[Samba] problems with samba share

Michael Wood esiotrot at gmail.com
Sun Feb 7 23:38:12 MST 2010 

On 8 February 2010 01:58, Alex Florescu <alex at acasa.ro> wrote:
> Hi everyone,
>
> I want to achieve the following setup:
>
> - have a share that is read-only and accessible for guest users;
>
> - have the same share be modified by an authenticated specific user.
>
> This is running on debian lenny, samba 3.2.5.
>
> My smb.conf is as follows:
>
> [global]
>   workgroup = WORKGROUP
>   netbios name = cast
>   remote announce = 192.168.1.99/WORKGROUP
>   server string = %h server
>   dns proxy = no
>   interfaces = eth0
>   hosts allow = 192.168.1.0/24
>  username map = /etc/samba/usermap
> security = share

I don't think you want "security = share".

>   client plaintext auth = yes
>   encrypt passwords = no
>  passdb backend = smbpasswd
> lanman auth = yes
>   client lanman auth = yes
>  load printers = no
>   printing = none
> socket options = TCP_NODELAY IPTOS_LOWDELAY
>
> [workplace]
>        comment = workplace
>        browseable = yes
>        path = /var/workplace
>        guest ok = yes
>        public = yes
>        read only = yes
>
> [admin]
>        comment = cristi admin
>        browseable = yes
>        path = /var/workplace
>        public = yes
>        guest ok = no
>        read only = no
>        writeable = yes
>        username = cristi
>        admin users = cristi
>        valid users = cristi
>
> I did smbpasswd -a cristi and also smbpasswd -e cristi. User cristi also has
> an account on the linux box. The passwords are the same. /etc/samba/usermap
> contains: cristi = cristi .
>
> I can access \\192.168.1.99\workplace <file:///\\192.168.1.99\workplace>
> without authentication, everything is read-only, as it should. When
> accessing \\192.168.1.99\admin <file:///\\192.168.1.99\admin> , I get a
> User\Password prompt, exactly the way I want it, but when typing cristi +
> password it says that the login is invalid. I also tried to map the share
> from windows, same thing.
>
>                The odd this is that if I issue  'smbclient -U cristi
> //192.168.1.99/admin'  on the server CLI it logs me in (with the following
> message: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.2.5] Server not using
> user level security and no password supplied.). That aside, I do have admin
> privileges.
>
>                But this works only when accessing from the server. If I am
> on another machine, it will fail. Logs say the following thing:
>
> check_ntlm_password:  Authentication for user [cristi] -> [cristi] FAILED
> with error NT_STATUS_LOGON_FAILURE
>
>  check_ntlm_password:  Checking password for unmapped user
> [WORKGROUP]\[cristi]@[192.168.1.13] with the new password interface
>
>  check_ntlm_password:  mapped user is: [CAST]\[cristi]@[192.168.1.13]
>
>  check_ntlm_password:  Authentication for user [cristi] -> [cristi] FAILED
> with error NT_STATUS_LOGON_FAILURE
>
>                So I am out of alternatives. I have tried almost every
> combination the past 4 days. Please don't suggest using security = user.

-- 
Michael Wood <esiotrot at gmail.com>

More information about the samba mailing list