Solved

Difficulties using Samba v3 with Windows 2k

Posted on 2003-10-23
25
5,764 Views
Last Modified: 2010-04-11
Hi all,
I'm really pulling my hair out about this, and I need to get this working ASAP, hence the number of points I've allocated to this question.

I'm trying to get Samba filesharing working with a Windows 2K server box, and it's just not working for me...

Configuration / tests I've done / symptoms follow:

I'm using a really simple smb.conf, in an attempt to get this working:

[global]
workgroup = MIDDLEEARTH
netbios name = FRODO

[tmp]
comment = Temp Directory
path = /tmp

I've tried adding 'wins support = yes' into the [global] section, but it seems to make no difference.
I've also added the entry 192.168.0.2  SMAUG into lmhosts, and I've tried 192.168.0.2   SMAUG   #PRE as well.

The server IP address is: 192.168.0.2.
My Win2K server is in the workgroup: MIDDLEEARTH, and is called SMAUG (ip: 192.168.0.14).

smbclient -L FRODO gives:
        Sharename      Type      Comment
        ---------      ----      -------
        tmp            Disk      Temp Directory
        IPC$           IPC       IPC Service (Samba 3.0.0)
        ADMIN$         IPC       IPC Service (Samba 3.0.0)

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------
        MIDDLEEARTH          FRODO

nmblookup -U FRODO __SAMBA__ produces:
querying __SAMBA__ on 0.0.0.0
192.168.0.2 __SAMBA__<00>

nmblookup -B SMAUG '*' produces these results (which I'm not convinced are as they should be):

querying * on 0.0.0.0
192.168.0.2 *<00>

nmblookup -d 2 '*' produces this:

added interface ip=192.168.0.2 bcast=192.168.0.255 nmask=255.255.255.0
querying * on 192.168.0.255
Got a positive name query response from 192.168.0.2 ( 192.168.0.2 )
Got a positive name query response from 192.168.0.14 ( 192.168.0.14 )
192.168.0.2 *<00>
192.168.0.14 *<00>

smbclient //FRODO/tmp works fine.

When I try to run something like: net view \\FRODO, it returns (after a reasonable amount of time):
System error 53 has occured.
The network path was not found.

The same error occurs if I try a net view \\192.168.0.2.

Finally, if Samba is running, when I d-click on 'Computers near me', I get the error:
'Middleearth is not accessible'    # I rather like this error message in some way...:)
'The network path was not found'.

If Samba is not running, when I d-click on 'Computers near me', it opens the workgroup
with no problems, displaying just the one machine - SMAUG (as I'd expect).

Once I've got this working, I'll be adding some XP machines onto the workgroup, so if this is a client
side issue, please answer with this in mind (if relevant).
0
Comment
Question by:j_dyer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 7
  • 6
25 Comments
 
LVL 5

Expert Comment

by:koquito
ID: 9606594
SO you have Linux box?
Do you want to share folders on the Linux box?
Did you try using localhost:901 in your browser to use the admin tool for samba?
You will probably find some advanced settings using it, like host alllow, etc.
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9606945
> SO you have Linux box?
Yes, I am running Samba on a Linux box. Redhat 9, kernel v. 2.4.20-20-9.
As normal, I recompiled the kernel when I built the box, with support for what I needed at the time.
At the time, I didn't need samba, so if there are any settings in the kernel configure which Samba needs,
there is a good chance they would have been missed out - anyone got any ideas if this is the case?

> Do you want to share folders on the Linux box?
Yes, I'm planning on two private areas for each user (home dir and client backup dir), and a public area
where all users (with an account on the server) will be able to share files.

> Did you try using localhost:901 in your browser to use the admin tool for samba?
> You will probably find some advanced settings using it, like host alllow, etc.
I've tried using SWAT whilst trying to get this to work - didn't affect the problems I'm seeing.

I don't think that it's a problem with access; my understanding is that Samba should allow access to everyone
at the moment, since there is no access control specified in the smb.conf file.
0
 
LVL 5

Expert Comment

by:koquito
ID: 9607139
Whats the workgroup of your linux box? IS it the same as you said in your smb.conf?
You'r right about the host allow.
did you try restart  nmbd?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:j_dyer
ID: 9607198
The workgroup on the linux box is MIDDLEEARTH, the same as the Win 2K box.
Yes, I've tried restarting nmbd (many times!) - nothing of particular interest appears in the log files.
0
 
LVL 5

Expert Comment

by:koquito
ID: 9607835
Is your linux shared folder specified under smb.conf?
ITs weird , it was the easiest thing for me to do, when I did the same. It showed up inmediately under Network Neighborhood, gave me access and everything.
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9607910
Yes, it's specified.
As mentioned in my original question, it's currently set to the absolute minimum:
[global]
workgroup = MIDDLEEARTH
netbios name = FRODO

[tmp]
comment = Temp Directory
path = /tmp
0
 
LVL 5

Expert Comment

by:koquito
ID: 9610152
try using a directory under your home directory, instead of under the root directory
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 9610676
Finally, if Samba is running, when I d-click on 'Computers near me', I get the error:
'Middleearth is not accessible'    # I rather like this error message in some way...:)
'The network path was not found'.
Something is hosing the browsing

Check that the Samba server is not set as master browser.
win2k and XP fall out over browser issues with Samba


preferred master=false
local master=no
os level=0
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9612794
Thanks for all the suggestions, unfortunatly, none of them have made any difference!
wyliecoyoteuk - I agree, something is definetly messing with the browsing - would
this imply a WINS problem maybe?
I'm not sure if this fact is going to help, but I did initally try to get this working with
Samba v2.something, but I experienced exactly the same problems
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9612804
Another brief comment - just ran a net view /domain:middleearth, and both frodo
and smaug were listed, so things are beginning to improve :)
net view \\FRODO and net view \\FRODO /domain:middleearth still don't work though...
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 9613590
Unless you are running a wins server, the wins support is irrelevant.

There are a few things that you can try, but as a test, I just setup and installed a samba server on my home mdk box, mainly using defaults.
My W2k and an XP laptop can both see it., and net view works.

This  is  /etc/samba/smb.conf

[global]
        log file = /var/log/samba/log.%m
        smb passwd file = /etc/samba/smbpasswd
        load printers = yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        map to guest = bad user
        encrypt passwords = yes
        printer admin = @adm
        dns proxy = no
        netbios name = LINHOME1
        server string = Samba Server %v
        printing = cups
        workgroup = HOME
        os level = 20
        printcap name = cups
        security = user
        preferred master = no
        max log size = 50

[homes]
   comment = Home Directories
   browseable = no
   writable = yes

Note that if the preferred master setting is yes, it will often cause "browser wars" when there is an XP Pro box on the subnet.

You could try adding a Hosts file (search for hosts.sam) on the windows box.
Try doing a search for the IP address of the samba box (this often seems to kick windows browsing into action)
Remember that the browse list is only refreshed every 15 minutes.




0
 
LVL 5

Expert Comment

by:koquito
ID: 9613743
Do you have ENCRYPT passwords =YES on your smb.conf?
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9614853
Well, things seem to be a little better.
Whilst net view \\frodo & net view \\192.168.0.2 still don't work, a straight-forward 'net view' does
now return both smaug and frodo promptly, whereas before, I'd either get an error, or it would
take a long time for the list to appear.

To recap, my smb.conf file now reads as follows:

[global]
  log file = /var/log/samba/log.%m
  smb passwd file = /etc/samba/smbpasswd
  encrypt passwords = yes
  dns proxy = no
  netbios name = FRODO
  server string = Samba Server %v
  workgroup = MIDDLEEARTH
  os level = 20
  security = user
  preferred master = no

[homes]
  comment = Home Directories
  browsable = no
  writable = yes

[tmp]
  path = /tmp
  comment = Temp Dir
  browsable = yes
  writable = no

So, all that we need to get working now is actual connections to the server. Thanks for all
of the help so far - I finally feel like the end is in sight for this problem!
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 9615466
Can I just ask why you are sharing the /tmp directory?
unlike windows, the /tmp directory has special attributes, and will be flushed at shutdown or bootup.
I would suggest creating a share in /home and try things that way
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9615781
Ultimatly, I'm not going to be sharing the /tmp directory - I'm just using it for testing, until
I can get Samba working properly. As soon as I can access shares on the server, I'll turn /tmp
off, and set things up properly.
BTW, the /tmp dir will not get flushed on this server at shutdown/restart - that's something I've
always found annoying, and as such, is always one of the first things I turn off :) I do make it
clear to my users though, that they can't use the area of any form of perm. storage, as things are
likely to go missing from there!
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 9615950
Also, as Koquito says, include "encrypt passwords=yes"
As windows NT and higher encrypt by default.

Have you created Unix and Samba users?



0
 
LVL 5

Expert Comment

by:koquito
ID: 9616936
So where are we now? You see the server, but can't access it?
Did you check the host.deny  file for eany entries?
Do you have any firewall?
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9619210
wyliecoyoteuk - yes, I've got 'encrypt passwords = yes' set, and the unix and samba users both exist.

koquito - Thats right, I can see the server, but can't access it. There is no host.deny file, so there's
no restriction on access, and yes, we have a firewall, which prevents traffic leaving the lan, but both
the unix box and w2k box are inside the lan, plugged into the same hub, using private address space,
so the firewall shouldn't be an issue.
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 9619351
Beginning to look like a windows side issue .

So you can see the server in network places.What happenss when you try to access it?
have you tried using a hosts file on the win2k box?
you would need to add the entry

192.168.0.2              FRODO

and save the hosts file WITHOUT the .sam ( or .txt etc) suffix

What are the UNIX permissions on the /tmp directory?

1)Run ipconfig /all on the 2k box and ifconfig on the Linux one, compare info.
2)It could be domain settings for 2k. Try making frodo a member of the domain, also, you  could use security=domain
and set the password server to smaug.


I usually use WEBmin (http://www.webmin.com) to administer samba, (and for a lot of linux server routine stuff), as you can often pick out a problem just by scanning the share listings.


0
 
LVL 2

Author Comment

by:j_dyer
ID: 9619383
My gut instinct is to blame Window as well. I've never had problems of this degree getting Samba to work
before, but this is the first time I've tried to use it with a version of Windows > 98.

The server appears in network places, but when I try to access it, a dialog box pops up saying:
\\Frodo is not accessible.
The network path was not found.

Sometimes, this box appears straight away, sometimes it can take a few (10/20?) seconds to appear.

If I try a net view \\FRODO, I get the message:
System error 53 has occured.
The network path was not found.

This message always takes a few seconds to appear.

Perms on /tmp are standard: rwxrwxrwt root:root

Frodo is already in the hosts and lmhosts files (I'm assuming they're only in \winnt\system32\drivers\etc).

Network settings all appear to be correct.

I'm going to give Webmin a try now, crossing my fingers...:)
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9619401
Tried webmin, and it's made no difference to the problem; couldn't see any options there which
might make a difference.
Meant to mention in my last comment, net view \\192.168.0.2 also doesn't work (same symptoms
as net view \\FRODO)
0
 
LVL 21

Accepted Solution

by:
wyliecoyoteuk earned 500 total points
ID: 9620608
Have you another PC, perhaps a laptop, that you can try, just to make sure that it is a windows thing?
There are a lot of things on win2k server, from domain mode to ldap settings, that can cause this, but netbios naming seems totally screwed.
The problem is that win2k depends on DNS a lot more than NT did.
Workgroups often don`t work properly either.
If you can connect to the webmin server from the win2k box, the IP is working ok, just naming is failing.
You may need to run a WINS server on the 2K  box to get netbios name resolution.
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9626250
OK, I'm now (almost) convinced that this is a problem with Windows, rather than Samba.
I've managed to free up a W2k (client) machine for more testing.

I enabled the WINS server on SMAUG, and made the other machine a member of middleearth, and
found that that machine couldn't browse the network properly either. I did the same without Samba
running, and the problem persisted.

I've just found out that, whilst both w2k boxes have outbound TCP/IP, I am unable to ping either box
from the Unix server (or from each other). This leads me to conclude that the problems I am seeing
are probably related to TCP/IP connectivity in some way, and I'm now going to look down that route.

wyliecoyoteuk - you mention that w2k depends on DNS more than NT did - this does concern me a bit,
as all of these machines are on privatly routable address space, and therefore do not have DNS entries -
could this be causing these problems as well?
0
 
LVL 2

Author Comment

by:j_dyer
ID: 9626488
Well, it's all finally working, though I'm not 100% sure why though!
I found that the w2k server had some rather odd filtering on it's network adaptor, though that
wasn't the whole cause of the problem (though it did fix the TCP/IP problems).

Having read through the Samba man page again, I decided to use Samba as the WINS server,
since I'd prefer the W2K machine to have a dynamically assigned address via DHCP.

In case you're interested, I've ended up with the following smb.conf file. I'll tidy it up soon
(lower logging level, remove /tmp share, add more shares), but this is what worked for me
(note: only the global area is of interest, so I've excluded the shares).

[global]
        dns proxy = no
        log file = /var/log/samba/log.%m
        netbios name = FRODO
        smb passwd file = /etc/samba/smbpasswd
        server string = Samba Server %v
        local master = no
        workgroup = MIDDLEEARTH
        os level = 20
        encrypt passwords = yes
        security = user
#       wins server = 192.168.0.3
        name resolve order = wins,lmhosts,host,bcast
        domain master = no
        local master = yes
        name cache timeout = 0
        wins support = yes
        log level = 3

My gut instinct at the moment is that the key line is the name resolve order, though I can't
prove it, and can't figure out why. It's just that things started getting better after adding it.
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 9628569
We actually set up a local caching-only nameserver to enable internal DNS for our win2K domain.

It solved a lot of issues, sped up the network, and gave us full LDAP directories.:)

The wins name resolve is doing netbios naming
wins, then lmhosts, then hosts, then broadcast.

 Whereas win2k would do netbios name resolution without WINS or DNS, win2k must have one or the other (and it prefers DNS).
0

Featured Post

Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How do you restart a stacked switch? Hp Procurve 3 62
Certification Follow-up 2 63
How to secure a Folder on a Windows Server 3 61
TCP Reset from Server 3 37
Resolve DNS query failed errors for Exchange
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question