Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Samba problem on CentOS 7

Posted on 2014-10-01
24
Medium Priority
?
2,781 Views
Last Modified: 2014-10-02
I cannot connect to the samba sharing on my Centos 7, I have configured it just like I did on my Centos 5, except I think I did remove some extended security from the old one before same started working but I cannot remember what it was.
0
Comment
Question by:soffcec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 10
  • 2
24 Comments
 
LVL 4

Assisted Solution

by:Manfred Bertl
Manfred Bertl earned 300 total points
ID: 40356436
Please post your smb.conf. Did you also check your firewall settings for the required ports to be open?
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1200 total points
ID: 40356628
It is a huge deal of upgrade from samba3 to samba4.
0
 

Author Comment

by:soffcec
ID: 40356699
All ports are open, when I connect I do \\10.0.10.1 in Explorer then Samba asks for user and password but none of them works.
How can I see what version my Samba is ?

My smb.conf:
[i]
allow hosts = 10.0.10.180,10.0.10.221,10.0.10.220,89.17.128.171,10.0.10.101

bind interfaces only = true
security = share
...
...
guest account = nobody

[kro]
      writeable = yes
      path = /home/kro
      create mask = 0777
      directory mask = 0777
      comment = Guest access share
      public = yes

[/i]


I am trying to set up sharing without user and only restrict access by ip address.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 62

Assisted Solution

by:gheist
gheist earned 1200 total points
ID: 40356705
rpm -qa | grep ^samba

do you see anything in samba logs?
0
 

Author Comment

by:soffcec
ID: 40356760
[root@CentosTX ~]# rpm -qa | grep ^samba
samba-libs-4.1.1-37.el7_0.x86_64
samba-4.1.1-37.el7_0.x86_64
samba-common-4.1.1-37.el7_0.x86_64


I get this in log when I try to logon:

[2014/10/02 11:58:55.397842,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsWARNING: Ignoring invalid value 'share' for parameter 'security'
[2014/10/02 11:58:55.435909,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsWARNING: Ignoring invalid value 'share' for parameter 'security'
[2014/10/02 11:59:10.018617,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsWARNING: Ignoring invalid value 'share' for parameter 'security'
[2014/10/02 11:59:20.877689,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'

0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1200 total points
ID: 40356789
security = user|ads|domain
0
 

Author Comment

by:soffcec
ID: 40356867
When I try to connect form Windows command line:

C:\>net use i: \\10.0.10.253\kro /USER:maggi xxx /yes /PERSISTENT:YES

System error 86 has occurred.
The specified network password is not correct.


I have added user maggi with password xxx to Samba.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40356888
user should work fine with guest and guest mapping you have.
0
 

Author Comment

by:soffcec
ID: 40356906
I still get:
System error 86 has occurred.
The specified network password is not correct.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40356933
Do you have any SPNEGO/ntlm config in samba?
0
 

Author Comment

by:soffcec
ID: 40356947
No I don´t have any SPNEGO/ntlm config (don´t know what it is), I am using the same config I have on Centos 5 computer and it is working fine there.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40356957
can you check whats in samba logs after setting security to user?
It should be giving some dirt... At least windows says it could not get compatible security package or password was wrong.
0
 

Author Comment

by:soffcec
ID: 40356972
bind interfaces only = true
security = user
guest account = nobody

[kro]
      writeable = yes
      path = /home/kro
      create mask = 0777
      comment = Guest access share
      directory mask = 0777
      public = yes

Samba restarted,

 tail /var/log/samba/log.smbd
[2014/10/02 13:34:59.577563,  0] ../lib/util/pidfile.c:153(pidfile_unlink)
  Failed to delete pidfile /run/smbd.pid. Error was No such file or directory
[2014/10/02 13:35:01,  0] ../source3/smbd/server.c:1198(main)
  smbd version 4.1.1 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2013
[2014/10/02 13:35:01.676246,  0] ../source3/smbd/server.c:1278(main)
  standard input is not a socket, assuming -D option
[2014/10/02 13:35:01.712986,  0] ../lib/util/become_daemon.c:136(daemon_ready)
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsUnable to connect to CUPS server localhost:631 - Transport endpoint is not connected
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsfailed to retrieve printer list: NT_STATUS_UNSUCCESSFUL



I only need the share kro to be shared with one or none user.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40357101
Now try to authenticat/net use to see auth error...
0
 

Author Comment

by:soffcec
ID: 40357137
I don´t  get anything into log.smbd when I use net use i: \\10.0.10.253\kro /USER:kro\maggi xxx (10.0.10.253 is my Samba server)
0
 
LVL 62

Expert Comment

by:gheist
ID: 40357152
Is firewall open?
0
 

Author Comment

by:soffcec
ID: 40357157
Yes
0
 
LVL 62

Expert Comment

by:gheist
ID: 40357183
i think we need to wait 24h for other experts. I have very verbose samba logs....
0
 

Author Comment

by:soffcec
ID: 40357202
If remember right about 3 year ago, some expert told me to remove some extended security from Linux and then Sama started to work normally. But I cannot remember what it was.
0
 
LVL 62

Accepted Solution

by:
gheist earned 1200 total points
ID: 40357219
ahh selinux maybe
disable it until reboot;
setenforce 0
and try again
0
 
LVL 4

Expert Comment

by:Manfred Bertl
ID: 40357239
On a normal server, selinux is a PITA anyhow. I disable that right after install (in  /etc/sysconfig/selinux, setting it to 'disabled')
0
 
LVL 62

Expert Comment

by:gheist
ID: 40357267
It is quite cool when you find the ways to get along with it.

most likely you need to try to run it and then setsebool according to what audit2allow says

btw keeping selinux at permissive level allows you to tweak policies without killing system...
0
 

Author Closing Comment

by:soffcec
ID: 40357715
The case was setting setenforce 0  and to put the Linux into same workgroup as the Windows PC.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40358360
Try to make sense form this post:
http:#a40357267

It basically says how to make friends between samba and selinux
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the withdrawal of support for Windows Server 2003 this summer, many clients face the issue of moving away from their 2003 installs. There are a few options out there that many people/companies are selling. But the clients I have, haven't wanted…
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question