[Samba] Linux server, Win2k client: Almost works, what am I missing?

Joel Hammer Joel at HammersHome.com
Wed May 15 18:52:02 GMT 2002

I don't use NT or win2000, but, this sounds like you are failing Test #10 in
DIAGNOSIS.txt in the source documents.
It suggests you enable encrypted passwords on the samba server.
Maybe you didn't do the hack properly. I would look at tcpdump during the
log on to see if you are really sending passwords in the clear. (BTW, I have
never tried this particular trick, but, it sounds easy.)


On Wed, May 15, 2002 at 07:35:32PM -0500, Kris Kelley wrote:
> Hello all.
> A couple of days back I posted a question about how I could get a Win2K
> client to mount a share from my linux Samba server.  I was getting the
> familiar "account is not authorized to log in from this station" error
> on the Win2K box, despite a set-up that supposedly allowed guest logins
> *and* implemented the registry hack for clear-text passwords on the
> Win2k box.
> While I didn't find a direct solution, Herb Lewis in particular was very
> helpful in offering suggestions.  I decided to abandon the RPM approach
> and install from the source package instead, if only to have better
> control over what extra features were enabled (bye-bye, PAM!).
> I've made some progress since then.  I am certain that the stumbling
> block I'm facing now is a real stupid one, but I'm brain-dead on finding
> the solution.
> My set up:  Red Hat Linux 7.1 (kernel 2.4.9) running Samba 2.2.4.  I
> compiled and installed using all the defaults, with one exception:  I
> enabled the smbmount feature.
> My configuration is pretty basic at the moment.  This is my smb.conf
> file:
>    [global]
>       workgroup = DEVGROUP
>       security = user
>       netbios name = skunkworx
>    [test]
>       comment = test share
>       path = /export/samba/test
>       read only = no
>       guest ok = yes
> /export/samba/test does exist, and has 777 permissions.
> At first, this is the only configuration of any kind that I did; I
> didn't even use smbpasswd to set up any Samba-specific user passwords.
> Once I fired up Samba, I tried to access it from a Win2k box, on which
> I'm logged in as DEVGROUP/skunk (user "skunk" also exists on the linux
> box, and the passwords are the same in both environments).  This failed
> with the usual "account is not authorized to log in from this station"
> error (clear text passwords are enabled on the Win2K box), and I only
> saw this in Samba's logs (level 2):
>    [2002/05/15 19:17:57, 2] smbd/reply.c:reply_special(91)
>      netbios connect: name1=SKUNKWORX        name2=WIN2KBOX        
>    [2002/05/15 19:17:57, 2] smbd/reply.c:reply_special(110)
>      netbios connect: local=skunkworx remote=nfstest
> However, when I used the "net use" CLI command to log in with user
> "nobody", supplying "nobody"'s password, it worked!  The share was
> successfully mounted, and I saw these entries in the Samba log:
>    [2002/05/15 19:18:29, 2] smbd/reply.c:reply_sesssetup_and_X(973)
>      Defaulting to Lanman password for nobody
>    [2002/05/15 19:18:29, 1] smbd/service.c:make_connection(651)
>      nfstest ( connect to service test as user nobody
>        (uid=99, gid=99) (pid 15247)
> I then tried putting "skunk" into Samba's user database using this
> command:
>    smbpasswd -a skunk <skunk's password>
> I still couldn't access the share as user "skunk", though; I got the
> same error message on the Win2K side and the same Samba log entries on
> the linux side.
> I should note that when I use smbclient, I can access the test share
> just fine as user "skunk" on the linux box.
> So, what obvious thing am I missing?  What allows user "nobody" to
> access the share from a Win2k box, but then denies all other users? 
> There is no Win2k user "nobody" within the DEVGROUP domain, if that
> provides any clue.
> Please let me know if more information is needed.  Any and all help is
> greatly appreciated!
> ---Kris Kelley
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list