Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 22nd April 2006, 17:56
papaqube papaqube is offline
Junior Member
 
Join Date: Feb 2006
Location: Manchester, UK
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default File Sharing Problem With Samba & (MS)ADS

Hi there

Linux newbie so please bare with me.

I am currently having some fun trying to set up an addition linux file server on my ADS domain .

Using samba i have managed to join the the linux box to the domain, i.e. 'net join ads'. No problems there, and it is now visable via 'neighbourhood network' on the windows side. I have set up a couple of shared folders on the linux box, which are also visable. However when I try to access the shares i have set up in samba i get a username and password prompt. When i enter user name and password I still cannot access the shares, and the prompt just re-appears . Here is my smb.conf:

[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.NET
server string = samba file server
security = ADS
password server = win2ksvr1
log level = 3
log file = /var/log/samba/%m
max log size = 50
server signing = auto
printcap name = cups
preferred master = No
domain master = No
wins support = Yes
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[printers]
comment = All Printers
path = /tmp
guest ok = Yes
printable = Yes
browseable = No

[Public]
comment = Public
path = /home/samba/Public
valid users = @users, @MYDOMAIN+all, users
force group = users MYDOMAIN+all users
read only = No
create mask = 0660
directory mask = 0771

and my smbusers like this:

# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
MYDOMAIN+testuser = testuser
users = MYDOMAIN+all users

I get a feeling that i have not set up the samba properly, i.e. password confirm, allowed users, etc. Also the file smbpasswd is empty.
Any help greatly appreciated. Thanks.
Reply With Quote
Sponsored Links
  #2  
Old 22nd April 2006, 19:31
leibowitz leibowitz is offline
Junior Member
 
Join Date: Apr 2006
Location: Charleroi, Belgium
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hello papaqube.

You properly configured the whole set of domain integration. Good work.

What you need is a step forward. To achieve completly the process you should edit the configuration of the [Public] section from the /etc/samba/smb.conf (or any path it is in).

Add this:
Code:
browseable = yes
public = yes
And you should be able to browse your Public folder with any user/pass registered in the Active Directory.
Reply With Quote
  #3  
Old 22nd April 2006, 21:37
papaqube papaqube is offline
Junior Member
 
Join Date: Feb 2006
Location: Manchester, UK
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi leibowitz

Thanks for your response.

I have tried your suggestion, and it had some affect in that i no longer get a password prompt . I now get a prompt telling me "\\win2ksvr1\Public in not accessible. You may not have permission to use this network resource"

Thanks again
Papa
Reply With Quote
  #4  
Old 22nd April 2006, 21:56
leibowitz leibowitz is offline
Junior Member
 
Join Date: Apr 2006
Location: Charleroi, Belgium
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well, in fact it doesnt work here either.

I tried your setup, with a Windows 2000 domain, and an Ubuntu Linux as a client. I'm working at it. I will come back asap with the fix. Fingers crossed.

Edit: This is the log.smbd output when I try to access the share (and got the user/pass request on windows side)

Quote:
smbd/sesssetup.c:reply_spnego_kerberos(173)
Failed to verify incoming ticket!
I remember have seen something like spnego and didn't know a lot about it times ago. I'm checking krb5.conf & googling to find out.

Last edited by leibowitz; 22nd April 2006 at 22:33.
Reply With Quote
  #5  
Old 22nd April 2006, 22:52
papaqube papaqube is offline
Junior Member
 
Join Date: Feb 2006
Location: Manchester, UK
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi leibowitz

Many thanks for the help. Much appreciated.

What a Guys !

Papa
Reply With Quote
  #6  
Old 22nd April 2006, 23:14
leibowitz leibowitz is offline
Junior Member
 
Join Date: Apr 2006
Location: Charleroi, Belgium
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hey anyway I didn't found anything usefull...

Just that apparently we are not doing right, they all seems to use security = user indeed of security = ads. But that's not clear for me.

I cannot help you further.

Maybe you can. Try to get as much as info as you can.

Here is a "security = user" smb.conf file:
http://beau.org/pipermail/whitebox-u...ch/000837.html

Then a post where someone is trying to do exactly the same as you are trying to. And he works it but I don't know how; very interesting:
http://archive.netbsd.se/?ml=samba&a=2004-03&t=91381

And finally, this is not usefull at all, but maybe you doesn't know it and it will guide you:
http://us1.samba.org/samba/docs/man/...ide/index.html

Have fun & Good Luck
Reply With Quote
  #7  
Old 23rd April 2006, 02:34
papaqube papaqube is offline
Junior Member
 
Join Date: Feb 2006
Location: Manchester, UK
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hey, thanks for all your help leibowitz. It got me on my way.

Anyway i think i have got there ! i have commented out the [homes], not nessecary and didn't exist (doh!) as they are on the ads server. The [Public] is now is now accessable, I hadn't set the 'Access Rights' on the share. However i found that this had to be set to admin, and not writeable, level before i could wirte to the share from a windows client. smb.conf [Public] now looks like this:

[Public]
comment = Public
path = /home/samba/Public/
create mask = 0660
directory mask = 0771
read only = no
guest ok = no
case sensitive = no
msdfs proxy = no
admin users = @MYDOMAIN+allusers,@users

A bit of a batched job i fear, but i am sure i will learn along the way.

Anyway time for a beer as this things been bugging me all day ), thanks again
Reply With Quote
  #8  
Old 10th May 2006, 11:27
Lozzer Lozzer is offline
Junior Member
 
Join Date: May 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

papaqube,

I've just succeeded in implementing a SAMBA server. I found that SADMS did the job perfectly.

I now have a W2K DC, running ADS (with Windows Services for UNIX 3.5 installed) and DNS, an IPCOP firewall box running DHCP, an FC-4 SAMBA server, and two WXPpro workstations - all working well together.

I also found that a beer helped...

Regards,

Lozzer.

Last edited by Lozzer; 10th May 2006 at 11:42.
Reply With Quote
  #9  
Old 10th November 2008, 11:25
ash05 ash05 is offline
Junior Member
 
Join Date: Aug 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

You properly configured the whole set of domain integration. Good work.

What you need is a step forward. To achieve completly the process you should edit the configuration of the [Public] section from the /etc/samba/smb.conf (or any path it is in).

Adventure Tour | Adventure Tourism
Condos, Condos for Sale, Buy a Condo

Last edited by ash05; 12th November 2008 at 07:29.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29
setup fails on debian 3.1 dtrumbower Installation/Configuration 7 7th March 2006 13:42
Update to 2.2.0 question brianetilley Installation/Configuration 10 4th March 2006 17:02
Debian install error jf1976 Installation/Configuration 25 19th January 2006 22:31
Date stamp problem with samba file sharing cioscott HOWTO-Related Questions 0 11th January 2006 19:29


All times are GMT +2. The time now is 06:30.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.