[Samba] authentication problem with WinXP clients

Timothy Dutton tim.dutton at blueyonder.co.uk
Fri Oct 7 13:37:50 GMT 2005


Are you using your server as part of a domain if so I think that domain
master should be set to no

-----Original Message-----
From: Jouda Hrouda [mailto:mlszs at seznam.cz] 
Sent: 06 October 2005 15:01
To: samba at lists.samba.org
Subject: [Samba] authentication problem with WinXP clients


we have problem with user authentication when accessing shared folders at 
standalone Samba server (security=share) from Windows XP. 

There is no problem accessing public folders ("guest ok=yes" and "guest 
only=yes"). But when trying to access non-public folders ("guest ok=no" 
with valid users definition), username / password dialog appears, but
is always "servername/Guest" and is greyed out, so it can not be changed. 
Windows 2000 client is OK - user can enter whatever username in username

I know the difference between "share" and "user" security modes, which might

cause the unchangeable username. But it works in Win2000 ... and based on
specs none of them suits IMHO our objective: 
- to have public folders and folders with limited access on one server 
- don't annoy users with authentication when they want to access public
folders at all.
(username/password authentication should proceed only when clicking on
non-public folder).

Is this possible ? Like allow clients to send username in share mode or
require login to server in user mode first ? Or any other way ?



Just in case ... Samba version 3.0.20 and smb.conf:

server string = XXXXXX
netbios name = XXXXX
workgroup = XXXXXX
domain master = yes
local master = yes
preferred master = yes
os level = 127
wins support = yes

interfaces = eth0 lo
bind interfaces only = yes
hosts allow = 192.168.1. 127.
security = share
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
guest account = share

load printers = yes
printing = lprng
printcap name = /etc/printcap
max print jobs = 200
lpq cache time = 20
printer admin = user

syslog only = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
kernel oplocks = no

comment = All printers
path = /var/spool/print/samba
guest ok = yes
writeable = no
browsable = no
printable = yes
print command = /usr/bin/lpr -U%U@%M -r -P%p %s
lpq command = /usr/bin/lpq -U%U@%M -P%p
lprm command = /usr/bin/lprm -U%U@%M -P%p %j
lppause command = /usr/bin/lpc -U%U@%M hold %p %j
lpresume command = /usr/bin/lpc -U%U@%M release %p %j
queuepause command = /usr/bin/lpc -U%U@%M stop %p
queueresume command = /usr/bin/lpc -U%U@%M start %p

# Default folders

# internet presentation
path = /var/share/internet
guest ok = no
writable = yes
printable = no
valid users = +admins
create mode = 0664
directory mode = 0775
vfs objects = netatalk

# intranet presentation
path = /var/share/intranet
guest ok = no
writable = yes
printable = no
valid users = +share
create mode = 0664
directory mode = 0775
vfs objects = netatalk

# users shared data
path = /var/share/public
guest ok = yes
guest only = yes
writable = yes
printable = no
vfs objects = netatalk


More information about the samba mailing list