Unable to connect to samba centos vmware instance on Windows 7

Posted on 2011-10-28
Last Modified: 2012-05-12
Here's the run down. I have a windows 7 ultimate pc running a centos 5.7 instance via vmware. It received an ip of, I can ping it, I can ssh to it, I can view apache.

I set up samba and have run into several issues, but first and foremost I cannot connect to it from windows. I can connect to it from within centos using smbclient, but only if I authenticate ( even if I make it public, guest ok, no matter what, I have to authenticate. )

smbuser is the user I created that can authenticate locally without problem, this conf file may have some extra stuff in it by now since I've exhausted a lot of google searching. Also changed some settings within windows itself as recommended by others. I've tried with iptables disabled, windows firewall disabled, etc. The windows connection attempt never reaches samba, it does not show up in the samba log.

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
# If you want to use the useradd/groupadd family of binaries please run:
# setsebool -P samba_domain_controller on
# If you want to share home directories via samba please run:
# setsebool -P samba_enable_home_dirs on
# If you create a new directory you want to share you should mark it as
# "samba-share_t" so that selinux will let you write into it.
# Make sure not to do that on system directories as they may already have
# been marked with othe SELinux labels.
# Use ls -ldZ /path to see which context a directory has
# Set labels only on directories you created!
# To set a label use the following: chcon -t samba_share_t /path
# If you need to share a system created directory you can use one of the
# following (read-only/read-write):
# setsebool -P samba_export_all_ro on
# or
# setsebool -P samba_export_all_rw on
# If you want to run scripts (preexec/root prexec/print command/...) please
# put them into the /var/lib/samba/scripts directory so that smbd will be
# allowed to run them.
# Make sure you COPY them and not MOVE them so that the right SELinux context
# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts
#======================= Global Settings =====================================


# ----------------------- Network Related Options -------------------------
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
# server string is the equivalent of the NT Description field
# netbios name can be used to specify a server name not tied to the hostname
# Interfaces lets you configure Samba to use multiple interfaces
# If you have multiple network interfaces then you can list the ones
# you want to listen on (never omit localhost)
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
# specifiy it as a per share option as well
	workgroup = WORKGROUP
	server string = %h

	netbios name = localhost
;	interfaces = lo eth0
;	hosts allow = 127. 192.168.12. 192.168.13.

# --------------------------- Logging Options -----------------------------
# Log File let you specify where to put logs and how to split them up.
# Max Log Size let you specify the max size log files should reach
	log level = 3
	# logs split per machine
	log file = /var/log/samba/%m.log
	# max 50KB per log file, then rotate
	max log size = 50

# ----------------------- Standalone Server Options ------------------------
# Security can be set to user, share(deprecated) or server(deprecated)
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.

	#security = user
	#map to guest = Bad User
	#security = user
	passdb backend = tdbsam
	default service = global

# ----------------------- Domain Members Options ------------------------
# Security must be set to domain or ads
# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
# Use password server option only with security = server or if you can't
# use the DNS to locate Domain Controllers
# The argument list may include:
#   password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
#   password server = *

;	security = domain
;	passdb backend = tdbsam
;	realm = MY_REALM

;	password server = <NT-Server-Name>

# ----------------------- Domain Controller Options ------------------------
# Security must be set to user for domain controllers
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
# Domain Logons let Samba be a domain logon server for Windows workstations.
# Logon Scrpit let yuou specify a script to be run at login time on the client
# You need to provide it in a share called NETLOGON
# Logon Path let you specify where user profiles are stored (UNC path)
# Various scripts can be used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
;	security = user
;	passdb backend = tdbsam

;	domain master = yes
;	domain logons = yes

	# the login script name depends on the machine name
;	logon script = %m.bat
	# the login script name depends on the unix user used
;	logon script = %u.bat
;	logon path = \\%L\Profiles\%u
	# disables profiles support by specifing an empty path
;	logon path =  

;	add user script = /usr/sbin/useradd "%u" -n -g users
;	add group script = /usr/sbin/groupadd "%g"
;	add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
;	delete user script = /usr/sbin/userdel "%u"
;	delete user from group script = /usr/sbin/userdel "%u" "%g"
;	delete group script = /usr/sbin/groupdel "%g"

# ----------------------- Browser Control Options ----------------------------
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
;	local master = no
;	os level = 33
;	preferred master = yes

#----------------------------- Name Resolution -------------------------------
# Windows Internet Name Serving Support Section:
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
# - WINS Support: Tells the NMBD component of Samba to enable it's WINS Server
# - WINS Server: Tells the NMBD components of Samba to be a WINS Client
# - WINS Proxy: Tells Samba to answer name resolution queries on
#   behalf of a non WINS capable client, for this to work there must be
#   at least one	WINS Server on the network. The default is NO.
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups.

;	wins support = yes
;	wins server = w.x.y.z
;	wins proxy = yes

;	dns proxy = yes

# --------------------------- Printing Options -----------------------------
# Load Printers let you load automatically the list of printers rather
# than setting them up individually
# Cups Options let you pass the cups libs custom options, setting it to raw
# for example will let you use drivers on your Windows clients
# Printcap Name let you specify an alternative printcap file
# You can choose a non default printing system using the Printing option

	load printers = yes
	cups options = raw

;	printcap name = /etc/printcap
	#obtain list of printers automatically on SystemV
;	printcap name = lpstat
;	printing = cups

# --------------------------- Filesystem Options ---------------------------
# The following options can be uncommented if the filesystem supports
# Extended Attributes and they are enabled (usually by the mount option
# user_xattr). Thess options will let the admin store the DOS attributes
# in an EA and make samba not mess with the permission bits.
# Note: these options can also be set just per share, setting them in global
# makes them the default for all shares

;	map archive = no
;	map hidden = no
;	map read only = no
;	map system = no
;	store dos attributes = yes

#============================ Share Definitions ==============================

	path = /var/www
	valid users = %S, smbuser
	directory mask = 0777
	create mask = 0777
	available = yes
	browseable = yes
	public = yes
	guest ok = yes
	password = no
	guest account = smbuser

	comment = Home Directories
	browseable = no
	writable = yes
;	valid users = %S
;	valid users = MYDOMAIN\%S

	comment = All Printers
	path = /var/spool/samba
	browseable = no
	guest ok = no
	writable = no
	printable = yes

# Un-comment the following and create the netlogon directory for Domain Logons
;	[netlogon]
;	comment = Network Logon Service
;	path = /var/lib/samba/netlogon
;	guest ok = yes
;	writable = no
;	share modes = no

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;	[Profiles]
;	path = /var/lib/samba/profiles
;	browseable = no
;	guest ok = yes

# A publicly accessible directory, but read only, except for people in
# the "staff" group
;	[public]
;	comment = Public Stuff
;	path = /home/samba
;	public = yes
;	writable = yes
;	printable = no
;	write list = +staff

Open in new window

Question by:WhistlingMtn
    LVL 21

    Expert Comment

    yes,seems that,the problem is windows authentification and not with samba
    LVL 21

    Expert Comment

    try this may have Your solution:
    LVL 21

    Expert Comment


    Accepted Solution

    Ok I got it working, my solution was to remove samba3 and install samba3x

    Everything now works, but just some follow up in-case people wonder. I had already done the windows registry changes and policy changes, so I'm not sure if those were actually still needed or not, but I did do them and I haven't tried removing them yet to see if it still works.

    Additional things I can into along the way. At some point the iptables had a REJECT rule reapplied, not sure how I hadn't done anything except play with samba on the vm. I removed it manually from the iptables config file this time and it survived a reboot, but that was the last thing I needed.

    With samba3x smb and nmb are separate services, so I turned them both on at start-up. I also turned on ntd so the time would be synced. I don't think that was causing any issues though.


    Author Comment

    oh I also disabled selinux

    Author Closing Comment

    Closing the question, I explained my solution above.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    What are VMware Tools? VMware Tools are a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine. Without VMware Tools installed in your guest operating syst…
    The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
    The viewer will learn how to download and install Comodo Backup on Windows 7. Comodo Backup is another solution for backing up your computer. It is free for local backup and online backup has differing amounts depending on storage required. In my op…
    This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now