[Samba] Cannot connect from XP to Samba: Password prompt repeated

Bruce Lane kyrrin at bluefeathertech.com
Sat Jan 16 02:28:57 MST 2010

Fellow samba folk,

	This one's making me want to tear out what little hair I have left.

	THE *NIX PLATFORM: FreeBSD 7.0-RELEASE, Samba 3.3.8.

	THE ENVIRONMENT: Small domain, Windows 2003 servers and XP-pro based workstations. The FreeBSD server is a member server in the domain, so at least that works.

	THE SYMPTOMS: This is bizarre. I can, using mount_smbfs on the FreeBSD side, easily connect to shares on the Windows server. No hassle, no pain. It Just Works.

	HOWEVER -- When I try to connect to a share on the Samba side from any Windows system, I get repeated requests for the username and password, and no combination of such (not even one which I know to be valid) wants to work.

	Here's the paste from my smb.conf file. To save space, I have removed the sections I'm not using (as in the ones which I left commented out).

#======================= Global Settings =====================================

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
   workgroup = BFT-INT

# server string is the equivalent of the NT Description field
   server string = BFT Web Server

# Security mode. Defines in which mode Samba will operate. Possible 
# values are share, user, server, domain and ads. Most people will want 
# user level security. See the Samba-HOWTO-Collection for details.
   security = ads
   password server = haku2.int.bluefeathertech.com
   client use spnego = yes

# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
   hosts allow = 192.168.42. 127.

# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
   load printers = no

# Put a capping on the size of the log files (in Kb).
   max log size = 50

# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
   realm = int.bluefeathertech.com 

# Backend to store user information in. New installations should 
# use either tdbsam or ldapsam. smbpasswd is available for backwards 
# compatibility. tdbsam requires no further configuration.
   passdb backend = tdbsam

# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
   interfaces = 

# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
   local master = no

# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
   os level = 33

# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
   domain master = no 

# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
   preferred master = no

# Enable this if you want Samba to be a domain logon server for 
# Windows95 workstations. 
   domain logons = no

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
   wins support = no

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
#       Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
   wins server =

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
   dns proxy = no 

#============================ Share Definitions ==============================
   comment = Featherweb doc directories 
   path = /usr/local/www/htdocs
   browseable = yes
   writable = yes
   valid users = kyrrin jlanfri kathy
   write list = @www @wheel
   create mask = 0755

   comment = Featherweb logging
   path = /var/log
   browseable = yes
   writable = no
   valid users = kyrrin jlanfri kathy



	What puzzles me is this was working just fine for months, and then it failed for no apparent reason.

	Any guesses?

	Thanks much.

Bruce Lane, Owner & Head Hardware Heavy,
Blue Feather Technologies -- http://www.bluefeathertech.com
kyrrin (at) bluefeathertech do/t c=o=m
"Quid Malmborg in Plano..."

More information about the samba mailing list