[Samba] Standalone Server with Wins -- Password Not Required
onWin/XP
Michelle Dupuis
support at ocg.ca
Sun Jan 13 16:36:28 GMT 2008
Try access your linux samba box by IP from windows (\\1.2.3.4) instead of by
name (\\servername). Same result?
> -----Original Message-----
> From: samba-bounces+support=ocg.ca at lists.samba.org
> [mailto:samba-bounces+support=ocg.ca at lists.samba.org] On
> Behalf Of Greg Sims
> Sent: Sunday, January 13, 2008 11:23 AM
> To: samba at lists.samba.org
> Subject: [Samba] Standalone Server with Wins -- Password Not
> Required onWin/XP
>
> I tried adding "guest ok = no" in the [homes] section below
> and got the same results.
>
> On first access from a WinXP Client, the system requests a
> userid and password. If you provide a userid and password,
> the system will Not allow you to view the shares. The only
> way (that I've found) to get passed this is to provide the
> userid Only -- this allows access to a window that contains
> the shares. Clicking on one of the share icons provides
> access to the shares without ever entering a password. This
> is the security issue we need help fixing.
>
> I'm looking forward to some feedback on this. Thanks! Greg
>
> -----Original Message-----
>
> Hi There,
>
> I created a standalone server on CentOS 5.1 with samba at 25b
> on an x86_64 system. The shares defined below are available
> to the windows xp clients on the 10.43.10.x/24 subnet. Samba
> also provides win server support to this subnet.
>
> We are having problems with password protection associated
> with the shares.
> The first access to the samba server requests a userid --
> this likely allows samba to understand which home share
> should be displayed. At this point, the client can access
> both the 'homes' share and the 'orr' share without ever
> entering a password -- this is a security issue for us.
>
> We need to figure out how to configure samba to enforce
> userid & password protection prior to allowing access to a
> share. Below is a copy of the smb.conf file that we are using
> for testing.
>
> [global]
>
> # workgroup and server identification
> workgroup = ORRRANCH
> server string =
> netbios name = ORR00
>
> interfaces = 10.43.10.0/24 lo
> bind interfaces only = yes
> hosts allow = 10.43.10. 127.0.0.
>
> # logs split per machine; max 50KB per log file, then rotate
> log file = /var/log/samba/%m.log
> max log size = 50
>
> # default user security, encrypted passwords and tdbsam
> security = user
> encrypt passwords = yes
> passdb backend = tdbsam
>
> # allow samba to be the domain master browser if possible
> local master = yes
> os level = 33
> preferred master = yes
> domain master = yes
>
> # samba is a wins server for the system; use wins first
> wins support =yes
> name resolve order = wins hosts bcast
>
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
> valid users = %S
> path = /samba/home/%S
>
> [orr]
> comment = Orr Ranch Share
> path = /samba/orr
> valid users = greg catherine sarah brandon
> guest ok = no
> writable = yes
> printable = no
> create mask = 0765
>
>
> Each of the 'valid users' have ids on the system and have
> used smbpasswd to create samba passwords. Nsswitch.conf has
> been modified to add 'wins' to the 'hosts' line to assist
> with names resolution.
>
> Any assistance would be appreciated!! Thanks, Greg
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list