[Samba] Re: I need in your help. SMB & 2 problems.

Bradley W. Langhorst brad at langhorst.com
Thu May 2 15:08:02 GMT 2002


On Thu, 2002-05-02 at 17:43, Artem Sokovtcev wrote:
> Hello!
> 
> I need in your help. I beginner in Linux using & my english is rather poor.
> Please help me. This is very important for me, because i am student & no
> have money to Commercial Support.
> 
don't bother to include samba-technical 
that is for development discussions 
> ****************
> 
> I have 2 PC in students network: first with Winwows 2000 Pro, second with
> Linux Mandrake 8.2 (My local address of  Linux PC \\192.168.150.128).
> I try tune Samba, so as get access from Winwows 2000 Pro PC to Linux
> Mandrake 8.2 PC via SMB  protocol.
> 
> I successfully doing this, but occurred some problems:
> ---------------------
> 
> 1. Access via authentification box (box with forms login & password) work
> properly only if i enable "enableplaintextpassword" in Windows registry.
> This is very bad - this is low security. I want using encrypted passwords! I
> disable using plain text passwords in Windows registry. I read documentation
> about Samba & paste 2 lines in smb.conf:
> 
>    encrypt passwords = yes
>    smb passwd file = /etc/samba/smbpasswd
>
make sure you reset the password on the samba machine
smbpasswd username
 
> After this i reboot both PC. And again nothing do not work properly - i not
> may get access (i recive authentification box with massage "password or
> login incorrect", although i insert right password & login!!!)
> 
> What i may doing, so as i work with encrypted passwords???
> 
> ---------------------
> 
> 2. When i point my Browser from Winwows 2000 Pro PC to \\192.168.150.128 i
> recive authentification box with login & password! It's ok!
> But if i enter "OK" batton i fall into the windows with 2 folders:
> "Printers" & "myshare". This is very bad! If somebody don't know login &
> password he is not must view list of folders "Printers" & "myshare", though
> what this is folders guarded another login & password!
> 
> My target:
> 
> When i point in my browser to the \\192.168.150.128 & if i don't know login
> & password i must view only authentification box agian & again, so far i not
> insert right login & password (no list shared folders! Only authentification
> box)!!!
> 
> If i kwon right password & login i must get access directly to "myshare"
> folder (Root folder of Linux PC). I must don't view folder with "Printers" &
> "myshare" folders. I must get access directly to root folder of Linux PC.
> 
> How i may doing this???
i think you're looking for the "browsable" parameter
> ---------------------
> 
> In additionaly inform:
> 
>  a)   My "smbpasswd" file is clear (0 bites).
no this needs to be populated
use smbpasswd -a username and set a password
>  b)   In my "smbusers" file i want one line:        root = administrator
> admin
right
>  c)   My username (my login) is "eika"
you should have this user in both the smbpasswd and the passwd files
>  d)   My smb.conf:
> 
> [global]
> 
>     workgroup = LINUXGROUP
>     netbios name = mycnfname
>     server string = Samba Server %v
> ;   printcap name = lpstat
>     load printers = no
> ;   printing = cups
> ;   printer admin = @adm
>     log file = /var/log/samba/log.%m
>     max log size = 50
this should be larger 
try 1000
> ;   guest account = nobody
> ;   security = user
> ;   password server = <NT-Server-Name>
> ;   password server = *
> ;   password level = 8
> ;   username level = 8
>     encrypt passwords = yes
>     smb passwd file = /etc/samba/smbpasswd
> ;   unix password sync = Yes
> ;   passwd program = /usr/bin/passwd %u
> ;   passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
> ;*passwd:*all*authentication*tokens*updated*successfully*
> ;   username map = /etc/samba/smbusers
> ;   include = /etc/samba/smb.conf.%m
> ;   winbind uid = 10000-20000
> ;   winbind gid = 10000-20000
> ;   winbind separator = +
> ;   template homedir = /home/%D/%U
> ;   template shell = /bin/bash
>     socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> ;   interfaces = 192.168.12.2/24 192.168.13.2/24
> ;   remote browse sync = 192.168.3.25 192.168.5.255
> ;   remote announce = 192.168.1.255 192.168.2.44
> ;   local master = no
> ;   os level = 33
> ;   domain master = yes
> ;   preferred master = yes
> ;   domain logons = yes
> ;   logon script = %m.bat
> ;   logon script = %U.bat
> ;   logon path = \\%L\Profiles\%U
> ;   logon home = \\%L\%U\.profile
> ;   add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine
> Account' -s /bin/false -M %u
> ;   add user script = /usr/sbin/useradd -s /bin/false %u
> ;   domain admin group = root @wheel
> ;   domain guest group = nobody @guest
> ;   name resolve order = wins lmhosts bcast
> ;   wins support = yes
> ;   wins server = w.x.y.z
> ;   wins proxy = yes
>     dns proxy = no
> ;   preserve case = no
> ;   short preserve case = no
> ;   default case = lower
> ;   case sensitive = no
> ;   client code page = 850
> ;   character set = ISO8859-1
> 
> #============================ Share Definitions
> ==============================
> [myshare]
>    comment = EIKA stuff
>    path = /
>    valid users = eika
>    public = no
add browsable = no here
>    writable = yes
>    printable = no
>    create mask = 0765
> 
enjoy samba!

brad





More information about the samba mailing list