Allow anonymous access to SAMBA

Discussion in 'Server Operation' started by withanhdammit, Nov 1, 2010.

  1. withanhdammit

    withanhdammit New Member

    I followed the HowTo located at http://www.howtoforge.com/debian-lenny-standalone-server-with-tdbsam-backend.

    I am using a DOS boot disk loaded over PXE to boot a system, connect to a share, launch GHOST and unpack the GHOST file.

    But my DOS machine isn't connecting to the SAMBA share, it tells me Error 5: Access has been denied.

    My smb.conf contains:
    Code:
    [global]
            workgroup = PMI
            server string = %h server
            obey pam restrictions = no
            passdb backend = tdbsam
            pam password change = Yes
            passwd program = /usr/bin/passwd %u
            passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword$
            unix password sync = Yes
            syslog = 0
            security = group
            log file = /var/log/samba/log.%m
            max log size = 1000
            dns proxy = No
            wins server = 10.0.0.1
            wins server = 10.0.0.2
            panic action = /usr/share/samba/panic-action %d
            encrypt passwords = no
    
    [ghostshare]
            comment = Ghost share
            path = /usr/share/ghostshare
            valid users = ghost
            force group = users
            create mask = 0555
            directory mask = 0555
            writeable = yes
    I've been googling this for a couple of days and can't seem to hit on what the issue is.

    Thanks to everyone for taking a look at my problem and for any potential suggestions.

    h
     
  2. withanhdammit

    withanhdammit New Member

    The /var/log/samba/log.ghost shows this:
    Code:
    [2010/11/01 14:49:18,  0] auth/pampass.c:smb_pam_passcheck(820)
      smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User ghost !
    [2010/11/01 14:49:22,  0] auth/pampass.c:smb_pam_passcheck(820)
      smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User ghost !
    [2010/11/01 14:49:24,  0] auth/pampass.c:smb_pam_passcheck(820)
      smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User ghost !
    ghost is a valid user on my system
    Code:
    vanc-pxe01:/var/log/samba# cat /etc/passwd | grep ghost
    ghost:x:1001:1002::/home/ghost:/bin/sh
     
    Last edited: Nov 1, 2010
  3. withanhdammit

    withanhdammit New Member

    And does belong to the group 'users'
    Code:
    vanc-pxe01:/var/log/samba# groups ghost
    ghost users
     
  4. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Does the DOS disk try to connect to the SAMBA server anonymously, or did you configure a username/password somewhere?
     
  5. withanhdammit

    withanhdammit New Member

    It has a username/password included. I am using the DOS Network Boot disk from netbootdisk.com.
     
  6. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Does the username/password work if you try to connect from another Samba client?
     
  7. withanhdammit

    withanhdammit New Member

    I was finally able to get it to connect via the DOS disk by forcing the user/group. New smb.conf below (red is what I deleted, green is what I added (or changed a value to)

    If there's a better way to do this, please let me know.

    h

    Code:
    [global]
            workgroup = PMI
            server string = %h server
            obey pam restrictions = [COLOR="Red"]no[/COLOR] [COLOR="Green"]yes[/COLOR]
            passdb backend = tdbsam
            pam password change = Yes
            passwd program = /usr/bin/passwd %u
            passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword$
            unix password sync = Yes
            syslog = 0
            security = [COLOR="Red"]group[/COLOR] [COLOR="Green"]share[/COLOR]
            log file = /var/log/samba/log.%m
            max log size = 1000
            dns proxy = No
            wins server = 10.0.0.1
            wins server = 10.0.0.2
            panic action = /usr/share/samba/panic-action %d
            [COLOR="Red"]encrypt passwords = no[/COLOR]
    
    [ghostshare]
            comment = Ghost share
            path = /usr/share/ghostshare
            [COLOR="Red"]valid users = ghost[/COLOR]
            [COLOR="Green"]force user = ghost[/COLOR]
            force group = users
            create mask = [COLOR="Red"]0555[/COLOR] [COLOR="Green"]0777[/COLOR]
            directory mask = [COLOR="Red"]0555[/COLOR] [COLOR="Green"]0777[/COLOR]
            [COLOR="Red"]writeable = yes[/COLOR]
            [COLOR="Green"]guest ok = yes
            read only = no[/COLOR]
     
: anomyous, dos, samba

Share This Page