[Samba] SMB gurus: please help - I am desperate.

Linux Lover linuxlover992000 at yahoo.com
Fri Mar 5 18:00:33 GMT 2004


I apologize up front for re-posting this, but I need
to find a solution to this problem. I have been having
hard time to believe that there isn't one person among
the SMB gurus that doesn't know how a W2K client
connects to an SMB server. So, if you happen to know
even the slightest hint to this baffling problem, I
would be forever grateful.

OK. Here goes (original subject line was: "Why does a
W2K (pro) client do more than it is asked to do?")

Desperate to find out why connecting to a samba
share(on an AIX server) from W2K is so slow, I tried
connecting to the same share from a Linux box, using
smbclient:

smbclient \\\\aixserver\\sharedir$ -U lynn

The results were amazing. The connection was so MUCH
FASTER then connecting from a W2K (pro) workstation:

\\aixserver\sharedir$ (in the Start|Run edit box)


When I examined the samba log files on the server, I
could see why.

The log file for the Linux client contained a single
entry:

[2004/02/23 11:55:35, 1]
smbd/service.c:make_connection(636) linuxbox
(192.168.0.4) connect to service sharedir$ as user
lynn (uid=21776, gid=1) (pid 125438)

So clean, so elegant, so beautiful! :)

OTOH, the log file for the W2K client contained an
entry similar to the above, but was immediately
followed by about 30 messages of the form:

[2004/02/23 11:59:03, 0] smbd/password.c:user_ok(683) 
rejected user nobody:3004-302 Your account has
expired; please see the system administrator.
  
Now... my question: Why? What does the W2K client do
that triggers this barrage of rejected authentications
of a user 'nobody' (that is clearly not allowed to
enter)?

More importantly, is there a way to configure EITHER
the W2K client or the Samba server (or both) to not
waste time on these unallowed accesses?

Since smbclient produces such a clean entry, I would
assume the fix must be on the client side (W2K) only.
But I would take any advice. :)

Please note that I am not allowed (in my corporate
environment) to enable the guest account on this
machine. Therefore, the solution must not involve
enabling the guest account (if there is such a
solution).

My smb.conf global section has security=user (actually
no 'security' entry, it simply takes the default,
which is 'user').

The settings of the share are:

[sharedir$]
  comment = %h shared dir
  path = /home/shared
  valid users = +sambagrp techsup
  browseable = No

That's it. Any other settings are implied by taking
the defaults. User account 'lynn' is a member of the
group 'sambagrp' and as you can see from the original
posting, it successfully authenticates from both a W2K
client and a Linux client. 'techsup' is a special user
account (may or may not be a member of 'sambagrp').

I hope this can give further clues to solving the
mystery.


Thanks in advance,
Lynn (Samba 2.2.8a on AIX 5.1)

__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster
http://search.yahoo.com


More information about the samba mailing list