[Samba] smbpasswd encryption (2.2.3a - RH 7.2 - kernel 2.4.7-10) Win2k
Diembo
Linux at deschuen.de
Tue Feb 19 21:57:02 GMT 2002
Hi listmembers,
due to a few very short but good tips from you guys and to much hassle with
my firewall (ipchains) I finally got samba running as a server and client (I
even made an update from source, just with normal ./configure, make, make
install after uninstalling the previous version of course).
With "encrypted passwords = no" everything is working fine (except for some
minor things like smbfs). For my interest and my being paranoid about
security ;-) I would like to set up encrypted passwords. I read my way
through the encryption.html file and made all the recommended steps:
I ran the shell script:
cat passwd | mksmbpasswd.sh > /usr/local/samba/private/smbpasswd
I added the following to smb.conf:
# smb.conf
[global]
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
I thought that would be all I would have to do! But now not very much is
working. I can connect to my samba server from my win2k-box as an anonymous
user to a share I have set up for testing the general thing. But I cannot
connect to a restricted share with a password, neither from my linux-box nor
from the win2k-box. I always get:
Anonymous login successful
Domain=[HEUER] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
tree connect failed: NT_STATUS_ACCESS_DENIED
when I want to connect to the win2k-box from linux (smbclient
//<win2k-box>/<share> -U <mydefaultusername>) and:
Anonymous login successful
Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 2.2.3a]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME
for "smbclient //linux/homes -U <myusername>"
I have all the users on BOTH mashines! I also tried to change the password
from one user to "NO PASSWORDXXXXX..." in the smbpasswd file I gererated with
the command above and tried connecting with that user an no password.
I am sort of getting somewhere but still not as content as I could be ;-). I
also think that the ENCRYPTION-docs aren't very helpfull or I am just too
dumb. So, could anybody PLEASE help me in this issue! I am sure it's not a
firewall-issue now, my netbios-name-resolving is functioning great with my
wins-server (and an open firewall on those ports with a broadcast signal
192.168.0.255, nmblookup works and I can "ping <nameoflinuxbox>" now from my
win2k-box)
Thanks so far.
--
Diembo working @ Linux :-P
More information about the samba
mailing list