Reply With Quotehello,
did you run smbadduser ?
I want to share some files with some of my LAN-friends, disallowing access for rest of the hosts. I uset "hosts deny = all" and hosts allow. with IP's it works fine. But when I'm trying to define allowed hosts by hostname allowed hosts can't connect. In testparm everything seems to be ok:
debian:/home/michal# testparm fell 10.1.1.71
Load smb config files from /etc/samba/smb.conf
Processing section "[Udostepnione]"
Processing section "[Obrazy]"
Processing section "[CS+AoT]"
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
WARNING: You have some share names that are longer than 8 chars
These may give errors while browsing or may not be accessible
to some older clients
Allow connection from fell (10.1.1.71) to Udostepnione
Allow connection from fell (10.1.1.71) to Obrazy
Allow connection from fell (10.1.1.71) to CS+AoT
Allow connection from fell (10.1.1.71) to homes
Allow connection from fell (10.1.1.71) to printers
debian:/home/michal# testparm debian 10.1.1.71
a part of my conf:
in this example "fell" is name of my computer. If I try to enter CS+AoT through samba i get this:;*******************section global*****************
[global]
security = SHARE
netbios name = Fell
workgroup = Workgroup
server string = %h server (Samba %v)
invalid users = root
deadtime = 4
log level = 2
log file = /var/log/samba/log.%m
max log size = 2000
syslog = 0
encrypt passwords = true
socket options = TCP_NODELAY
dns proxy = no
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
obey pam restrictions = yes
;*******************section CS+AoT*****************
[CS+AoT]
hosts deny = all
hosts allow = fell
comment = reality mody + dodatki
path = /mnt/Windows/Documents and Settings/All Users/Udostepniane/CS+TO AoT/
guest ok = True
writeable = no
max connections = 2
a part of my conf:
spawn smbclient //FELL/CS+AoT -U User -I 10.1.1.71 -W WORKGROUP
added interface ip=10.1.1.71 bcast=10.1.255.255 nmask=255.255.0.0
Password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 2.2.3a-12.3 for Debian]
tree connect failed: NT_STATUS_NETWORK_ACCESS_DENIED
hello,
did you run smbadduser ?
I don't. Is it required ? In samba manual it is written nothing about it. I would like to grant access to specific hosts (by hostname in smb network), not by username. Do i need smbadduser also in this case ?
i am not sure in the security = SHARE case, i used security = USER and need... what happens when you run:
smbclient -U guest -L comptername
this gets into why I hate samba.
First, in order to connect to a samba machine, you will need to either map certain users (remote users, like on windows) to local users. Like at my old job, aschott was my windows domain login. I had it map any remote connection with aschott to my local user, aschott. Of course you still need to type in a password. Unless you script it (like in /etc/fstab). I think the remote users will need to do so as well. I havent dealt with Windows in a while. I hate it so much, that I refrain from usage whenever possible.
Now, I would HIGHLY reccomend a very secure and advanced NFS like IBM solution that is virtualy as cross platform as it gets. It is OpenAFS. I reccomend that. Its easier. Its better. Its more reliable. I still neeed to grab some rpms and upgrade my shit NFS solution here on my lan to OpenAFS. I just havent gotten around to it.
Now if you are saying really bad things about me, one tool that will help you out if you still have a boner for samba, is Webmin. It makes creation of shares, user mapping and shit alot easier.
But OpenAFS is the shit. Plus IBM is spearheading it. If it wasnt for Red Hat, IBM would be my fave corp.
Ech, then I will have to think about ftp server maybe.It has no sence to use samba. I just would like to grant acces without authorization - just like a guest access. But only for specified hosts. If it doesn't work I will think of ftp. Thanks for every of You for Your help.
Posting Permissions
Bookmarks