
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:52:18, 3] smbd/reply.c:(809)
sesssetupX:name=[PKOCH]
[2001/03/14 09:52:18, 1] smbd/reply.c:(925)
Rejecting user 'pkoch': authentication failed
[2001/03/14 09:52:18, 3] smbd/error.c:(133)
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:52:18, 3] smbd/process.c:(618)
Transaction 3 of length 154
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1283)
[2001/03/14 09:52:18, 3] smbd/reply.c:(804)
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:52:18, 3] smbd/reply.c:(809)
sesssetupX:name=[PKOCH]
[2001/03/14 09:52:18, 1] smbd/reply.c:(925)
Rejecting user 'pkoch': authentication failed
[2001/03/14 09:52:18, 3] smbd/error.c:(133)
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:52:18, 3] smbd/process.c:(618)
Transaction 4 of length 154
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1283)
[2001/03/14 09:52:18, 3] smbd/reply.c:(804)
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:52:18, 3] smbd/reply.c:(809)
sesssetupX:name=[PKOCH]
[2001/03/14 09:52:18, 3] param/loadparm.c:(1553)
adding home directory pkoch at /User/homes/pkoch
[2001/03/14 09:52:18, 3] smbd/password.c:(192)
pkoch is in 19 groups: 100, 772, 502, 774, 773, 501, 775, 770, 771,
505, 508,
506, 777, 780, 507, 503, 776, 509, 270
[2001/03/14 09:52:18, 3] smbd/password.c[2001/03/14 09:52:18, 3]
smbd/process.c:(775)
Chained message
[2001/03/14 09:52:18, 3] smbd/process.c:(448)
switch message SMBtconX (pid 1283)
[2001/03/14 09:52:18, 2] lib/access.c:(257)
Allowed connection from 141.5.19.48 (141.5.19.48)
[2001/03/14 09:52:18, 3] smbd/password.c:(759)
ACCEPTED: validated uid ok as non-guest
[2001/03/14 09:52:18, 3] smbd/service.c:(441)
Connect path is /tmp
[2001/03/14 09:52:18, 3] lib/doscalls.c:(342)
dos_ChDir to /tmp
[2001/03/14 09:52:18, 3] smbd/service.c:(550)
mobila23 (141.5.19.48) connect to service IPC$ as user pkoch (uid=615,
gid=100
) (pid 1283)
uid 615 registered to name pkoch
[2001/03/14 09:52:18, 3] smbd/password.c:(272)
Clearing default real name
--------------------------------------
END of WORKING notebook
Start of N O T working notebook:
--------------------------------------
Transaction 1 of length 158
[2001/03/14 09:47:34, 3] smbd/process.c:(448)
switch message SMBnegprot (pid 1272)
[2001/03/14 09:47:34, 3] smbd/negprot.c:(341)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2001/03/14 09:47:34, 3] smbd/negprot.c:(341)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2001/03/14 09:47:34, 3] smbd/negprot.c:(341)
Requested protocol [DOS LM1.2X002]
[2001/03/14 09:47:34, 3] smbd/negprot.c:(341)
Requested protocol [DOS LANMAN2.1]
[2001/03/14 09:47:34, 3] smbd/negprot.c:(341)
Requested protocol [Windows for Workgroups 3.1a]
[2001/03/14 09:47:34, 3] smbd/negprot.c:(341)
Requested protocol [NT LM 0.12]
[2001/03/14 09:47:34, 3] smbd/negprot.c:(424)
Selected protocol NT LM 0.12
[2001/03/14 09:47:34, 3] smbd/process.c:(618)
Transaction 2 of length 152
[2001/03/14 09:47:34, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1272)
[2001/03/14 09:47:34, 3] smbd/reply.c:(804)
[2001/03/14 09:47:34, 3] smbd/reply.c:(809)
sesssetupX:name=[PKOCH]smbd/process.c:(448)
[2001/03/14 09:47:34, 1] smbd/reply.c:(925)
Rejecting user 'pkoch': authentication failed
[2001/03/14 09:47:34, 3] smbd/error.c:(133)0]
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:47:34, 3] smbd/process.c:(618)
Transaction 3 of length 152/negprot.c:(341)
[2001/03/14 09:47:34, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1272)341)
[2001/03/14 09:47:34, 3] smbd/reply.c:(804)
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:47:34, 3] smbd/reply.c:(809)s 3.1a]
sesssetupX:name=[PKOCH]smbd/negprot.c:(341)
[2001/03/14 09:47:34, 1] smbd/reply.c:(925)
Rejecting user 'pkoch': authentication failed
[2001/03/14 09:47:34, 3] smbd/error.c:(133)
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:47:34, 3] smbd/process.c:(856)
end of file from clientsmbd/process.c:(448)
[2001/03/14 09:47:34, 2] smbd/server.c:(408)
Closing connections 3] smbd/reply.c:(804)
Server exit (normal exit)bd/reply.c:(809)
[2001/03/14 09:57:26, 3] smbd/process.c:(618)
Transaction 1 of length 158/reply.c:(925)
[2001/03/14 09:57:26, 3] smbd/process.c:(448)ed
switch message SMBnegprot (pid 1297)(133)0]
[2001/03/14 09:57:26, 3] smbd/negprot.c:(341)tupX) eclass=2 ecode=2
Requested protocol [PC NETWORK PROGRAM 1.0]
[2001/03/14 09:57:26, 3] smbd/negprot.c:(341)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2001/03/14 09:57:26, 3] smbd/negprot.c:(341)
Requested protocol [DOS LM1.2X002]c:(804)
[2001/03/14 09:57:26, 3] smbd/negprot.c:(341)LanMan=[Windows 4.0]
Requested protocol [DOS LANMAN2.1]c:(809)s 3.1a]
[2001/03/14 09:57:26, 3] smbd/negprot.c:(341)
Requested protocol [Windows for Workgroups 3.1a]
[2001/03/14 09:57:26, 3] smbd/negprot.c:(341)ed
Requested protocol [NT LM 0.12]or.c:(133)
[2001/03/14 09:57:26, 3] smbd/negprot.c:(424)tupX) eclass=2 ecode=2
Selected protocol NT LM 0.12process.c:(856)
[2001/03/14 09:57:26, 3] smbd/process.c:(618)
Transaction 2 of length 155/server.c:(408)
[2001/03/14 09:57:26, 3] smbd/process.c:(448)
[2001/03/14 09:57:26, 3] smbd/reply.c:(804)
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:57:26, 3] smbd/reply.c:(809)
sesssetupX:name=[JRICHTER]d/process.c:(448)ed
[2001/03/14 09:57:26, 1] smbd/reply.c:(925)0]
Rejecting user 'jrichter': authentication failed eclass=2 ecode=2
[2001/03/14 09:57:26, 3] smbd/error.c:(133)0]
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:57:26, 3] smbd/process.c:(618)
Transaction 3 of length 155/negprot.c:(341)
[2001/03/14 09:57:26, 3] smbd/process.c:(448)
switch message SMBsesssetupX (pid 1297)341)LanMan=[Windows 4.0]
[2001/03/14 09:57:26, 3] smbd/reply.c:(804)s 3.1a]
Domain=[BGC] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2001/03/14 09:57:26, 3] smbd/reply.c:(809)s 3.1a]
sesssetupX:name=[JRICHTER]d/negprot.c:(341)ed
[2001/03/14 09:57:26, 1] smbd/reply.c:(925)
Rejecting user 'jrichter': authentication failed eclass=2 ecode=2
[2001/03/14 09:57:26, 3] smbd/error.c:(133)6)
error packet at line 642 cmd=115 (SMBsesssetupX) eclass=2 ecode=2
[2001/03/14 09:57:26, 3] smbd/process.c:(856)
end of file from clientsmbd/process.c:(448)
-------------------------
working machine:
> If while doing these tests, you notice that the problem is really specific
> to the username,
> not the machine type, you might want to check your smb.conf file to see
what
> you have your 'guest account =' set to. If it's not set explicitly , it
> defaults to 'nobody', which on an HP-UX machine is UID -2; this is going
to
> cause problems if your win98 users are actually comming in as 'guest' for
> some reason, smbd doesn't like negative uid/gid pairs, and will abort. If
> this is the case, create a 'dummy' user in your /etc/passwd file with a
> positive uid/gid pair, and set your 'guest account=' to that account
> instead.
>
> Hope this helps,
> Don
>
Many thanks for all the hints. Maybe you see something in the logs.
Currently I have no idea what'S going on here.
Bye, Peer
_________________________________________________________
Max-Planck-Institut fuer Biogeochemie
Dr. Peer-Joachim Koch
Carl-Zeiss-Promenade 10 Telefon: ++49 3641 6437-52
D-07745 Jena Telefax: ++49 3641 6437-10
More information about the samba
mailing list