Autor |
Nachricht |
|
Titel: Samba: connection from Mac still not working!*Solved*
Verfasst am: 23.09.2006, 05:33 Uhr
|
|
Anmeldung: 01. Feb 2006
Beiträge: 128
Wohnort: SF Bay area
|
|
After a d-u, when samba 3.0.23 was installed, I could no longer connect from my Mac. I posted about this and "fixed" it by downgrading to samba/testing. I've tried several times since to really fix this and each time, I've had to downgrade samba. I ran "testparm" and get this:
Zitat:
root@knx:/home/rp# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[music]"
Processing section "[HDB5]"
Processing section "[rp]"
Loaded services file OK.
WARNING: passdb expand explicit = yes is deprecated
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = MSHOME
security = SHARE
acl compatibility = winnt
server signing = auto
preferred master = No
domain master = No
ldap ssl = no
[music]
path = /media/hdb5/music/
force group = mshome
read only = No
guest ok = Yes
case sensitive = No
strict locking = No
msdfs proxy = no
[HDB5]
path = /media/hdb5/
force group = mshome
read only = No
guest ok = Yes
case sensitive = No
hide files = System Volume Information/
strict locking = No
msdfs proxy = no
[rp]
path = /home/rp/
force user = rp
read only = No
guest ok = Yes
case sensitive = No
strict locking = No
msdfs proxy = no
I assume the line that says, "WARNING: passdb expand explicit = yes is deprecated" is a problem. Also form the thread, http://kanotix.com/PNphpBB2-viewtopic-t-20882.html
slh says, ...'start "testparm" and fix all errors it complains about, ensure to only use one parameter for "passdb backend" (like "passdb backend = tdbsam")'.
What does "passdb backend" (like "passdb backend = tdbsam") mean? I assume it has something to do with a password database, but I really don't know. How can I fix this so my Mac will connect again?
Thanks,
Ron |
_________________ To whom much is given, much shall be required.
Zuletzt bearbeitet von feffer777 am 17.10.2006, 06:42 Uhr, insgesamt ein Mal bearbeitet
|
|
|
|
|
|
Titel:
Verfasst am: 30.09.2006, 00:42 Uhr
|
|
Anmeldung: 26. Jun 2005
Beiträge: 389
|
|
Ron, my samba continues to work as advertised so I don't know what's wrong with yours. However, this page might be useful for you to understand and perhaps evaluate your problems with passwd backends:
http://samba.org/samba/docs/man/Samba-H ... assdb.html
There are a few things which I thought I'd ask:
1. Is your problem only with mac and other OSes can log on?
2. When you try to log on, do you use a user name that is already a user in your system? (I do)
3. Did you use smbpasswd to generate password for that user? (I did)
4. Why don't you try to create a new user, and then generate a password using smbpasswd and see if everything works.
5. In the article I suggested, under common errors there is an error about user being added to wrong database. You might want to try their suggestion to correct this.
Hope this helps. |
|
|
|
|
|
|
Titel:
Verfasst am: 30.09.2006, 16:38 Uhr
|
|
Anmeldung: 16. Jul 2005
Beiträge: 7
|
|
The samba man page linked above explicitly states that:
passdb expand explicit (G)
This parameter controls whether Samba substitutes %-macros in the passdb fields if they are explicitly set. We used to expand macros here, but this turned out to be a bug because the Windows client can expand a variable %G_osver% in which %G would have been substituted by the user's primary group.
Default: passdb expand explicit = no
Try changing it no and restart samba.
It is also helpful to look in /var/log/samba/log.smbd
and /var/log/samba/log.nmbd.
after attempting to connect with the Mac.
Jerry |
|
|
|
|
|
|
Titel:
Verfasst am: 02.10.2006, 09:26 Uhr
|
|
Anmeldung: 01. Feb 2006
Beiträge: 128
Wohnort: SF Bay area
|
|
Stryder and Jerry
Thanks for your responses. Since posting this, I've played with a number of smb.conf variations (including yours, stryder--thanks), and using Security=User, I'm now able to mount my kanotix home directory on the Mac. However I have a partition with many common resourses (hdb5) that I'd like to mount, but cannot. I could before with samba 3.0.22 and earlier using security=share. To access that partition, I made a sym-link in my home dir and that allows me to get to those resourses from the Mac. This works, but is a weak solution since that partition/share really should be mountable and not having it forces me to change the path to its resources--very inconvenient especially when using Dreamweaver on the Mac which looks for its database on hdb5.
To answer your questions, I'm not sure if windows machines can log in. Haven't tried it. I have only 2 machines on my home network, the Mac and the Kanotix box which dual boots with WinXP. WinXP(when I boot to it) and the Mac are still speaking. Concerning usernames, yes I do log in using my user account and as I mentioned that works for hdb2(/home), but not hdb5. A year ago when setting up the hdb5 partition, I had problems accessing and using it. Someone suggested I chgrp to mshome (my workgroup name), so now it's user=root, grp=mshome. I don't know if this is an issue with the latest samba and if it is, I'm not sure how to fix it. I'm reluctant to try changing the group name as I'm worried that might cause more problems than before.
I have used "smbpasswd" to generate new passwords for both my regular user acct and for root.
Stryder, thanks for the link. I did read that page before, but honestly don't understand it well enough to start making changes. I see where it says that "smbpasswd" database is obsolete and will be depreciated in the future. It seems like my issue is in this area as you both have indicated, but I'm not sure what to do about it? Concerning "tdbsam passdb backend" as suggested on the link, I looked for more information about how to do this and am not clear that I understand it. As of now, I'm using the "smbpasswd" backend and unless I really understand how to migrate to "tdbsam" I don't want to risk breaking more things.
@jlowery I tried adding "passdb expand explicit = no" to my smb.conf file with no change. My logs do show an error, but again I don't know how to use that info to correct the problem. The significant entry seems to be this:
[2006/10/01 23:55:40, 3] smbd/service.c:make_connection(1111)
refusing connection to dfs proxy share 'hdb5-1' (pointing to no)
[2006/10/01 23:55:40, 3] smbd/error.c:error_packet(146)
error packet at smbd/reply.c(676) cmd=117 (SMBtconX) NT_STATUS_BAD_NETWORK_NAME
I don't know what to do about the "BAD_NETWORK_NAME" part, especially since it wasn't a problem in earlier samba.
If any of this rings a bell, please let me know. Samba is one of those things you want to set and forget. It's really been a pain lately.
Thanks,
Ron |
_________________ To whom much is given, much shall be required.
|
|
|
|
|
|
Titel:
Verfasst am: 02.10.2006, 09:57 Uhr
|
|
Anmeldung: 26. Jun 2005
Beiträge: 389
|
|
Well, at least I now understand better what your issues are. As long as you can mount something via samba, samba works. At least that's what I think. So you shouldn't worry about the backends, etc. for now. The question is only why you cannot access a certain partition which is mounted at a certain location. My guess would be a permissions issue. Where is hdb5 mounted (cat /etc/fstab should tell you)? And what does ls -la /path/that/directory/ say? I have a partition mounted in /xchange and I made sure that /xchange belongs to the windows group, which is the workgroup I use for my samba sharers. And windows group has rwx permissions. Maybe that will work for you. Alternatively, mount hdb5 onto a directory in your /home/user and see if you can share that directory directly via smb.conf. (no idea why that would work though!)
Also, looking at your smb.conf, assuming that you are the only user, why don't you use "force user = rp" for all the other shares, like your home share, rather than the group option (ie delete this option)? In other words, make your share for /media/hdb5 exactly the same as for /home/rp. And permissions for /media/hdb5 exactly the same as /home/rp. Just stabbing in the dark... |
|
|
|
|
|
|
Titel:
Verfasst am: 07.10.2006, 04:50 Uhr
|
|
Anmeldung: 01. Feb 2006
Beiträge: 128
Wohnort: SF Bay area
|
|
Hi stryder,
finally got a little breathing room, and tried to narrow down this samba issue a bit more. I tried lots of combos in the smb.conf file. In global, "security=share" always fails for everything. Making "security=user" allows me to mount my /home and /home/rp shares, but nothing else.
The fstab line for the partition that isn't working is:
/dev/hdb5 /media/hdb5 vfat defaults,rw,gid=mshome,umask=002
ls -l /media/hdb5 gets:
drwxrwxr-x 26 root mshome 16384 Jul 30 18:47 music
drwxrwxr-x 7 root mshome 16384 Aug 17 17:06 rop
etc.
Even using the same lines as I do on /home/rp for /media/hdb5 will fail. "force user=rp" and "force group=mshome" also fail. I can't make home sub-folders mount, like /home/rp/ogg
I can access hdb5 from the Mac by putting a sym-link in my /home dir
I consider this only a temporary work-around, though.
Styder, what "security= xxx" are you using, share or user?
Any other ideas? Observations?
Thanks,
Ron |
_________________ To whom much is given, much shall be required.
|
|
|
|
|
|
Titel:
Verfasst am: 07.10.2006, 06:05 Uhr
|
|
Anmeldung: 26. Jun 2005
Beiträge: 389
|
|
Ron,
I'm as puzzled why you are not able to mount certain shares. I experimented by creating /wstore using root (which means owner and group of folder is root). I am still able to mount wstore in both windows and osx - only I cannot write to the share (insufficient privileges). But I can mount.
I changed workgroup in my smb.conf to windowsnew and everything still worked.
I thought perhaps it is because I use a program called smb manager in osx to connect. But no, I am able to connect via finder as well.
I changed my workgroup to "mshome" when mounting the share in osx and still no problem.
In other words I have tried to create a situation where I cannot mount and found so far, I have no problems. That is why I am puzzled by your problem.
As for security= , well, as you can see, I don't have that line in my smb.conf.
Code:
# my samba
[global]
workgroup = windows
encrypt passwords = true
log level = 1
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY
guest ok = no
wins support = no
[xchange]
comment = File Xchange Folder
path = /xchange
read only = no
guest ok = no
[storage]
comment = Share Folder
path = /storage
read only = no
guest ok = no
[wstore]
comment = Test Folder
path = /wstore
read only = no
guest ok = no
Perhaps you can test one other: create a folder in your home, and share it. See if it mounts. Then mount hdb5 to that folder. You can do that as a mount command in a console. Then see if it mounts.
But in truth, I'm out of ideas! |
|
|
|
|
|
|
Titel:
Verfasst am: 07.10.2006, 07:54 Uhr
|
|
Anmeldung: 01. Feb 2006
Beiträge: 128
Wohnort: SF Bay area
|
|
Hi Stryder,
Well I tried pasting in your smb.conf and just changing entries per my system and it worked! I thought I tried that 3 weeks ago, but maybe I just used part of your smb.conf then--not sure. That's the good news. OK, so why did it work? I dunno! I tried comparing to old, saved non-working or partly working configs and nothing sticks out. So I tried making changes to your (now my working) smb.conf, like putting in "security = share" and other changes. Now I can't break it! I guess I should be happy, but I'd like to figure out what the problem was. I'm tired though, so I'll look at it in the morning. Thanks for sticking with me on this.
Regards,
Ron |
_________________ To whom much is given, much shall be required.
|
|
|
|
|
|
Titel:
Verfasst am: 07.10.2006, 08:01 Uhr
|
|
Anmeldung: 26. Jun 2005
Beiträge: 389
|
|
Hehehe... if you're like me you will keep on going until you understand it. But better figuring out how to make something not work, than make something work. Glad you got things going. Perhaps testparm will tell you whether there is still a backend issue... OK, I better stop! |
|
|
|
|
|
|
Titel:
Verfasst am: 10.10.2006, 04:30 Uhr
|
|
Anmeldung: 01. Feb 2006
Beiträge: 128
Wohnort: SF Bay area
|
|
Still puzzled! After trying lots of combinations, I'm not able to isolate exactly what caused my "smb.conf" file to fail. Here's the working file, patterned from stryder's one:
Zitat:
[global]
workgroup = mshome
encrypt passwords = true
log level = 1
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY
guest ok = no
wins support = no
[rp]
comment = rp's home
path = /home/rp/
read only = no
[HDB5]
comment = Common Data Partition
path = /media/hdb5
read only = no
btw, I think omitting the line "security = 'whatever'" defaults to "share."
After initially losing my connection, I tried adding lots of things to "smb.conf." As you can see, this working one is pretty simple. Possibly, I had some conflicting lines. Should have kept to the KISS principle, I guess. If I figure out the exact cause of the problem later, I'll post it. Thanks for everyone's patience.
Regards,
Ron |
_________________ To whom much is given, much shall be required.
|
|
|
|
|
|
Titel:
Verfasst am: 15.10.2006, 18:08 Uhr
|
|
Anmeldung: 18. Mar 2004
Beiträge: 3417
|
|
|
|
|
|
Titel:
Verfasst am: 17.10.2006, 02:07 Uhr
|
|
Anmeldung: 01. Feb 2006
Beiträge: 128
Wohnort: SF Bay area
|
|
|
|
|
|
|
|
|
|