Christian Palacios
asked on
Cannot connect to Linux server to see samba shares
I'm trying to set up a samba share on an Oracle Linux 6.8 server, but even after I installed samba and set up the share in smb.conf, every time I go to the server through the IP (\\172.16.80.9) I keep getting a message that I can't connect. I disabled the firewall (iptables/selinux), but it didn't work. Am I missing something?
ASKER
Thanks David. I can ping 172.16.80.9, I've always been able to ping it. Since I created the VM to be on our LAN, it got an internal IP. If I do a tracert 172.16.80.9, I can hit it within two hops.
What are the contents of SMB.conf ?
Please redact any user account info if it exists.
Please redact any user account info if it exists.
ASKER
Is there a specific section that you want? Here are a few lines.
hosts allow = 127. 172.16
[sambashare]
comment=Shared /tmp/samba directory
path=/tmp/samba
writeable=yes
browseable=yes
public=yes
create mask = 0644
directory mask = 0755
force user = shareuser
hosts allow = 127. 172.16
[sambashare]
comment=Shared /tmp/samba directory
path=/tmp/samba
writeable=yes
browseable=yes
public=yes
create mask = 0644
directory mask = 0755
force user = shareuser
hosts allow = 172.16.0.0/255.255.0.0
.... or
hosts allow = 172.16.80.0/255.255.255.0
Depending on your subnet class.
.... or
hosts allow = 172.16.80.0/255.255.255.0
Depending on your subnet class.
If the GUI isn’t creating the proper lines you will have to add them yourself. “Shareuser” would have to be an actual user with permissions applied properly....for it to work with those lines.
I can post you mine as an example in a little while when I return to my office. Mine allows for anonymous access/full control....within the subnet.
I can post you mine as an example in a little while when I return to my office. Mine allows for anonymous access/full control....within the subnet.
At a glance that looks like the default example... for the samba config.
What OS are you using to browse to the shares? Samba AFAIK still defaults to SMB V1, but most modern OS's have turned that option off...
ASKER
I'm using Windows 10.
Having anonymous access is exactly what I need Ron. An example would be great!
Having anonymous access is exactly what I need Ron. An example would be great!
You might have to enable SMB v1 in Windows 10 if your version of Samba doesn't support SMB V3...
https://support.microsoft.com/en-us/help/2696547/how-to-detect-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and
https://support.microsoft.com/en-us/help/2696547/how-to-detect-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and
ASKER
How can I configure Samba to work with all Windows versions? I am not the only one who is going to use this share and we don't all have Windows 10, the majority have Windows 7.
I'm not sure if Oracle Linux 6 supports SMB v3... You need a newer Samba version, I believe over 4.11
ASKER
This is the version I have, Samba version 3.6.23-51.0.1.el6, what's the easiest way to upgrade it?
I don't think Oracle Linux 6 has a newer Samba... If Oracle has released a 7 version it most likely will have a newer Samba. Or you could take your chances with CentOS 7 instead. There might be alternate places to get newer Samba compiled for Oracle 6, but it is getting a bit dated...
I keep getting a message that I can't connect.
What is the exact error message?
It's possible you didn't setup appropriate users / permissions / groups.
ASKER
When I enter \\172.16.80.9 in Windows Explorer I get this message:
Network Error
Windows cannot access \\172.16.80.9
Error code: 0x8004005
Unspecified Error
Would this still be a firewall issue? If I do have to use a different Linux OS, does it have to be one that is newer, like version 7/8/9?
Network Error
Windows cannot access \\172.16.80.9
Error code: 0x8004005
Unspecified Error
Would this still be a firewall issue? If I do have to use a different Linux OS, does it have to be one that is newer, like version 7/8/9?
That does sound like a samba version issue.
Have you tried enabling and then checking samba logs on the Linux machine?
Have you tried enabling and then checking samba logs on the Linux machine?
This is the relevant portion of my samba share conf file.
;these lines are below the global section...
[yoursharename]
path = /usr/root/sharedfolder
writeable = yes
guest ok = yes
;#======================= Global Settings [at the top of the file] ========================== ========== =
[global]
workgroup = workgroup
netbios name = GTNKDOMAIN
server string = samba server %v
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = no
dns proxy = No
security = SHARE
hosts allow = 127. 192.168.6. 192.168.7. 192.168.8. 192.168.1. 192.168.56. 10.0.0. 172.16. 192.168.254.
As you can see I have numerous subnets....each separated by a "space" " "..
After you update your smb.conf file... run the command....
sudo service smb stop
sudo service smb start
....or simply restart your server.
Try again, let me know the results.
btw, I am connecting to my Samba share from a Win10 machine. Using CentOS 5 on the Linux machine. It is possible it is a versioning issue, but my gut tells me that's not it because Win10 actually has very good backward compatibility for Win shares...going back to win2k3.
;these lines are below the global section...
[yoursharename]
path = /usr/root/sharedfolder
writeable = yes
guest ok = yes
;#======================= Global Settings [at the top of the file] ==========================
[global]
workgroup = workgroup
netbios name = GTNKDOMAIN
server string = samba server %v
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = no
dns proxy = No
security = SHARE
hosts allow = 127. 192.168.6. 192.168.7. 192.168.8. 192.168.1. 192.168.56. 10.0.0. 172.16. 192.168.254.
As you can see I have numerous subnets....each separated by a "space" " "..
After you update your smb.conf file... run the command....
sudo service smb stop
sudo service smb start
....or simply restart your server.
Try again, let me know the results.
btw, I am connecting to my Samba share from a Win10 machine. Using CentOS 5 on the Linux machine. It is possible it is a versioning issue, but my gut tells me that's not it because Win10 actually has very good backward compatibility for Win shares...going back to win2k3.
ASKER
Is this what I am looking for in the logs? It does look like it's enabled. This is from log.smdb.
[2019/01/07 16:02:54, 0] smbd/server.c:1054(main)
smbd version 3.6.23-51.0.1.el6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2011
[2019/01/07 16:02:54.788391, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:02:54.788815, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:15:55.854212, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:15:55.854807, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:28:56.482172, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:28:56.482863, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:41:56.945565, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:41:56.946194, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:54:57.457353, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:54:57.458053, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 17:07:58.003039, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 17:07:58.003510, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 17:20:58.638532, 0] printing/print_cups.c:151( cups_conne ct)
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 17:20:58.639189, 0] printing/print_cups.c:528( cups_async _callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:02:54, 0] smbd/server.c:1054(main)
smbd version 3.6.23-51.0.1.el6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2011
[2019/01/07 16:02:54.788391, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:02:54.788815, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:15:55.854212, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:15:55.854807, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:28:56.482172, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:28:56.482863, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:41:56.945565, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:41:56.946194, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 16:54:57.457353, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 16:54:57.458053, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 17:07:58.003039, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 17:07:58.003510, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2019/01/07 17:20:58.638532, 0] printing/print_cups.c:151(
Unable to connect to CUPS server localhost:631 - Connection refused
[2019/01/07 17:20:58.639189, 0] printing/print_cups.c:528(
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
ASKER
Thanks Ron! The server doesn't have to be part of a specific workgroup or domain for your set up to work right?
No it does not have to be part of the workgroup or domain, but putting the information in helps Samba to "allow" machines from those workgroups, domains, and subnets.
It is possible to integrate it with Active Directory as well.... but I abandoned that project years ago, because I really only care about access from the local subnet or specific IP addresses within my subnet.
Remember this is Linux trying it's best to mimic the process that Windows uses to give you file/folder access. It has to have the relevant information ... to allow access. Those would consist of USER permissions, Domain, Workgroup, and Subnet. Since you are not authenticating users... you should only need the later 3 items in your config for Samba to work.
Remember though, when you make a change to the .conf file, you have to restart the SMB service to get the new settings or restart the server entirely...and test it.
;test
\\yourseverIP\sharename
It is possible to integrate it with Active Directory as well.... but I abandoned that project years ago, because I really only care about access from the local subnet or specific IP addresses within my subnet.
Remember this is Linux trying it's best to mimic the process that Windows uses to give you file/folder access. It has to have the relevant information ... to allow access. Those would consist of USER permissions, Domain, Workgroup, and Subnet. Since you are not authenticating users... you should only need the later 3 items in your config for Samba to work.
Remember though, when you make a change to the .conf file, you have to restart the SMB service to get the new settings or restart the server entirely...and test it.
;test
\\yourseverIP\sharename
ASKER
OK, I decided to create a new VM and install Oracle Unbreakable Linux 7.6, which has Samba version 4.8.3. It's not working with this set up in my smb.conf file, what am I missing? Error is at the bottom.
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = cne-lin01.int.cgg.com
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = no
dns proxy = No
security = SHARE
#map to guest = bad user
#dns proxy = no
hosts allow = 127. 172.16.
#========================= === Share Definitions ========================== ====
[share1]
path = /temp/shareone
writeable = yes
guest ok = yes
##ERROR###
[root@localhost ~]# smbstatus
WARNING: Ignoring invalid value 'SHARE' for parameter 'security'
Can't load /etc/samba/smb.conf - run testparm to debug it
[root@localhost ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: Ignoring invalid value 'SHARE' for parameter 'security'
Error loading services.
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = cne-lin01.int.cgg.com
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = no
dns proxy = No
security = SHARE
#map to guest = bad user
#dns proxy = no
hosts allow = 127. 172.16.
#=========================
[share1]
path = /temp/shareone
writeable = yes
guest ok = yes
##ERROR###
[root@localhost ~]# smbstatus
WARNING: Ignoring invalid value 'SHARE' for parameter 'security'
Can't load /etc/samba/smb.conf - run testparm to debug it
[root@localhost ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: Ignoring invalid value 'SHARE' for parameter 'security'
Error loading services.
The smb.conf parameter that sets share-level security is:
security = share
It's possible it's case sensitive in version 3.
https://www.samba.org/samba/docs/old/Samba3-HOWTO/ServerType.html#id2559439
security = share
It's possible it's case sensitive in version 3.
https://www.samba.org/samba/docs/old/Samba3-HOWTO/ServerType.html#id2559439
Also, I see you are using the FQDN in "netbios name = cne-lin01.int.cgg.com"
Put the NETBIOS domain name there... not the fully qualified name.
Put the NETBIOS domain name there... not the fully qualified name.
ASKER
Ok, made some changes, but not working. Here is my current smb.conf file. Error at the bottom.
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = CGG
preferred master = No
local master = no
dns proxy = No
security = share
hosts allow = 127. 172.16.
#========================= === Share Definitions ========================== ====
[share1]
path = /tmp/shareone
browseable = yes
writeable = yes
guest ok = yes
read only = no
###ERROR###
[root@cne-lin01 shareone]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: Ignoring invalid value 'share' for parameter 'security'
Error loading services.
[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = CGG
preferred master = No
local master = no
dns proxy = No
security = share
hosts allow = 127. 172.16.
#=========================
[share1]
path = /tmp/shareone
browseable = yes
writeable = yes
guest ok = yes
read only = no
###ERROR###
[root@cne-lin01 shareone]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: Ignoring invalid value 'share' for parameter 'security'
Error loading services.
I think RedHat removed share level security in one of its backports from Samba V4. Since Oracle Linux is ported from RedHat, that might be your issue.
You might have to use something similar to the guest access configurations...
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
You might have to use something similar to the guest access configurations...
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
Thinking of other ways to do this, do you need it to be Samba and Oracle Linux? Why not setup a NFS distro of some kind that's meant to share files from the start?
ASKER
They are testing something here and they need to test it with a Linux Samba share. I didn't ask why, I am just in charge of setting it up.
ASKER
Thanks Scott. I followed the instructions but I can't connect to the shares when testing them. I changed the hostname of the server to cne-lin01.
[root@cne-lin01 samba]# smbclient -U demoUser //cne-lin01/demo
Connection to cne-lin01 failed (Error NT_STATUS_CONNECTION_REFUS ED)
[root@cne-lin01 samba]# smbclient -U demoUser //cne-lin01/guest
Connection to cne-lin01 failed (Error NT_STATUS_CONNECTION_REFUS ED)
[root@cne-lin01 samba]# smbclient -U demoUser //cne-lin01/demo
Connection to cne-lin01 failed (Error NT_STATUS_CONNECTION_REFUS
[root@cne-lin01 samba]# smbclient -U demoUser //cne-lin01/guest
Connection to cne-lin01 failed (Error NT_STATUS_CONNECTION_REFUS
Did you try turning on SMB v1 on the Win 10 box you are using to see if it is the SMB level?
Seems the next logical step is to check if your firewall on the server is on.. and if so.. is it allowing smb connections.
ASKER
OK, does anyone else have a suggestion for how to get this set up properly? I have now created a Ubuntu 18.04 VM and configured Samba on it. I can connect to the Samba share from another Linux VM, but Windows still won't work. Attached is my smb.conf file, any suggestions?
smb.conf
smb.conf
Did you enable SMB v1 in Windows?
Is your samba new enough to support SMB v3?
You need one or the other...
Is your samba new enough to support SMB v3?
You need one or the other...
Is windows the host computer?
If so...
Can you verify your VM network can “talk” to the host? Can you ping the VM?.. and
If not... then my guess is your vm network either can’t or won’t communicate with your LAN or host network... could be firewall could be configuration issue.
If so...
Can you verify your VM network can “talk” to the host? Can you ping the VM?.. and
If not... then my guess is your vm network either can’t or won’t communicate with your LAN or host network... could be firewall could be configuration issue.
ASKER
The version is 4.7.6-Ubuntu. How can I check if it can support SMB v3?
You can always try to add the proper line to the global section of your smb.conf file and restarting samba...
You can also run "testparm" to verify your smb.conf file..
And 4.7.6 is probably your kernel version and not your Ubuntu version since it is up in the 18's
min protocol = SMB2 (or SMB3)
If it balks or doesn't work, your samba is too oldYou can also run "testparm" to verify your smb.conf file..
And 4.7.6 is probably your kernel version and not your Ubuntu version since it is up in the 18's
ASKER
Thanks Scott. I made the change and this is the output of testparm, does it look OK?
testuser@cne-lin01:~$ testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: The "syslog" option is deprecated
Processing section "[printers]"
Processing section "[print$]"
Processing section "[sambashare]"
Loaded services file OK.
Server role: ROLE_STANDALONE
testuser@cne-lin01:~$ testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: The "syslog" option is deprecated
Processing section "[printers]"
Processing section "[print$]"
Processing section "[sambashare]"
Loaded services file OK.
Server role: ROLE_STANDALONE
it didn't choke. If samba restarts, try and access the share.
You might have to also try SMB3 with windows 10 clients.
You might have to also try SMB3 with windows 10 clients.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Reference https://en.wikipedia.org/w
In short, you'll likely have to create a static route between your machine + 172.16.80.9 before any traffic will flow.
When you can ping 172.16.80.9, you can proceed with your debugging.