Allow anonymous access to SAMBA

Discussion in 'Server Operation' started by withanhdammit, Nov 1, 2010.

  1. withanhdammit

    withanhdammit New Member

    I followed the HowTo located at http://www.howtoforge.com/debian-lenny-standalone-server-with-tdbsam-backend.

    I am using a DOS boot disk loaded over PXE to boot a system, connect to a share, launch GHOST and unpack the GHOST file.

    But my DOS machine isn't connecting to the SAMBA share, it tells me Error 5: Access has been denied.

    My smb.conf contains:
    Code:
    [global]
            workgroup = PMI
            server string = %h server
            obey pam restrictions = no
            passdb backend = tdbsam
            pam password change = Yes
            passwd program = /usr/bin/passwd %u
            passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword$
            unix password sync = Yes
            syslog = 0
            security = group
            log file = /var/log/samba/log.%m
            max log size = 1000
            dns proxy = No
            wins server = 10.0.0.1
            wins server = 10.0.0.2
            panic action = /usr/share/samba/panic-action %d
            encrypt passwords = no
    
    [ghostshare]
            comment = Ghost share
            path = /usr/share/ghostshare
            valid users = ghost
            force group = users
            create mask = 0555
            directory mask = 0555
            writeable = yes
    I've been googling this for a couple of days and can't seem to hit on what the issue is.

    Thanks to everyone for taking a look at my problem and for any potential suggestions.

    h
     
  2. withanhdammit

    withanhdammit New Member

    The /var/log/samba/log.ghost shows this:
    Code:
    [2010/11/01 14:49:18,  0] auth/pampass.c:smb_pam_passcheck(820)
      smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User ghost !
    [2010/11/01 14:49:22,  0] auth/pampass.c:smb_pam_passcheck(820)
      smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User ghost !
    [2010/11/01 14:49:24,  0] auth/pampass.c:smb_pam_passcheck(820)
      smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User ghost !
    ghost is a valid user on my system
    Code:
    vanc-pxe01:/var/log/samba# cat /etc/passwd | grep ghost
    ghost:x:1001:1002::/home/ghost:/bin/sh
     
    Last edited: Nov 1, 2010
  3. withanhdammit

    withanhdammit New Member

    And does belong to the group 'users'
    Code:
    vanc-pxe01:/var/log/samba# groups ghost
    ghost users
     
  4. falko

    falko Super Moderator ISPConfig Developer

    Does the DOS disk try to connect to the SAMBA server anonymously, or did you configure a username/password somewhere?
     
  5. withanhdammit

    withanhdammit New Member

    It has a username/password included. I am using the DOS Network Boot disk from netbootdisk.com.
     
  6. falko

    falko Super Moderator ISPConfig Developer

    Does the username/password work if you try to connect from another Samba client?
     
  7. withanhdammit

    withanhdammit New Member

    I was finally able to get it to connect via the DOS disk by forcing the user/group. New smb.conf below (red is what I deleted, green is what I added (or changed a value to)

    If there's a better way to do this, please let me know.

    h

    Code:
    [global]
            workgroup = PMI
            server string = %h server
            obey pam restrictions = [COLOR="Red"]no[/COLOR] [COLOR="Green"]yes[/COLOR]
            passdb backend = tdbsam
            pam password change = Yes
            passwd program = /usr/bin/passwd %u
            passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword$
            unix password sync = Yes
            syslog = 0
            security = [COLOR="Red"]group[/COLOR] [COLOR="Green"]share[/COLOR]
            log file = /var/log/samba/log.%m
            max log size = 1000
            dns proxy = No
            wins server = 10.0.0.1
            wins server = 10.0.0.2
            panic action = /usr/share/samba/panic-action %d
            [COLOR="Red"]encrypt passwords = no[/COLOR]
    
    [ghostshare]
            comment = Ghost share
            path = /usr/share/ghostshare
            [COLOR="Red"]valid users = ghost[/COLOR]
            [COLOR="Green"]force user = ghost[/COLOR]
            force group = users
            create mask = [COLOR="Red"]0555[/COLOR] [COLOR="Green"]0777[/COLOR]
            directory mask = [COLOR="Red"]0555[/COLOR] [COLOR="Green"]0777[/COLOR]
            [COLOR="Red"]writeable = yes[/COLOR]
            [COLOR="Green"]guest ok = yes
            read only = no[/COLOR]
     

Share This Page