[Samba] smbclient does not connect anonymously localy on fresh
install
jcdole at free.fr
jcdole at free.fr
Thu Jul 24 20:31:07 GMT 2008
Hi.
Seems impossible that smbclient can connect anonymously if ldap is not
configured and started.
Now that I have configured ldap, I can connect anonymously.
If it is not a bug, the documentation is poorly written.
Thank you for your help
LINUX-SRV:~ # smbclient -L localhost -N
Anonymous login successful
Domain=[HATHOR.NWK] OS=[Unix] Server=[Samba 3.2.0-24.1.123-1844-SUSE-SL10.3]
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
publique Disk Répertoire publique de partage
users Disk Repertoire Privé à chaque utilisateur
groups Disk All groups
echange Disk echange (Répertoire systeme partagé)
make_cd Disk make cd (Répertoire systeme partagé)
photo Disk photo (Répertoire systeme partagé)
archive Disk archive (Répertoire systeme partagé)
backup Disk backup (Répertoire systeme partagé)
dos_data1 Disk dos_echange (Répertoire systeme partagé)
dos_data2 Disk data1 (Répertoire systeme partagé)
IPC$ IPC IPC Service (HATHOR Samba-LDAP PDC Server)
LINUX-HL1250 Printer HL1250 sur print-server netgear
HL1250-DIRECT Printer HL1250 sur print server netgear
Anonymous login successful
Domain=[HATHOR.NWK] OS=[Unix] Server=[Samba 3.2.0-24.1.123-1844-SUSE-SL10.3]
Server Comment
--------- -------
LINUX-SRV HATHOR Samba-LDAP PDC Server
Workgroup Master
--------- -------
WORKGROUP PC-JC
HATHOR.NWK LINUX-SRV
LINUX-SRV:~ #
Thank you for your help.
Selon Scott Lovenberg <scott.lovenberg at gmail.com>:
> OK, humor me on this one, but can you ping 'localhost'? I see that
> 127.0.0.1 works, but does it resolve to the name 'localhost', as well?
> If so, would you be able to provide smb logs during access attempts?
>
> jcdole at free.fr wrote:
> > Hi.
> >
> > Have try.
> >
> > No change.
> >
> > "smbclient -L localhost -N" does not connect.
> >
> >
> > Selon Scott Lovenberg <scott.lovenberg at gmail.com>:
> >
> >> I believe you need a "|map to guest = bad user" and/or "guest account =
> >> nobody" for anonymous access to be automated.|
> >>
> >>
> >> jcdole at free.fr wrote:
> >>
> >>> Hello.
> >>>
> >>> I have some problem, with a new configuration on a new PC.
> >>> I want to setup a SAMBA PDC using an HOWTO.
> >>> This howto was working on OPENSUSE 10.1 with a X86 processor and I have
> >>>
> >> used it
> >>
> >>> a lot of time.
> >>>
> >>> Now I use OPENSUSE 10.3.
> >>> The new PC run a X64 processor.
> >>>
> >>> After the fresh install and following :
> >>> http://samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html
> >>> I could not make smbclient connecting samba anonymously from the server
> >>> (localy).
> >>>
> >>> I use ldap, but for the moment ldap is not configured and not started.
> >>> But smb.conf is configured for using ldap :
> >>> passdb backend = ldapsam:ldap://127.0.0.1
> >>>
> >>> I was thinking that smbclient can connect localy anonymously even if ldap
> >>>
> >> is not
> >>
> >>> running.
> >>> What is wrong?
> >>>
> >>>
> >>>
> >>> . uname -r
> >>> . --------
> >>> 2.6.22.18-0.2-default
> >>> .
> >>> .
> >>> . rpm -aq | grep samba
> >>> . --------------------
> >>> samba-client-3.2.0-24.1.123
> >>> samba-doc-3.2.0-24.1.123
> >>> samba-krb-printing-3.2.0-24.1.123
> >>> yast2-samba-client-2.15.11-33
> >>> samba-3.2.0-24.1.123
> >>> yast2-samba-server-2.15.7-57
> >>> samba-python-3.0.26a-3.7
> >>> samba-devel-3.2.0-24.1.123
> >>> kdebase3-samba-3.5.7-87.5
> >>> samba-winbind-3.2.0-24.1.123
> >>> .
> >>> .
> >>> . rpm -aq | grep ldap
> >>> . -------------------
> >>> python-ldap-2.3.1-18
> >>> perl-ldap-0.33-81
> >>> pam_ldap-184-48
> >>> yast2-ldap-2.15.1-83
> >>> openldap2-devel-2.3.41-2.1
> >>> ldapcpplib-0.0.4-95
> >>> yast2-ldap-client-2.15.12-37
> >>> php5-ldap-5.2.6-0.1
> >>> openldap2-client-2.3.41-2.1
> >>> ldap-account-manager-2.3.0-0.pm.0
> >>> yast2-ldap-server-2.15.5-76
> >>> openldap2-2.3.41-1.1
> >>> ldapsmb-1.34b-110.8.123
> >>> nss_ldap-257-17
> >>> perl-ldap-ssl-0.33-81
> >>> .
> >>> .
> >>> . iptables -L -v
> >>> . --------------
> >>> Chain INPUT (policy ACCEPT 402K packets, 24M bytes)
> >>> pkts bytes target prot opt in out source
> >>>
> >> destination
> >>
> >>> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> >>> pkts bytes target prot opt in out source
> >>>
> >> destination
> >>
> >>> Chain OUTPUT (policy ACCEPT 401K packets, 17M bytes)
> >>> pkts bytes target prot opt in out source
> >>>
> >> destination
> >>
> >>> .
> >>> .
> >>> . ping -c 5 127.0.0.1
> >>> . -------------------
> >>> PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
> >>> 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.077 ms
> >>> 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.091 ms
> >>> 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.043 ms
> >>> 64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.056 ms
> >>> 64 bytes from 127.0.0.1: icmp_seq=5 ttl=64 time=0.043 ms
> >>>
> >>> --- 127.0.0.1 ping statistics ---
> >>> 5 packets transmitted, 5 received, 0% packet loss, time 4003ms
> >>> rtt min/avg/max/mdev = 0.043/0.062/0.091/0.019 ms
> >>> .
> >>> .
> >>> . ping -c 5 LINUX-SRV
> >>> . -------------------
> >>> PING LINUX-SRV.HATHOR.NWK (127.0.0.2) 56(84) bytes of data.
> >>> 64 bytes from LINUX-SRV.HATHOR.NWK (127.0.0.2): icmp_seq=1 ttl=64
> >>>
> >> time=0.098 ms
> >>
> >>> 64 bytes from LINUX-SRV.HATHOR.NWK (127.0.0.2): icmp_seq=2 ttl=64
> >>>
> >> time=0.067 ms
> >>
> >>> 64 bytes from LINUX-SRV.HATHOR.NWK (127.0.0.2): icmp_seq=3 ttl=64
> >>>
> >> time=0.055 ms
> >>
> >>> 64 bytes from LINUX-SRV.HATHOR.NWK (127.0.0.2): icmp_seq=4 ttl=64
> >>>
> >> time=0.067 ms
> >>
> >>> 64 bytes from LINUX-SRV.HATHOR.NWK (127.0.0.2): icmp_seq=5 ttl=64
> >>>
> >> time=0.052 ms
> >>
> >>> --- LINUX-SRV.HATHOR.NWK ping statistics ---
> >>> 5 packets transmitted, 5 received, 0% packet loss, time 4001ms
> >>> rtt min/avg/max/mdev = 0.052/0.067/0.098/0.019 ms
> >>> .
> >>> .
> >>> . ping -c 5 192.168.169.100
> >>> . -------------------------
> >>> PING 192.168.169.100 (192.168.169.170) 56(84) bytes of data.
> >>> 64 bytes from 192.168.169.170: icmp_seq=1 ttl=64 time=0.078 ms
> >>> 64 bytes from 192.168.169.170: icmp_seq=2 ttl=64 time=0.082 ms
> >>> 64 bytes from 192.168.169.170: icmp_seq=3 ttl=64 time=0.041 ms
> >>> 64 bytes from 192.168.169.170: icmp_seq=4 ttl=64 time=0.061 ms
> >>> 64 bytes from 192.168.169.170: icmp_seq=5 ttl=64 time=0.038 ms
> >>>
> >>> --- 192.168.169.170 ping statistics ---
> >>> 5 packets transmitted, 5 received, 0% packet loss, time 4002ms
> >>> rtt min/avg/max/mdev = 0.038/0.060/0.082/0.018 ms
> >>> .
> >>> .
> >>> . netstat -an | egrep '(:137|:138|:139|:445)'
> >>> . -------------------------------------------
> >>> tcp 0 0 0.0.0.0:139 0.0.0.0:*
> LISTEN
> >>> tcp 0 0 0.0.0.0:445 0.0.0.0:*
> LISTEN
> >>> udp 0 0 192.168.169.170:137 0.0.0.0:*
> >>> udp 0 0 0.0.0.0:137 0.0.0.0:*
> >>> udp 0 0 192.168.169.170:138 0.0.0.0:*
> >>> udp 0 0 0.0.0.0:138 0.0.0.0:*
> >>> .
> >>> .
> >>> . nmap -p 1-65535 localhost
> >>> . -------------------------
> >>>
> >>> Starting Nmap 4.20 ( http://insecure.org ) at 2008-07-23 12:10 CEST
> >>> Interesting ports on localhost (127.0.0.1):
> >>> Not shown: 65526 closed ports
> >>> PORT STATE SERVICE
> >>> 22/tcp open ssh
> >>> 23/tcp open telnet
> >>> 25/tcp open smtp
> >>> 80/tcp open http
> >>> 111/tcp open rpcbind
> >>> 139/tcp open netbios-ssn
> >>> 445/tcp open microsoft-ds
> >>> 631/tcp open ipp
> >>> 901/tcp open samba-swat
> >>>
> >>> Nmap finished: 1 IP address (1 host up) scanned in 4.782 seconds
> >>> .
> >>> .
> >>> . testparm
> >>> . --------
> >>> [global]
> >>> dos charset = 850
> >>> unix charset = ISO8859-1
> >>> workgroup = HATHOR.NWK
> >>> server string = HATHOR Samba-LDAP PDC Server
> >>> interfaces = eth0, lo
> >>> passdb backend = ldapsam:ldap://127.0.0.1
> >>> username map = /etc/samba/smbusers
> >>> log level = 1024
> >>> log file = /var/log/samba/%m.log
> >>> max log size = 10000
> >>> time server = Yes
> >>> deadtime = 10
> >>> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> >>> printcap name = cups
> >>> add user script = /usr/local/sbin/smbldap-useradd -m "%u"
> >>> delete user script = /usr/local/sbin/smbldap-userdel "%u"
> >>> add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> >>> add user to group script = /usr/local/sbin/smbldap-groupmod -m "%g" "%u"
> >>> delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%g"
> >>>
> >> "%u"
> >>
> >>> set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" %u
> >>> logon script = scripts\logon.bat
> >>> logon path = \\%L\Profiles\%U
> >>> logon drive = V:
> >>> logon home = \\%L\%U
> >>> domain logons = Yes
> >>> os level = 255
> >>> preferred master = Yes
> >>> domain master = Yes
> >>> wins support = Yes
> >>> ldap admin dn = cn=Ldap_Admin,dc=ldap_hathor,dc=nwk
> >>> ldap group suffix = ou=Groups
> >>> ldap idmap suffix = ou=Idmap
> >>> ldap machine suffix = ou=Computers,ou=Users
> >>> ldap passwd sync = Yes
> >>> ldap suffix = dc=ldap_hathor,dc=nwk
> >>> ldap ssl = no
> >>> ldap user suffix = ou=People,ou=Users
> >>> idmap uid = 15000-20000
> >>> idmap gid = 15000-20000
> >>> create mask = 0640
> >>> directory mask = 0750
> >>> hosts allow = 192.168.169., 127.0.0.
> >>> nt acl support = No
> >>> cups options = raw
> >>> case sensitive = No
> >>> hide unreadable = Yes
> >>> dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
> >>>
> >>> .
> >>> .
> >>> . smbclient -L localhost -N
> >>> . -------------------------
> >>> session setup failed: Call timed out: server did not respond after 20000
> >>> milliseconds
> >>> .
> >>> .
> >>> . nmblookup -B LINUX-SRV __SAMBA__
> >>> . --------------------------------
> >>> Received a packet of len 62 from (127.0.0.2) port 137
> >>> nmb packet from 127.0.0.2(137) header: id=16583 opcode=Query(0)
> >>>
> >> response=Yes
> >>
> >>> header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
> >>> header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
> >>> answers: nmb_name=__SAMBA__<00> rr_type=32 rr_class=1 ttl=259200
> >>> answers 0 char `....d hex 6000C0A88264
> >>> Got a positive name query response from 127.0.0.2 ( 192.168.169.170 )
> >>> 192.168.169.170 __SAMBA__<00>
> >>> LINUX-SRV:~ #
> >>> .
> >>> .
> >>> . nmblookup -B LINUX-SRV '*'
> >>> . --------------------------
> >>> Received a packet of len 62 from (127.0.0.2) port 137
> >>> nmb packet from 127.0.0.2(137) header: id=30342 opcode=Query(0)
> >>>
> >> response=Yes
> >>
> >>> header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
> >>> header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
> >>> answers: nmb_name=*<00> rr_type=32 rr_class=1 ttl=259200
> >>> answers 0 char `....d hex 6000C0A88264
> >>> Got a positive name query response from 127.0.0.2 ( 192.168.169.170 )
> >>> 192.168.169.170 *<00>
> >>> LINUX-SRV:~ #
> >>> .
> >>> .
> >>> . nmblookup -d 2 '*'
> >>> . ------------------
> >>> added interface eth0 ip=192.168.169.170 bcast=192.168.169.255
> >>> netmask=255.255.255.0
> >>> added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
> >>> querying * on 192.168.169.255
> >>> Got a positive name query response from 192.168.169.170 ( 192.168.169.170
> )
> >>> 192.168.169.170 *<00>
> >>> LINUX-SRV:~ #
> >>> .
> >>> .
> >>> . smbclient -L //LINUX-SRV/publique -Uroot_user%a_password
> >>> . --------------------------------------------------------
> >>> Receiving SMB: Server stopped responding
> >>> session setup failed: Call timed out: server did not respond after 20000
> >>> milliseconds
> >>> .
> >>> .
> >>> Terminé
> >>>
> >>>
> >>>
> >
> >
> >
>
>
More information about the samba
mailing list