Solved

Samba + Linux

Posted on 2000-04-13
17
522 Views
Last Modified: 2013-11-15
Iàm trying to install Samba with Linux RedHat 6.0

All seems to work fine except for one thing:

I connect the Linux machine to the LAN, wich has WIN95,98 or NT(BDC) and Stand alone servers.

When I use smbclient to connect to 95,98,BDC works fine, but when I use it to connect to the Stand Alone NT says:

"Connection Refused".
I don`t know if the fact that it`s a stand alone server could affect in anything.

I need to know any ideas, how to correct this problem.

PD: I have all the routes static.
The linux machine is part of the same domain.
If a do a Ping works fine.
0
Comment
Question by:Pampa
17 Comments
 

Expert Comment

by:MrNice
Comment Utility
Hi, what do you mean by a stand alone NT machine? Do you mean that it is not part of a domain? Can you ping to machine using it's WINS or DNS name?
0
 

Expert Comment

by:MHacker
Comment Utility
Are your "Standalone machines" running NT? if so, are all your services started (server service esp.) It sounds like something didn't start (or you don't have file & print sharing enabled).  Get back to me.
0
 
LVL 1

Author Comment

by:Pampa
Comment Utility
MrNice:
Stand Alone NT Server, it's part of the domain and the Ping works fine.

MHacker: All the services are working, Yes it's a NT 4.0 SP 4

File & Printing?, I want to see a share directory that I have in the NT.

Any other ideas or tests?
0
 
LVL 3

Expert Comment

by:jyu_88
Comment Utility
can you see and explore that NT share from other window boxes?

what is the command you used to be exactly? (-U and/or -W will be helpful. upperlowercase password, if you get that far)

'smbclient -L hostNetBiosName' to check out what services are avaiable on a server. You may need to specify '-I ServerIP' to avoid DNS and netbios inconsitency
0
 

Expert Comment

by:c722
Comment Utility
Did you enable the PlainTextPassword thing in that NT server? You need to reboot the NT server (I assume it's a member server) before it takes effect.  (see the docs from samba source on this topic.)

If you have already done that and still doesn't work, try to do a "nbtstat -a NTservername" and a "nbtstat -a samba_machine_name".  Let me have a look at the output.  It could be some machine account verification failed problem.
0
 
LVL 1

Author Comment

by:Pampa
Comment Utility
Did you enable the PlainTextPassword thing in that NT server?

I didn`t understand this comment where should I change this?
I change the Encryption Password option to "NO" in the Samba Config file.

I did the nbtstat in the NT server
for the NT the result is:

C:\WINNT\system32>nbtstat -a pampero
       NetBIOS Remote Machine Name Table

   Name               Type         Status
---------------------------------------------
PAMPERO        <00>  UNIQUE      Registered
SIIFPROD       <00>  GROUP       Registered
PAMPERO        <03>  UNIQUE      Registered
PAMPERO        <20>  UNIQUE      Registered
SIIFPROD       <1E>  GROUP       Registered
INet~Services  <1C>  GROUP       Registered
IS~PAMPERO.....<00>  UNIQUE      Registered
FPADILLA       <03>  UNIQUE      Registered
PAMPERO        <1F>  UNIQUE      Registered

MAC Address = 00-60-08-CB-B5-74


For the Linux machine the result is:

C:\WINNT\system32>nbtstat -a wspruebas
Host not found.


PD: If I do ping wspruebas(Linux machine) the machine answer correctly.

0
 
LVL 1

Expert Comment

by:soulmate022700
Comment Utility
Yes, Yes, plaintextpassword and stuff,
I've the same problem.
I Don't want to send plain text passwords accross my netnetwork, It's so damm easy to read them with a netanalyzer.
A give-away for hackers.
Personaly I gave up on connecting a linux box to an NT machine in a secure way.
Also connection Linux to windows 2000.
Now a days I spend my time on other ways to solve my workflow problems. For instance I send files via FTP from NT to Linux and verse versa.

I'm always open for a sugestion.



0
 

Expert Comment

by:c722
Comment Utility
To pampa:

  To connect samba to a NT4SP4, you need to tell NT to use plain text password for verification.  That's how samba talk to NT by default (in smb.conf encrypt password = no ).  By defaut, NT4 will not allow plain text pasword.  To change that, you do a regedt32 and add this value:
EnablePlainTextPassword = 1 (REG_DWORD)
in
\SYSTEM\CurrentControlSet\Services\Rdr\Parameters
All these simply means the password and usernames are sent in *clear text* in the wire (as in ftp, telnet, etc.) So be ware there is a security risk.

  nbtstat -a linuxmachine also fails shows that you might not be running nmbd correctly.  Try kill nmbd and restart.
  btw, what's your security= share/user/server/domain?

To soulmate:

  You are absolutely right. Therefore samba has an option to use encrypted password.  When turning it on, you need to maintain a hash table of your passwd though (stored in private/smbpasswd and is read only by root). Something like another hashed copy of your /etc/passwd.  Read the docs that come with the src on this topic.  There is still a problem though: this smbpasswd file itself, although not showing the password, can be used to re-construct the passwd verification process.  Therefore is also a potential target.  (Well to me, it's good enough already.)
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 1

Author Comment

by:Pampa
Comment Utility
c722:
I try the changes you suggest but, still doesn't works.
I try all different security mode =user/domain/share/server

I restart the service nmbd, it seems to work fien , but I can`t do the nbtsat yet.

Any other idea?
Thanks.
0
 

Expert Comment

by:c722
Comment Utility
to pampa:

 I assume you can see the share of Linux from the member server. If you are running 2.0 above, try this

1) security = domain
   encrypt password = yes
   password server = your PDC
2) make linux machine join the domain.  This is NOT simply connect it to the same segment and with the same domain name.  You need to create a machine account in the PDC. In your PDC's server manager, Add the linux machine to the domain; then in linux, you go samba/bin and run
 ./smbpasswd -j DOM -r DOMPDC
3) you have both an account in the domain and linux with the same name, i.e., in unix you called joe, in NT your username need to be joe also.  login to linux as joe and now run a smbclient.  see if it works.
4) If it doesn't, can you turn on the audit in NT and check what the event log shows, and also what the smaba log shows.
0
 
LVL 2

Expert Comment

by:mzehner
Comment Utility
It seems like I had a problem getting an NT workstation to connect to my Linux samba server, but I can't remember what the error message was.  I do know I had to make a change to the NT configuration to get it to work.  As far as setting NT up for sending passwords in the clear, you should not do it, but change your windows95 to send encrypted passwords and set your Linux back up for encrypted passwords.  If you need help doing this post a comment and I can give you more info.  Are you running samba using the inetd daemon?  If you are check your Linux /etc/hosts.allow files and /etc/hosts.deny files and make sure you are not denying the service with the tpc wrapper.  Also I recommend that you run samba and its name services through the startup scripts since it is more reliable this way.  Since you are running Redhat 6.0, you can use linuxconf to set it up.
0
 
LVL 1

Author Comment

by:Pampa
Comment Utility
C722 lock the question so I can grade your answer.
PD: The problem wasn't corrected, I have the same problem with this machine...

0
 

Expert Comment

by:c722
Comment Utility
Pampa,

1) If you still cannot see linux machine from NT, try put the linux machine name in the NT lmhosts file and tell NT manually the addess:
   a) Configure NT networking to enable lmhosts lookup in the WINS config.
   b) In C:\WINNT\System32\drivers\etc, put a file called lmhosts, no extension.
   c) In the file, put an entry for your linux host.  something like "x.x.x.x name".  There is a sample there called lmhosts.sam
   d) Reboot NT. Make sure nmbd is running in Linux, then you tried nbtstat again.

2) If nbtstat still cannot find linux, it means your nmbd is not running correctly... which also means smbd might not be running correctly as well.  Do you enable the netbios stuff in /etc/services ?  You do not need to run samba from inetd, but you must enable the service port.

3)  Can any NT/W95 machine see linux host at all ? (in netbios way, not ping.)

4) Without the log file, I really can't help you much as I don't know what went wrong.  In my experience with samba, it is very reliable and very easy to set up. It's not something that needs extensive configuring.
0
 

Expert Comment

by:c722
Comment Utility
Pampa,

  Just a thought, does

  smbclient -U user%pass -L ntmachine

  ever succeed at all ?
0
 

Expert Comment

by:duckkie
Comment Utility
Most likely the problem is with the NT Server and not samba if you can already connect to win98 boxs. Make sure you have the right protocols installed need for NT to talk to samba. And mostly important make sure that you are connecting as a valid user to the NT.
0
 
LVL 1

Author Comment

by:Pampa
Comment Utility
Ct22:
Eventohoug the problem is still there, please lock the question so I can give you the points.
Thansk for your help
0
 

Accepted Solution

by:
c722 earned 80 total points
Comment Utility
hi pampa,

  :=) thank you for your consideration.

Just some suggestions now.  Maybe can be some help.  To see a share in NT, you have to somehow log on to a domain.  If you log on to a WinNT workstation, you are in.  If you logon to a W98 only, not the "Microsoft Network", you can't browse a NT share.  You have to also logon to the domain also.  Then if you are a user on Linux, you can't be a domain user.  So in order to browse anything that's on a NT, you need to supply a valid NT username and password in smbclient.  And if the NT box doesn't like PlainTextPassword, you have to tell samba to encryption=yes AND use smbpasswd to create a hased table of your NT password also.
Another thing about seeing the computer name.  "nbtstat -a" shows what this computer register its name in a netbios network.  You can ping a machine means correct TCP/IP connection.  But it has nothing to do with NT's browse/share/etc since it only uses netbios.  You must be able to do " NET VIEW \\MACHINE".  One way to make it static is put it in lmhosts file, just like unix's /etc/hosts.
Hope all this helps.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now