Making Samba Work

ed ed at gurski.com
Wed Aug 3 01:46:09 UTC 2005 

On Tue, 2005-08-02 at 20:25 -0400, fedora-list-request at redhat.com wrote:

> Subject: Re: making Samba work
> To: For users of Fedora Core releases <fedora-list at redhat.com>
> Message-ID: <1123025957.21238.467.camel at serendipity.dogma.lan>
> Content-Type: text/plain; charset="us-ascii"
> 
> Am Mi, den 03.08.2005 schrieb Claude Jones um 1:25:
> > On Tue August 2 2005 7:08 pm, Alexander Dalloz wrote:
> > > Am Mi, den 03.08.2005 schrieb Claude Jones um 1:02:
> 
> > > > Ok - I learned something. My resolve.conf file:
> > > >
> > > > search com
> > > > nameserver 69.31.31.2
> > > > nameserver 64.202.97.2
> > >
> > > bingo :)
> > >
> > yes, but what did I win? ;-) 
> 
> It explains why "smbclient -L StudyPC" did lead you to the foreign host.
> Why did you set "search com"? Anyway, has nothing to do with Samba or
> your setup problems at all.
> 
> > correcting something here, help my FC4 box see my Windoz boxes? It seems like 
> > the big problem derives from the following example error in the smb logfile:
> > 
> > [2005/08/02 16:16:31, 0] smbd/negprot.c:reply_nt1(293)
> >   reply_nt1: smb signing is incompatible with share level security !
> 
> That is at least no correct setting. I do not understand why you did set
> it.
> 
> > I've been trying to figure out what smb signing is about, but the 
> > documentation isn't too helpful - I found one suggestion to delete the 
> > security line, and one to change it to user!
> 
> http://www.samba.org/samba/docs/man/smb.conf.5.html
> 
> server signing (G)
>         
>         This controls whether the server offers or requires the client
>         it talks to to use SMB signing. Possible values are auto,
>         mandatory and disabled. 
>         
>         When set to auto, SMB signing is offered, but not enforced. When
>         set to mandatory, SMB signing is required and if set to
>         disabled, SMB signing is not offered either.
>         
>         Default: server signing = Disabled
> 
> > I just want to share one folder on my FC4 machine to my Windows boxes, which I 
> > can now do, and I want my FC4 box to have access to my Windows machines - 
> > pretty much everything there. 
> 
> Why don't you just use the smb.conf as how it ships with Fedora's rpm
> and adjust it slightly? And being sure which each command stands for.
> 
> Make sure your network setup is properly (IPs / netmask). You can test
> netbios host resolving by running
> 
> nmblookup <name of your samba host>
> 
> Again, to exclude problems like iptables blocking make sure "smbclient"
> and "smbstatus" on localhost gives proper results.
> 
> > Claude Jones
> 
> http://samba.org/samba/docs/man/Samba-HOWTO-Collection/
> 
> Alexander
> 
> 
> -- 
> Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
> legal statement: http://www.uni-x.org/legal.html
> Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp 
> Serendipity 01:31:10 up 18 days, 6:03, load average: 0.06, 0.16, 0.17 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 189 bytes
> Desc: Dies ist ein digital signierter Nachrichtenteil
> Url : https://www.redhat.com/archives/fedora-list/attachments/20050803/3f9762a5/attachment.bin

The problem as I see it is that you have a small Home network, using
DHCP and are relying on your router to give out the addresses.

You could do one of several solutions to this problem:

Assign static IP's via your router based on MAC address. On windows
issue the command "ipconfig /all" and see what the "Physical address is.
Then in your router assign an IP address to this machine address. Repeat
this for every machine you have. Make sure that your Window clients have
the NetBeui protocol running.

On your Linux machine get the MAC address by issuing the command:

/sbin/ifconfig -a 

Then write the the HWaddr for eth0 (that's usually the default network
connection). Then repeat the same thing as you dis for your Window's
clients.

I would also make sure that your Samba is configured as a WINS server so
that your Window's clients will look at it for other hosts.

Now another way to do it and still maintain independence for your wife's
laptop is to setup a "caching DNS server" along with a DHCP server. I
would also make this my SAMBA server. 

I use this configuration at home without any problems. In fact I also
made my Linux machine a "Print server".

Here is my sample smb.conf file:


[global]
	log file = /var/log/samba/%m.log
	smb passwd file = /etc/samba/smbpasswd
	passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
	obey pam restrictions = yes
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
IPTOS_LOWDELAY
	null passwords = yes
	guest ok = yes
	passwd program = /usr/bin/passwd %u
	wins proxy = yes
	wins support = yes
	dns proxy = yes
	netbios name = samba_server
	writeable = yes
	server string = FedoraFC3 Samba Server %v
	unix password sync = yes
	local master = yes
	preferred master = yes
	domain master = yes
	workgroup = myworkgroup.com
	hosts allow = 192.168.1. 127.
	name resolve order = hosts lmhosts wins bcast
	max log size = 50
	pam password change = yes
	remote announce = 192.168.1.255
	printing = cups
	printcap name = cups
	load printers = yes
	username map = /etc/samba/smbusers
	os level = 65
	security = share

[homes]
	comment = Home Directories
	browseable = no
	writeable = yes
	valid users = %S
	create mask = 0664
	directory mask = 0775
# If you want users samba doesn't recognize to be mapped to a guest user
; map to guest = bad user


# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
	comment = All Printers
	path = /var/spool/samba
	guest ok = yes
	guest ok = yes
	printable = yes
	public = yes

[print$]
	comment = Printer Drivers
	path = /opt/Windows/drivers
	browseable = yes
	write list = root

# This one is useful for people to share files
[tmp]
	comment = Temporary file space
	path = /tmp
	writeable = yes
	guest ok = yes

# A publicly accessible directory, but read only, except for people in
# the "staff" group
[public]
	comment = Public Stuff
	path = /opt/share
	guest ok = yes
	writeable = yes
	printable = no


You can see how to setup a "caching DNS server at :

http://www.unixwiz.net/techtips/bind9-chroot.html#conf

http://www.wwnet.net/~stevelim/dns.html

and for DHCP google it or use something like this dhcpd.conf file:

authoritative;
ddns-update-style interim;
ignore client-updates;

subnet 192.168.1.0 netmask 255.255.255.0 {

# --- default gateway
        option routers                  router.myworkgroup.com;
        option subnet-mask              255.255.255.0;

        option domain-name              "myworkgroup.com";
        option domain-name-servers      samba_server.myworkgroup.com,
4.2.2.1; 
# (4.2.2.1 is a known DNS server)

        option time-offset              -18000; # Eastern Standard Time
        option netbios-name-servers     samba_server.myworkgroup.com;
# --- Selects point-to-point node (default is hybrid). Don't change this
unless
# -- you understand Netbios very well
#       option netbios-node-type 2;

        range dynamic-bootp 192.168.1.100 192.168.1.199;
        default-lease-time 43200;
        max-lease-time 86400;
        deny bootp;

        # we want the our dell laptop to appear at a fixed address
        host dell_laptop {
                option host-name "dell_laptop.myworkgroup.com";
                hardware ethernet 00:00:00:00:00:00;
# The above is the MAC address for your laptop as printed from
# ipconfig  /all
                fixed-address 192.168.1.99;
        }
}

More information about the fedora-list mailing list