[Samba] Anonymous access in windows 2003 sp1

=?big5?B?TGF0cmVsbCBXYW5nIKT9xG269Q==?= Latrell.Wang at zyxel.com.tw
Fri Dec 8 09:09:37 GMT 2006 

Hi all

After I joined domain, I want to mount a share using domain account, the =
following is my command:
smbmount //172.23.26.83/share1 /tmp/sp1/ -o =
username=3Dadministrator,password=3Dpassword
What I got was :
3231: tree connect failed: ERRDOS - ERRnoaccess (Access denied.)
SMB connection failed

The detail debug messages are as follows:
mount.smbfs started (version 3.0.23d)
added interface ip=3D172.23.26.83 bcast=3D172.23.26.255 =
nmask=3D255.255.255.0
Connecting to 172.23.26.83 at port 445
socket option SO_KEEPALIVE =3D 0
socket option SO_REUSEADDR =3D 0
socket option SO_BROADCAST =3D 0
socket option TCP_NODELAY =3D 1
socket option TCP_KEEPCNT =3D 9
socket option TCP_KEEPIDLE =3D 7200
socket option TCP_KEEPINTVL =3D 75
socket option IPTOS_LOWDELAY =3D 0
socket option IPTOS_THROUGHPUT =3D 0
socket option SO_SNDBUF =3D 50160
socket option SO_RCVBUF =3D 87378
socket option SO_SNDLOWAT =3D 1
socket option SO_RCVLOWAT =3D 1
socket option SO_SNDTIMEO =3D 0
socket option SO_RCVTIMEO =3D 0
3231: session request ok
write_socket(3,183)
write_socket(3,183) wrote 183
got smb length of 85
size=3D85
smb_com=3D0x72
smb_rcls=3D0
smb_reh=3D0
smb_err=3D0
smb_flg=3D136
smb_flg2=3D49153
smb_tid=3D0
smb_pid=3D3231
smb_uid=3D0
smb_mid=3D1
smt_wct=3D17
smb_vwv[ 0]=3D    7 (0x7)
smb_vwv[ 1]=3D12803 (0x3203)
smb_vwv[ 2]=3D  256 (0x100)
smb_vwv[ 3]=3D 1024 (0x400)
smb_vwv[ 4]=3D   65 (0x41)
smb_vwv[ 5]=3D    0 (0x0)
smb_vwv[ 6]=3D  256 (0x100)
smb_vwv[ 7]=3D40960 (0xA000)
smb_vwv[ 8]=3D   12 (0xC)
smb_vwv[ 9]=3D64768 (0xFD00)
smb_vwv[10]=3D33011 (0x80F3)
smb_vwv[11]=3D    0 (0x0)
smb_vwv[12]=3D53722 (0xD1DA)
smb_vwv[13]=3D42882 (0xA782)
smb_vwv[14]=3D50970 (0xC71A)
smb_vwv[15]=3D 8193 (0x2001)
smb_vwv[16]=3D 2302 (0x8FE)
smb_bcc=3D16
[000] 69 A0 DB 89 48 E0 65 C6  4E 00 41 00 53 00 00 00  i...H.e. =
N.A.S...
size=3D85
smb_com=3D0x72
smb_rcls=3D0
smb_reh=3D0
smb_err=3D0
smb_flg=3D136
smb_flg2=3D49153
smb_tid=3D0
smb_pid=3D3231
smb_uid=3D0
smb_mid=3D1
smt_wct=3D17
smb_vwv[ 0]=3D    7 (0x7)
smb_vwv[ 1]=3D12803 (0x3203)
smb_vwv[ 2]=3D  256 (0x100)
smb_vwv[ 3]=3D 1024 (0x400)
smb_vwv[ 4]=3D   65 (0x41)
smb_vwv[ 5]=3D    0 (0x0)
smb_vwv[ 6]=3D  256 (0x100)
smb_vwv[ 7]=3D40960 (0xA000)
smb_vwv[ 8]=3D   12 (0xC)
smb_vwv[ 9]=3D64768 (0xFD00)
smb_vwv[10]=3D33011 (0x80F3)
smb_vwv[11]=3D    0 (0x0)
smb_vwv[12]=3D53722 (0xD1DA)
smb_vwv[13]=3D42882 (0xA782)
smb_vwv[14]=3D50970 (0xC71A)
smb_vwv[15]=3D 8193 (0x2001)
smb_vwv[16]=3D 2302 (0x8FE)
smb_bcc=3D16
[000] 69 A0 DB 89 48 E0 65 C6  4E 00 41 00 53 00 00 00  i...H.e. =
N.A.S...
write_socket(3,142)
write_socket(3,142) wrote 142
got smb length of 64
size=3D64
smb_com=3D0x73
smb_rcls=3D0
smb_reh=3D0
smb_err=3D0
smb_flg=3D136
smb_flg2=3D16385
smb_tid=3D0
smb_pid=3D3231
smb_uid=3D100
smb_mid=3D2
smt_wct=3D3
smb_vwv[ 0]=3D  255 (0xFF)
smb_vwv[ 1]=3D    0 (0x0)
smb_vwv[ 2]=3D    1 (0x1)
smb_bcc=3D23
[000] 55 6E 69 78 00 53 61 6D  62 61 20 33 2E 30 2E 32  Unix.Sam ba =
3.0.2
[010] 31 63 00 4E 41 53 00                              1c.NAS.
3231: session setup ok
write_socket(3,76)
write_socket(3,76) wrote 76
got smb length of 35
size=3D35
smb_com=3D0x75
smb_rcls=3D1
smb_reh=3D0
smb_err=3D5
smb_flg=3D136
smb_flg2=3D1
smb_tid=3D0
smb_pid=3D3231
smb_uid=3D100
smb_mid=3D3
smt_wct=3D0
smb_bcc=3D0
3231: tree connect failed: ERRDOS - ERRnoaccess (Access denied.)
SMB connection failed

The cifs mount also can't work:
mount error 13 =3D Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

Could someone help me? Is there's a solution other than add anonymous =
logon to per-window2 2000 security group (because security issue.)?
Thanks a lot,

Latrell.



-----Original Message-----
From: samba-bounces+latrell.wang=3Dzyxel.com.tw at lists.samba.org =
[mailto:samba-bounces+latrell.wang=3Dzyxel.com.tw at lists.samba.org] On =
Behalf Of Latrell Wang =A4=FD=C4m=BA=F5
Sent: Wednesday, December 06, 2006 2:51 PM
To: samba at lists.samba.org
Subject: [Samba] Anonymous access in windows 2003 sp1

Hi all:

=20

As far as I know, win2k3 sp1 disable anonymous access by default. It =
will remove user =A1=A7anonymous logon=A1=A8 from pre-windows 2000 =
compatible access group.

Under such circumstance, smbmount will not success because anonymous =
access will be blocked. One way to solve the problem is to re-add =
anonymous logon to pre-windows 2000 compatible access group. However, it =
seems to be a security hole. Does anyone encounter the same problem? How =
do you get around the problem?

My samba version is 3.0.21c.=20

=20

Thanks for any replies,

Latrell

--=20
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list