Samba Set Up Trouble
John Wheat
jwheat71 at cox.net
Sun Dec 23 20:02:45 MST 2007
Craig White wrote:
> On Sun, 2007-12-23 at 18:22 -0700, John Wheat wrote:
>
>> Craig White wrote:
>>
>>> On Sun, 2007-12-23 at 15:36 -0700, John Wheat wrote:
>>>
>>>
>>>> I am trying to set up Samba to use with my wife's Vista laptop. My
>>>> System the samba server is Debian Etch and I have added an account for
>>>> her (Holly) on my debian sysytem but whn I try to login to the shares on
>>>> my Debian system from the laptop it will only allow me to login with my
>>>> Linux account and not hers. Is this because I (user "john") is the
>>>> account that is logged into the Debian host? Should I be able to access
>>>> these shares essentially my /home from the laptop logging in with
>>>> Holly's credentials. Would have something to do with tis line in teh
>>>> smb.conf file:
>>>> # By default, \\server\username shares can be connected to by anyone
>>>> # with access to the samba server.
>>>> # The following parameter makes sure that only "username" can connect
>>>> # to \\server\username
>>>> # This might need tweaking when using external authentication schemes
>>>> valid users = %S
>>>> I don't know what this means "valid users = %----
>>>>
>>>> #1 - have sympathy on lists and remove comment lines. You can do this
>>>> easily with smb.conf by typing 'testparm -s > /tmp/samba.conf'
>>>> and giving us the output of that file (/tmp/samba.conf)
>>>>
>>>> #2 - The 'Macros' like %S are described in samba man page which can
>>>> be gotten by typing 'man smb.conf' in a console/terminal or
>>>> opening Konqueror and typing 'man smb.conf' in the address bar
>>>>
>>>> #3 - Samba's requirement for users is that they are a user in Linux
>>>> and a samba user too (same name)...therefore, after you create
>>>> the user 'holly' in Debian, get a terminal and type...
>>>>
>>>> smbpasswd -a holly
>>>>
>>>> which will then prompt you for a password for 'user' holly
>>>>
>>>> Craig
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>>
>>>>
>>>>
>> This is the output of testparm -s
>> [global]
>> workgroup = JHBBZ
>> server string = %h server
>> obey pam restrictions = Yes
>> passdb backend = tdbsam
>> passwd program = /usr/bin/passwd %u
>> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
>> *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
>> syslog = 0
>> log file = /var/log/samba/log.%m
>> max log size = 1000
>> printcap name = cups
>> dns proxy = No
>> wins support = Yes
>> panic action = /usr/share/samba/panic-action %d
>> invalid users = root
>>
>> [homes]
>> comment = Home Directories
>> valid users = %S
>> read only = No
>> create mask = 0775
>> directory mask = 0700
>>
>> [printers]
>> comment = All Printers
>> path = /var/spool/samba
>> create mask = 0700
>> printable = Yes
>> browseable = No
>>
>> [print$]
>> comment = Printer Drivers
>> path = /var/lib/samba/printers
>>
>> [John]
>> path = /home/john
>> valid users = holly, Holly
>> read only = No
>> guest ok = No
>>
>> Is the %S in [homes] restricting access to "user" john only for
>> /home/john ?
>>
>> I have added "user" holly to smbpasswd and her account cannot login from
>> vista do I need to specify an absolute path to smbpasswd?
>>
> ----
> nah...Windows can be funky.
>
> If you have signed onto Windows and mounted //SERVER/HOMES as one user,
> you probably can't mount it as another user unless you reboot, possibly
> log off (but if you are using Vista 'HOME' logging off isn't likely to
> work because of 'fast user switching').
>
> Make sure that you can access it from Linux...it's very easy to test.
> Watch...
>
> $ smbclient //srv1/homes -U craig
> Password:
> Domain=[AZAPPLE] OS=[Unix] Server=[Samba 3.0.23b-0.1.el4.kde]
> smb: \> ls
> . D 0 Tue Aug 29 15:38:22
> 2006
> .. D 0 Tue Jun 24 06:22:14
> 2003
>
> 34451 blocks of size 2097152. 3134 blocks available
> smb: \> quit
>
> [craig at lin-workstation ~]$ smbclient //srv1/homes -U administrator
> Password:
> Domain=[AZAPPLE] OS=[Unix] Server=[Samba 3.0.23b-0.1.el4.kde]
> lssmb: \> ls
> . D 0 Tue Aug 29 15:38:22
> 2006
> .. D 0 Tue Jun 24 06:22:14
> 2003
>
> 34451 blocks of size 2097152. 3134 blocks available
> smb: \> quit
>
> Once you know the 'user' (-U USER_NAME) can access the files, whether
> you access from Linux or Windows isn't material since smbclient is a
> real cifs/smb client, just like a Windows computer.
>
> The problem exists however, that it's really not possible [1] to connect
> to the same server (in this case, your samba server) as 2 different
> users simultaneously and sometimes even though you tell a Windows
> desktop computer to disconnect, it doesn't completely disconnect as user
> A so you can connect as user B. Take your complaints to Microsoft as it
> is their problem.
>
> Also, noting 'holly / Holly' - if you make all your users lower case,
> you never have issues. Windows networking schema is not case sensitive.
> Therefore, to samba holly=Holly. To Linux though holly!=Holly
> Generally, life is simpler when you use 'groups' and john and holly both
> belong to Linux group called 'Users' and samba group called 'users' (you
> can actually 'groupmap' them and then you don't have to even create a
> samba group at all...and then 'valid users = @users'
>
> Craig
>
> [1] it is technically possible to simultaneously connect as 2 different
> users but you would have to set 'security = share' in smb.conf which is
> a REALLY BAD IDEA. This is a mode that mimics the very much outdated
> Windows 95/98 networking mechanics which means that a separate
> user/password is needed for each share, it is slated for removal and is
> a real PITA (and may not even be supported by Vista client...I have no
> idea)
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
Part of my issue is cleared up she will just have to login with my user.
I cannot even connect to the share from Linux as "user" john. I also
cannot do so from windows anymore either. I am not sure now what I have
messed up. I am going to see if I can find a mostly working config I had
in Ubuntu.
More information about the PLUG-discuss
mailing list