[Samba] smbpasswd encryption (2.2.3a - RH 7.2 - kernel 2.4.7-10) Win2k

Diembo Linux at deschuen.de
Tue Feb 19 21:57:02 GMT 2002 

Hi listmembers,
due to a few very short but good tips from you guys and to much hassle with 
my firewall (ipchains) I finally got samba running as a server and client (I 
even made an update from source, just with normal ./configure, make, make 
install after uninstalling the previous version of course). 
With "encrypted passwords = no" everything is working fine (except for some 
minor things like smbfs). For my interest and my being paranoid about 
security ;-) I would like to set up encrypted passwords. I read my way 
through the encryption.html file and made all the recommended steps:

I ran the shell script:
cat passwd | mksmbpasswd.sh > /usr/local/samba/private/smbpasswd

I added the following to smb.conf:
# smb.conf
[global]
	encrypt passwords = yes
	smb passwd file = /etc/samba/smbpasswd

I thought that would be all I would have to do! But now not very much is 
working. I can connect to my samba server from my win2k-box as an anonymous 
user to a share I have set up for testing the general thing. But I cannot 
connect to a restricted share with a password, neither from my linux-box nor 
from the win2k-box. I always get:

Anonymous login successful
Domain=[HEUER] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
tree connect failed: NT_STATUS_ACCESS_DENIED

when I want to connect to the win2k-box from linux (smbclient 
//<win2k-box>/<share> -U <mydefaultusername>) and:

Anonymous login successful
Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 2.2.3a]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME
 
for "smbclient //linux/homes -U <myusername>"

I have all the users on BOTH mashines! I also tried to change the password 
from one user to "NO PASSWORDXXXXX..." in the smbpasswd file I gererated with 
the command above and tried connecting with that user an no password.

I am sort of getting somewhere but still not as content as I could be ;-). I 
also think that the ENCRYPTION-docs aren't very helpfull or I am just too 
dumb. So, could anybody PLEASE help me in this issue! I am sure it's not a 
firewall-issue now, my netbios-name-resolving is functioning great with my 
wins-server (and an open firewall on those ports with a broadcast signal 
192.168.0.255, nmblookup works and I can "ping <nameoflinuxbox>" now from my 
win2k-box)

Thanks so far.
-- 
Diembo working @ Linux :-P

More information about the samba mailing list