Samba - all messed up
Rick Stevens
rstevens at vitalstream.com
Thu Sep 15 16:48:21 UTC 2005
Bob McClure Jr wrote:
> On Wed, Sep 14, 2005 at 10:41:55PM -0600, brad.mugleston at comcast.net wrote:
>
>>On Wed, 14 Sep 2005, Mark Knecht wrote:
>>
>>
>>>On 9/14/05, brad.mugleston at comcast.net <brad.mugleston at comcast.net> wrote:
>>>
>>>>When things were simple (Windows 95) Samba setups were easy then
>>>>Bill determined that he needed to make my life complicated.
>>>>
>>>>Now in my house I have some Windows 98 machines, some windows XP
>>>>and even an old Win 95 laptop my daughter likes.
>>>>
>>>>I can print to my linus boxes and their printers but I can't seem
>>>>to get everyone happy about sharing files from the Linux boxes
>>>>where everything is saved.
>>>>
>>>>So how do I give access to Win95 through XP to my FC2 box using
>>>>Samba? I've got password encription on (I think, I've messed
>>>>withit so much I'm not sure anymore) I did that cause I couldn't
>>>>see how to shut it off in the XP box.
>>>>
>>>>Does anyone have a quick how to set this up so everyone can play?
>>>>
>>>>BTW the NFS stuff is working great.
>>>>
>>>>Thanks,
>>>>
>>>>Brad Mugleston, KI0OT
>>>
>>>Brad,
>>> I'll only suggest that it's pretty difficult. Consider making the
>>>Windows side of the house consistent in terms of Windows so that your
>>>work in this area is significantly simplified.
>>>
>>>Good luck,
>>>Mark
>>>
>>
>>Mark,
>>
>>Thanks - I'd like to make the windows side consistent and load
>>Linux on them all BUT thats not possible at this time. The XP
>>machines are relatively new but the older machines would not
>>handle XP or don't want to risk loosing what they have on them.
>>
>>I'll try to move forward as best as possible.
>>
>>Brad
>
>
> I think what Mark means is that older Winxx defaulted to plaintext
> passwords, while later ones defaulted to encrypted. You probably need
> to set your Win9x boxes to encrypt passwords.
Correct. The following Windows versions used plaintext passwords:
3.11 (Windows for Workgroups)
95 (without SMB patch)
WinNT V3.xx
WinNT V4.x (before SP3)
The following use encrypted passwords:
95 (with SMB patch)
98
CE (PDAs and such)
ME
NT V4.x (with SP3 or later)
XP
2000
2003
Unfortunately, under "user level" security mode, Samba can only do one
mode at a time, either encrypted or plaintext. If you use domain- or
server-level security (which would allow mixed plaintext and encrypted
passwords), you need a Windows PDC somewhere on your network to do the
password validation.
AFAIK, if you MUST keep a Windows version that uses plaintext, you'll
have to make them ALL use plaintext. This can be done by modifying the
registry. The Samba distribution includes files to do that.
Go to the /usr/share/doc/samba-(version)/registry directory. In there
you'll find files named "*_PlainPassword.reg". Find the one that's
appropriate for your use (for XP, use the Win2000 file), copy it to a
DOS formatted floppy, take the floppy to the offending machine and
EXECUTE the .reg file. This will turn off encrypted passwords on the
machine. You can then set "encrypt passwords = no" in
/etc/samba/smb.conf and use plaintext.
Note, however, that your network is now vulnerable to password sniffing
using stupid tools like tcpdump. Since this is your home LAN, that may
not be much of an issue. I would NOT recommend this to anyone whose
network is exposed to the Internet in any way, shape or form.
By the way, I HIGHLY recommend you get a copy of O'Reilly's "Using
Samba", 2nd edition, by Ts, Eckstein and Collier-Brown. This is all
explained in chapter 9, starting on page 296.
Stupid Windows Joke: Have you ever noticed what Windows has become
with CE, ME and NT? Coincidence?
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- The moving cursor writes, and having written, blinks on. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list