Samba problem on CentOS 7

I cannot connect to the samba sharing on my Centos 7, I have configured it just like I did on my Centos 5, except I think I did remove some extended security from the old one before same started working but I cannot remember what it was.
soffcecManagerAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
gheistConnect With a Mentor Commented:
ahh selinux maybe
disable it until reboot;
setenforce 0
and try again
0
 
Manfred BertlConnect With a Mentor ManagerCommented:
Please post your smb.conf. Did you also check your firewall settings for the required ports to be open?
0
 
gheistConnect With a Mentor Commented:
It is a huge deal of upgrade from samba3 to samba4.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
soffcecManagerAuthor Commented:
All ports are open, when I connect I do \\10.0.10.1 in Explorer then Samba asks for user and password but none of them works.
How can I see what version my Samba is ?

My smb.conf:
[i]
allow hosts = 10.0.10.180,10.0.10.221,10.0.10.220,89.17.128.171,10.0.10.101

bind interfaces only = true
security = share
...
...
guest account = nobody

[kro]
      writeable = yes
      path = /home/kro
      create mask = 0777
      directory mask = 0777
      comment = Guest access share
      public = yes

[/i]


I am trying to set up sharing without user and only restrict access by ip address.
0
 
gheistConnect With a Mentor Commented:
rpm -qa | grep ^samba

do you see anything in samba logs?
0
 
soffcecManagerAuthor Commented:
[root@CentosTX ~]# rpm -qa | grep ^samba
samba-libs-4.1.1-37.el7_0.x86_64
samba-4.1.1-37.el7_0.x86_64
samba-common-4.1.1-37.el7_0.x86_64


I get this in log when I try to logon:

[2014/10/02 11:58:55.397842,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsWARNING: Ignoring invalid value 'share' for parameter 'security'
[2014/10/02 11:58:55.435909,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsWARNING: Ignoring invalid value 'share' for parameter 'security'
[2014/10/02 11:59:10.018617,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsWARNING: Ignoring invalid value 'share' for parameter 'security'
[2014/10/02 11:59:20.877689,  0] ../source3/param/loadparm.c:3067(lp_set_enum_parm)
  WARNING: Ignoring invalid value 'share' for parameter 'security'

0
 
gheistConnect With a Mentor Commented:
security = user|ads|domain
0
 
soffcecManagerAuthor Commented:
When I try to connect form Windows command line:

C:\>net use i: \\10.0.10.253\kro /USER:maggi xxx /yes /PERSISTENT:YES

System error 86 has occurred.
The specified network password is not correct.


I have added user maggi with password xxx to Samba.
0
 
gheistCommented:
user should work fine with guest and guest mapping you have.
0
 
soffcecManagerAuthor Commented:
I still get:
System error 86 has occurred.
The specified network password is not correct.
0
 
gheistCommented:
Do you have any SPNEGO/ntlm config in samba?
0
 
soffcecManagerAuthor Commented:
No I don´t have any SPNEGO/ntlm config (don´t know what it is), I am using the same config I have on Centos 5 computer and it is working fine there.
0
 
gheistCommented:
can you check whats in samba logs after setting security to user?
It should be giving some dirt... At least windows says it could not get compatible security package or password was wrong.
0
 
soffcecManagerAuthor Commented:
bind interfaces only = true
security = user
guest account = nobody

[kro]
      writeable = yes
      path = /home/kro
      create mask = 0777
      comment = Guest access share
      directory mask = 0777
      public = yes

Samba restarted,

 tail /var/log/samba/log.smbd
[2014/10/02 13:34:59.577563,  0] ../lib/util/pidfile.c:153(pidfile_unlink)
  Failed to delete pidfile /run/smbd.pid. Error was No such file or directory
[2014/10/02 13:35:01,  0] ../source3/smbd/server.c:1198(main)
  smbd version 4.1.1 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2013
[2014/10/02 13:35:01.676246,  0] ../source3/smbd/server.c:1278(main)
  standard input is not a socket, assuming -D option
[2014/10/02 13:35:01.712986,  0] ../lib/util/become_daemon.c:136(daemon_ready)
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsUnable to connect to CUPS server localhost:631 - Transport endpoint is not connected
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsfailed to retrieve printer list: NT_STATUS_UNSUCCESSFUL



I only need the share kro to be shared with one or none user.
0
 
gheistCommented:
Now try to authenticat/net use to see auth error...
0
 
soffcecManagerAuthor Commented:
I don´t  get anything into log.smbd when I use net use i: \\10.0.10.253\kro /USER:kro\maggi xxx (10.0.10.253 is my Samba server)
0
 
gheistCommented:
Is firewall open?
0
 
soffcecManagerAuthor Commented:
Yes
0
 
gheistCommented:
i think we need to wait 24h for other experts. I have very verbose samba logs....
0
 
soffcecManagerAuthor Commented:
If remember right about 3 year ago, some expert told me to remove some extended security from Linux and then Sama started to work normally. But I cannot remember what it was.
0
 
Manfred BertlManagerCommented:
On a normal server, selinux is a PITA anyhow. I disable that right after install (in  /etc/sysconfig/selinux, setting it to 'disabled')
0
 
gheistCommented:
It is quite cool when you find the ways to get along with it.

most likely you need to try to run it and then setsebool according to what audit2allow says

btw keeping selinux at permissive level allows you to tweak policies without killing system...
0
 
soffcecManagerAuthor Commented:
The case was setting setenforce 0  and to put the Linux into same workgroup as the Windows PC.
0
 
gheistCommented:
Try to make sense form this post:
http:#a40357267

It basically says how to make friends between samba and selinux
0
All Courses

From novice to tech pro — start learning today.