On Tuesday, June 14, 2005 @5:02 PM, Jerome wrote:
On Monday 13 June 2005 01:25, Greg Wallace wrote:
I share a linux directory with my Windows machine. Try adding --
wins support = yes security = share
to your [global] section.
Also, I have the following for my "share" (I called it Shareddocs just to have it stick out as a Windows share). I'm forcing the user to the Linux built-in nobody group.
[SharedDocs] path = /etc/samba/smbusers guest ok = yes guest account = nobody force group = MYHOME
Also, be sure the nobody user is set up as a member of the MYHOME group on your Linux machine. Whatever privileges you give it, that's what you'll be able to do from your Windows machine. Also, your Windows machine has to be using the MYHOME workgroup, which I assume it does.
Greg Wallace
Greg,
I added 'wins support = yes' and 'security = share' as you suggested and now all the default shares set up by Yast can be seen in 'My Network Places'.
The problem is when I enter the User name and password in the login window Windows prepends the name of my Windows machine to my User name like this:
MYVIAO/MyUserName
and reopens the login window. Windows does give a hint:
Example: User Name username@domain DOMAIN\username
How do I interpet this? I tried myusername@Linux\myusername and myusername@LinuxLINUX\myusername . Nothing is prepended but hitting enter reopens the login window.
I also have a question about adding a share the way you suggested above. Do I create a folder called SharedDoc somewhere to hold the information I want to share?
Thanks, Jerome
Jerome: I don't even get a Login Window. I click on My Network Places and there's a folder there with the pipeline under it that you see on a network share. I double click on it and I'm in my Linux folder. I don't need any security because of the guest account = nobody option I specified for [SharedDocs]. I also have the following line under [global] map to guest = bad user You probably have some additional setup work to do on Linux before you try to connect from the Windows machine. Here's an off the top of my head checklist -- *) Whatever workgroup you are using in Windows needs to be set up as a group on your Linux machine. *) Set up the folder in Linux that matches the path= name. Mine is shareddocs (and at the root level; i. e., /shareddocs on Linux). The owner of shareddocs is user nobody (built-in Linux user) and the group is the group I set up that matches my Windows workgroup name. *) Make sure any users that will access the share are assigned to that group on your Linux machine. I assigned the built-in "nobody" user to the group and, with the "guest account = nobody" option in Samba, that's the id that is in use when I'm working on my Linux machine from Windows (If I add a file, it shows up with that user when I look at the file over on Linux). I also added my Linux user id to that group and also root, giving me access to the folder on the Linux side. Once all of that was done, I went to "My Network Places" and added \\Linux\SharedDocs (yes, I named my Linux machine Linux -- lots of imagination at work there huh!). Now, if I double click on that folder, I'm looking at all of the files and directories in the Linux shareddocs directory from my Windows machine (sub-directories show up as folders). Hope this is enough to get you started. Greg
On Wednesday 15 June 2005 02:54, Greg Wallace wrote:
On Tuesday, June 14, 2005 @5:02 PM, Jerome wrote:
On Monday 13 June 2005 01:25, Greg Wallace wrote:
I share a linux directory with my Windows machine. Try adding --
wins support = yes security = share
to your [global] section. Done
Also, I have the following for my "share" (I called it Shareddocs just to have it stick out as a Windows share). I'm forcing the user to the Linux built-in nobody group.
[SharedDocs] path = /etc/samba/smbusers guest ok = yes guest account = nobody force group = MYHOME
Done
Also, be sure the nobody user is set up as a member of the MYHOME group
on I used Yast to set up the group 'myhome' and myself and nobody are members. The user nobody belongs to the groups myhome,nogroup and nobody.
your Linux machine. Whatever privileges you give it, that's what you'll
be
able to do from your Windows machine. Also, your Windows machine has to
be
using the MYHOME workgroup, which I assume it does.
It does
Greg Wallace
The problem is when I enter the User name and password in the login window Windows prepends the name of my Windows machine to my User name like this:
MYVIAO/MyUserName
and reopens the login window. Windows does give a hint:
Example: User Name username@domain DOMAIN\username
How do I interpet this? I tried myusername@Linux\myusername and myusername@LinuxLINUX\myusername . Nothing is prepended but hitting enter reopens the login window. Now I see. The "Example" is actually three examples and MYVIAO/MyUserName is
Using Yast I could not set privileges for 'nobody' but I did notice nobody has a predefined password. I've seen this before with other system users. I've never been able to find out what the password is. I'm going to delete it to see if that helps. Usually the system will recreate it though. In this case it's a six token password. ps: Yast insists on a password so I'll use my user password instead of the one supplied. pps: It changed the password back to the system one (Suse 9.3) anyone know what it is? the system telling me which example it expects.
Thanks, Jerome
Jerome: I don't even get a Login Window. I click on My Network Places and there's a folder there with the pipeline under it that you see on a network share. I double click on it and I'm in my Linux folder. I don't need any security because of the
I set up the Network Share on XP using the Setup Wizard. When I click on it I get this message: \\Linux\shareddocs is not accessable. You might not have permission to use this network resourse (Which is the core of my problem now). The group name could not be found. I wonder where it's looking?
guest account = nobody
option I specified for [SharedDocs]. I also have the following line under [global]
map to guest = bad user
Default setting.
You probably have some additional setup work to do on Linux before you try to connect from the Windows machine. Here's an off the top of my head checklist --
*) Whatever workgroup you are using in Windows needs to be set up as a group on your Linux machine.
MY Samba Server Workgroup is MYHOME. My Linux group is myhome. Is any of this case sensitive? My XP Workgroup is MYHOME.
*) Set up the folder in Linux that matches the path= name. Mine is shareddocs (and at the root level; i. e., /shareddocs on Linux). The owner of shareddocs is user nobody (built-in Linux user) and the group is the group I set up that matches my Windows workgroup name.
See smb.conf below.
*) Make sure any users that will access the share are assigned to that group on your Linux machine. I assigned the built-in "nobody" user to the group and, with the "guest account = nobody" option in Samba, that's the id that is in use when I'm working on my Linux machine from Windows (If I add a file, it shows up with that user when I look at the file over on Linux). I also added my Linux user id to that group and also root, giving me access to the folder on the Linux side.
I holding off adding root for now.
Once all of that was done, I went to "My Network Places" and added \\Linux\SharedDocs (yes, I named my Linux machine Linux -- lots of imagination at work there huh!). Now, if I double click on that folder, I'm looking at all of the files and directories in the Linux shareddocs directory from my Windows machine (sub-directories show up as folders).
Hope this is enough to get you started.
Greg
Thanks Greg, is was enough to get me started (all of yesterday) and almost finished. But there is still a permissions roadblock. When I run 'net use x:' on XP to log into any of the predefined shares on my Samba Server I get these messages: C:\Documents and Settings\adriel>net use x: \\LINUX\adriel [enter] The password is invalid for \\LINUX\adriel (Apparently there's a password sent here that is incorrect) Enter the username for 'LINUX' : adriel@Linux (or Linux\\adriel or Linux\adriel or LINUX\\adriel or LINUX\adriel) (Examples of valid usernames are username@domain and domain\\username.) Should domain\\username be domain\username? Enter the password for LINUX: myuserpassword System error 5 has occurred. Access is denied So, access from Linux to XP is still denied. Access from a Linux browser to Xp shares using smb:// works just fine, I have learned today. However using the Linux Desktop icon: Network Browsing, gets me to this address: slp://awws/[awws://192.168.0.2:3703?name=MyVaio&version=2.0&guid=73780010-28e9-1e0e-a750-9f349deee3b3] That displays this message: Service Attributes awws://192.168.0.2:3703 Instead of the Windows share. In the 9.3 Administration guide on p.542 it says: security = share: 'A password is firmly assigned to a share.' Do shares have passwords assigned to them automatically? I'm including a copy of my smb.conf file, maybe there's something I overlooked or did wrong. Right now all I need is access. I have moved the pictures using smb:// over to my Share on XP, so in that sense the problem is solved, but now I want to learn how to make this work for it's own sake. Jerome # smb.conf is the main Samba configuration file. You find a full commented # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the # samba-doc package is installed. # Date: 2005-04-04 [global] passdb backend = smbpasswd:Neshamas workgroup = MYHOME printing = cups printcap name = cups printcap cache time = 750 cups options = raw printer admin = @ntadmin, root, administrator username map = /etc/samba/smbusers map to guest = Bad User include = /etc/samba/dhcp.conf logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes domain master = No idmap gid = 10000-20000 idmap uid = 10000-20000 wins support = yes security = user [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes create mask = 0640 directory mask = 0750 [profiles] comment = Network Profiles Service path = %H read only = No store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ create mask = 0640 directory mask = 0750 ; [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 ## Share disabled by YaST # [netlogon] # comment = Network Logon Service # path = /var/lib/samba/netlogon # write list = root [shareddocs] path = /home/adriel/shareddocs guest ok = yes guest account = nobody force group = MYHOME
On Wednesday 15 June 2005 02:54, Greg Wallace wrote:
On Tuesday, June 14, 2005 @5:02 PM, Jerome wrote:
On Monday 13 June 2005 01:25, Greg Wallace wrote:
I share a linux directory with my Windows machine. Try adding --
wins support = yes security = share
to your [global] section. Done
Also, I have the following for my "share" (I called it Shareddocs just to have it stick out as a Windows share). I'm forcing the user to the Linux built-in nobody group.
[SharedDocs] path = /etc/samba/smbusers guest ok = yes guest account = nobody force group = MYHOME
Done
Also, be sure the nobody user is set up as a member of the MYHOME group
on I used Yast to set up the group 'myhome' and myself and nobody are members. The user nobody belongs to the groups myhome,nogroup and nobody.
your Linux machine. Whatever privileges you give it, that's what you'll
Using Yast I could not set privileges for 'nobody' but I did notice nobody has a predefined password. I've seen this before with other system users. I've never been able to find out what the password is. I'm going to delete it to see if that helps. Usually the system will recreate it though. In this case it's a six token password. ps: Yast insists on a password so I'll use my user password instead of the one supplied. pps: It changed the password back to the system one (Suse 9.3) anyone know what it is?
be
able to do from your Windows machine. Also, your Windows machine has to
be
using the MYHOME workgroup, which I assume it does.
It does
Greg Wallace
The problem is when I enter the User name and password in the login window Windows prepends the name of my Windows machine to my User name like
On Thursday, June 16, 2005 @ 4:43 PM, Jerome wrote: this:
MYVIAO/MyUserName
and reopens the login window. Windows does give a hint:
Example: User Name username@domain DOMAIN\username
How do I interpet this? I tried myusername@Linux\myusername and myusername@LinuxLINUX\myusername . Nothing is prepended but hitting
reopens the login window. Now I see. The "Example" is actually three examples and MYVIAO/MyUserName is
enter the system telling me which example it expects.
Thanks, Jerome
Jerome: I don't even get a Login Window. I click on My Network Places and there's a folder there with the pipeline under it that you see on a network share. I double click on it and I'm in my Linux folder. I don't need any security because of the
I set up the Network Share on XP using the Setup Wizard. When I click on it I get this message:
\\Linux\shareddocs is not accessable. You might not have permission to use
this network resourse (Which is the core of my problem now). The group name could not be found.
I wonder where it's looking?
guest account = nobody
option I specified for [SharedDocs]. I also have the following line
under
[global]
map to guest = bad user
Default setting.
You probably have some additional setup work to do on Linux before you try to connect from the Windows machine. Here's an off the top of my head checklist --
*) Whatever workgroup you are using in Windows needs to be set up as a group on your Linux machine.
MY Samba Server Workgroup is MYHOME. My Linux group is myhome. Is any of this case sensitive? My XP Workgroup is MYHOME.
*) Set up the folder in Linux that matches the path= name. Mine is shareddocs (and at the root level; i. e., /shareddocs on Linux). The owner of shareddocs is user nobody (built-in Linux user) and the group is the group I set up that matches my Windows workgroup name.
See smb.conf below.
*) Make sure any users that will access the share are assigned to that group on your Linux machine. I assigned the built-in "nobody" user to the group and, with the "guest account = nobody" option in Samba, that's the id that is in use when I'm working on my Linux machine from Windows (If I add a file, it shows up with that user when I look at the file over on Linux). I also added my Linux user id to that group and also root, giving me access to the folder on the Linux side.
I holding off adding root for now.
Once all of that was done, I went to "My Network Places" and added \\Linux\SharedDocs (yes, I named my Linux machine Linux -- lots of imagination at work there huh!). Now, if I double click on that folder, I'm looking at all of the files and directories in the Linux shareddocs directory from my Windows machine (sub-directories show up as folders).
Hope this is enough to get you started.
Greg
Thanks Greg, is was enough to get me started (all of yesterday) and almost
finished. But there is still a permissions roadblock.
When I run 'net use x:' on XP to log into any of the predefined shares on my Samba Server I get these messages:
C:\Documents and Settings\adriel>net use x: \\LINUX\adriel [enter] The password is invalid for \\LINUX\adriel
(Apparently there's a password sent here that is incorrect)
Enter the username for 'LINUX' : adriel@Linux (or Linux\\adriel or Linux\adriel or LINUX\\adriel or LINUX\adriel)
(Examples of valid usernames are username@domain and domain\\username.) Should domain\\username be domain\username?
Enter the password for LINUX: myuserpassword System error 5 has occurred.
Access is denied
So, access from Linux to XP is still denied. Access from a Linux browser to Xp shares using smb:// works just fine, I have learned today. However using the Linux Desktop icon: Network Browsing, gets me to this address:
slp://awws/[awws://192.168.0.2:3703?name=MyVaio&version=2.0&guid=73780010-> 28e9-1e0e-a750-9f349deee3b3]
That displays this message:
Service Attributes awws://192.168.0.2:3703
Instead of the Windows share.
In the 9.3 Administration guide on p.542 it says: security = share: 'A password is firmly assigned to a share.' Do shares have passwords assigned to them automatically?
I'm including a copy of my smb.conf file, maybe there's something I overlooked or did wrong. Right now all I need is access.
I have moved the pictures using smb:// over to my Share on XP, so in that sense the problem is solved, but now I want to learn how to make this work for it's own sake.
Jerome
# smb.conf is the main Samba configuration file. You find a full commented # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the # samba-doc package is installed. # Date: 2005-04-04 [global] passdb backend = smbpasswd:Neshamas workgroup = MYHOME printing = cups printcap name = cups printcap cache time = 750 cups options = raw printer admin = @ntadmin, root, administrator username map = /etc/samba/smbusers map to guest = Bad User I don't have the line below, but I don't see why it would be a problem include = /etc/samba/dhcp.conf I don't have any of the lines from here.. logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes ... to here domain master = No For the line above, I have Domain master = False idmap gid = 10000-20000 idmap uid = 10000-20000 wins support = yes The line below should say security = share security = user I also have the following lines unix extensions = Yes socket options = ISO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY veto files = /* .eml/* .nws/riched20.dll/*.{*}/ syslog = 0 log level = 1
[homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes create mask = 0640 directory mask = 0750
[profiles] comment = Network Profiles Service path = %H read only = No store dos attributes = Yes create mask = 0600 directory mask = 0700
[users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ create mask = 0640 directory mask = 0750
; [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes
[printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No
[print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775
## Share disabled by YaST # [netlogon] # comment = Network Logon Service # path = /var/lib/samba/netlogon # write list = root
[shareddocs]
path = /home/adriel/shareddocs guest ok = yes guest account = nobody force group = MYHOME I also have the following lines force create mode = 0060 force directory mode = 0070 create mask = 0770 directory mask = 0770 read only = no
Now, if I were using /home/adriel/shareddocs for my share, then if I did cd /home/adriel dir I would see drwxrwx--- ... nobody ... myhome ... shareddocs It being a linux share, in order to mount the directory you need x privileges on that directory. That security is enforced across to Windows, so windows cannot even look at what's in the directory unless it (nobody) has that privilege. I don't have to enter a password to display the "share" on Windows. I had, I think, the same errors as you when I first started setting this up. I believe you're definitely down to getting the security right on Linux. Once you do that, you should be able to change to that directory on Windows. Greg Wallace
participants (2)
-
Greg Wallace
-
Susemail