differences between samba 2 and 3 smb-client?

Neil Loffhagen neilloffhagen at gmail.com
Thu Jul 12 14:10:00 GMT 2007 

I thought that samba could handle encrypted passwords?
Certainly have the following in my smb.conf file:
encrypt passwords = yes

I must admit to being a bit confused about Windows 2003 being more
secure than 2000.  I understand that is the case, but then why can
Samba 2 connect to 2000 and 2003 shares, but samba 3 can only connect
to 2000 shares and not 2003?  Surely the Samba versions have not
become less functional?

I'm probably missing something here. If someone could explain what has
been changes would appreciate it, as don't think we are going to get
the windows guys to lessen the security on their windows servers.

Many thanks,

Neil.


On 11/07/07, Ioan NIKY Pricop < pniky at yahoo.com> wrote:
>
>
> I remember I had once the same problem and it all went down to the problem that Win2003 wanted the passwords encripted and Samba sent them unencripted or so... I remember I changed some registry entry or policy regerding the acceptance of unencripted passwords.
>
>  Ioan (John) NIKY Pricop
> Bucharest - ROMANIA
> pniky at yahoo.com
>
>
>
> ----- Original Message ----
> From: Neil Loffhagen < neilloffhagen at gmail.com>
> To: Conrad Lawes <pxeboot at gmail.com>
> Cc: smb-clients at lists.samba.org
> Sent: Wednesday, July 11, 2007 12:30:49 PM
> Subject: Re: differences between samba 2 and 3 smb-client?
>
> Hi Conrad,
>
> Apprecaite the reply.  I've tried both  -t smbfs and the cifs and only the -t smbfs works with the old windows 2000 servers.  But they both still fail with the windows 2003 servers, so now I've got to persuade the windows guys to relax the security on their boxes which I don't think they will be happy about.  Do you know by chance which security policy is needed to be relaxed, as if I just go and ask a general question about relaxing security not sure if I'll get much favours from them :)
>
> Thanks again for pointing on the right track.
>
> Neil.
>
>
> On 10/07/07, Conrad Lawes < pxeboot at gmail.com > wrote:
> >
> > Neil,  you're looking at the wrong side of the spectrum.   The problem you're seeing is not so much with Samba client version as it is with shares you're trying to access.
> >
> > Out of the box, Windows 2003 is a lot more secure than its predecessor, Windows 2000.  By default, Windows 2003 does not support NTLM-based authentication scheme while Windows 2000 does.  As  a result, "legacy" clients, Linux included,  will fail to authenticate with Windows 2003 systems.  Luckily, you can relax some of the security policies of Win2k3 to accommodate these clients.
> >
> > Further more, smbmount has been replaced with "mount -t smbfs" which in turn as been replaced with "mount -t cifs"
> >
> > So I believe you should see better results using:
> >
> > # mount -t smbfs -o username=<username>  //<win2k3server/sharename   /mountpoint
> >
> > OR better still:
> >
> >
> > # mount -t cifs -o username=<username>  //<win2k3server/sharename   /mountpoint
> >
> >
> >
> >
> > On 7/10/07, Neil Loffhagen < neilloffhagen at gmail.com > wrote:
> > > Hi,
> > >
> > > We have an old Linux box running Redhat 7.2 that make connections to shares on windows 2000 and 2003 servers.  All is working fine here.  It is running samba-client-2.2.1a-4.
> > >
> > > I have been tasked to replace this server with updated hardware etc.  I have a Linux box that is now running RHEL 4 with samba-client-3.0.10-1 3 installed.  For some reason this new server will only connect to the shares on the windows 2000 server but gives permission errors when trying to connect to the shares on the windows 2003 servers.  As we are using the same user credentials I'm wondering what the difference is between Sambas 2 and 3 that will not now connect to windows 2003 boxes whereas it will to windows 2000 boxes?  Are there any extra parameters that need to be used?
> > >
> > > Hoping someone can please shed some light on this?
> > >
> > > The command we are using is:
> > >
> > > /usr/bin/smbmount  server_name/c$  /mnt/serv_check  -o  username=userid, password=password, uid=500,gid=500
> > >
> > > Many thanks,
> > >
> > > Neil.
> > >
> > >
> > >
> >
> >
> >
> > --
> > Regards,
> > Conrad Lawes
> > PXE Guru
>
>
>
> ________________________________
 Pinpoint customers who are looking for what you sell.

More information about the smb-clients mailing list