Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Samba share - currently not working
Operating Systems Linux Red Hat Samba share - currently not working Post 303002332 by hicksd8 on Tuesday 22nd of August 2017 10:58:39 AM
Old 08-22-2017
As Robin says, we need more information.

As far as the Samba password setup it typically goes like this:

1. Usually, the MS admin creates a share (hidden or visible) with the Unix users username and password. Then the Unix/Linux user simply logs in and his password is transmitted to the MSbox to access the share.
2. The Unix admin installs an SMB client and declares (adds) the specific Unix user as an SMB user.
3. At this point you would expect a connection to the MS share to work BUT IT Doesn't. The reason is that the SMB password to be transmitted to the MSbox has to be hashed in (typically) '/var/smb/smbpasswd' but when you look in there, that users hashed record is not there. However, now the Unix box is aware that the user is an SMB client user, if the sysadmin (or the user themselves) resets that user's password with the 'passwd' command (even if it's set to what is was already), the hash will be put in '/var/smb/smbpasswd' file. It miraculously appears. Until that hash is in the smbpasswd file there isn't a hope in hell of it working.

So on your Linux box find your 'smbpasswd' file and look in there to see that a hash for that user exists. If it doesn't you need to set/reset that users password, and if it does, confirm whether that users password is what the Samba server is expecting.
This User Gave Thanks to hicksd8 For This Post:
psychocandy
 

10 More Discussions You Might Find Interesting

1. Solaris

Samba: share subfolder as read only.

Hi, Currently I have a Samba shared configured as follows: comment = Public fileshare path = /u02/pub guest ok = Yes writeable = Yes There is a subfolder under /u02/pub called /u02/pub/expenses/hardware that I need to make read only. How do I do this? I am new to using Samba. ... (2 Replies)
Discussion started by: sparcman
2 Replies

2. Linux

Samba share script

Hi everyone! I'm trying to run a script when a folder is shared and when it stop being shared. Is there something like .start_share or .stop_share scripts in Samba where I could run some commands?:confused: edit: maybe with a wrapper in smbmount but I share folders via nautilus. Any ideas? (0 Replies)
Discussion started by: funyotros
0 Replies

3. Solaris

SAMBA is connecting to the share somehow as root

I'm running Solaris 10 with Samba server. The client is a Windows XP desktop. I have set this up for various other servers and this is the first time that I'm seeing the problem. I have a prod & test solaris samba server configured exactly the same and the share is encrypted by Vormetric. The... (0 Replies)
Discussion started by: woot14
0 Replies

4. UNIX for Advanced & Expert Users

Problems between a HP UX 11.31 Samba share and Windows 7...

Hi I have an issue with a client. He was able to use his mounted Samba share for a long time. However, a couple of days ago, he wasn't able to access all of his files all of a sudden. He still see's the share and majority of the files, but not some that he needs. I checked with Secure CRT on... (1 Reply)
Discussion started by: zixzix01
1 Replies

5. Solaris

samba issue: one samba share without password prompting and the others with.

Hi All, I've been trying to configure samba on Solaris 10 to allow me to have one share that is open and writable to all users and have the rest of my shares password protected by a generic account. If I set my security to user, my secured shares work just fine and prompt accordingly, but when... (0 Replies)
Discussion started by: ideal2545
0 Replies

6. Red Hat

How to Map AD groups to Samba share?

I am setup a samba share server which is authenticating from Active Directory. I am able to access the share with AD user but not able to access when group defined in "valid users" parameters. below are the steps i performed. In smb.conf workgroup = QASLABS password server =... (3 Replies)
Discussion started by: sunnysthakur
3 Replies

7. Red Hat

Samba share problem in Linux 6.4

Hi , In samba i have shared my home directory, but its showing as a printer. Not able to share data. $ smbclient -L 192.168.122.1 Enter priyank's password: Domain= OS= Server= Sharename Type Comment --------- ---- ------- shared_priyank Printer ... (3 Replies)
Discussion started by: Priy
3 Replies

8. Red Hat

Samba share assess w/no authentication

RH 6.4 Samba 3.5.10. Joined a Windows AD (net rpc) I'm trying to create a public read-only share but regardless of the options I've tried users get prompted for a user/password. Can someone tell me whats wrong with my setup? I'm trying to make a whole filesystem that will contain installation... (0 Replies)
Discussion started by: dignarn
0 Replies

9. UNIX for Beginners Questions & Answers

Samba Share access from windows

Hello, I want to connect to two samba shares both on the same Linux box but each with a different username from a windows server 2008. I created 2 gpos to connect and I can connect to the shares individually via net use command, but once I entered credentials for one of the shares, it seems I... (1 Reply)
Discussion started by: zaineyma
1 Replies

10. UNIX for Advanced & Expert Users

Mounting a samba share

Hi, I need to mount a directory from a Windows server to a CentOS box. The Windows server used is Windows Server 2003, and the path to the directory that I want to mount on CentOS is C:\Tomcat6\webapps\NASApp\logs. I am not sure of the correct way to mount this on CentOS, as most of the... (2 Replies)
Discussion started by: anaigini45
2 Replies

LEARN ABOUT CENTOS

smbpasswd

SMBPASSWD(5)						   File Formats and Conventions 					      SMBPASSWD(5)

NAME

       smbpasswd - The Samba encrypted password file

SYNOPSIS

       smbpasswd

DESCRIPTION

       This tool is part of the samba(7) suite.

       smbpasswd is the Samba encrypted password file. It contains the username, Unix user id and the SMB hashed passwords of the user, as well as
       account flag information and the time the password was last changed. This file format has been evolving with Samba and has had several
       different formats in the past.

FILE FORMAT

       The format of the smbpasswd file used by Samba 2.2 is very similar to the familiar Unix passwd(5) file. It is an ASCII file containing one
       line for each user. Each field within each line is separated from the next by a colon. Any entry beginning with '#' is ignored. The
       smbpasswd file contains the following information for each user:

       name
	   This is the user name. It must be a name that already exists in the standard UNIX passwd file.

       uid
	   This is the UNIX uid. It must match the uid field for the same user entry in the standard UNIX passwd file. If this does not match then
	   Samba will refuse to recognize this smbpasswd file entry as being valid for a user.

       Lanman Password Hash
	   This is the LANMAN hash of the user's password, encoded as 32 hex digits. The LANMAN hash is created by DES encrypting a well known
	   string with the user's password as the DES key. This is the same password used by Windows 95/98 machines. Note that this password hash
	   is regarded as weak as it is vulnerable to dictionary attacks and if two users choose the same password this entry will be identical
	   (i.e. the password is not "salted" as the UNIX password is). If the user has a null password this field will contain the characters "NO
	   PASSWORD" as the start of the hex string. If the hex string is equal to 32 'X' characters then the user's account is marked as disabled
	   and the user will not be able to log onto the Samba server.

	   WARNING !!  Note that, due to the challenge-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this
	   password hash will be able to impersonate the user on the network. For this reason these hashes are known as plain text equivalents and
	   must NOT be made available to anyone but the root user. To protect these passwords the smbpasswd file is placed in a directory with
	   read and traverse access only to the root user and the smbpasswd file itself must be set to be read/write only by root, with no other
	   access.

       NT Password Hash
	   This is the Windows NT hash of the user's password, encoded as 32 hex digits. The Windows NT hash is created by taking the user's
	   password as represented in 16-bit, little-endian UNICODE and then applying the MD4 (internet rfc1321) hashing algorithm to it.

	   This password hash is considered more secure than the LANMAN Password Hash as it preserves the case of the password and uses a much
	   higher quality hashing algorithm. However, it is still the case that if two users choose the same password this entry will be identical
	   (i.e. the password is not "salted" as the UNIX password is).

	   WARNING !!. Note that, due to the challenge-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this
	   password hash will be able to impersonate the user on the network. For this reason these hashes are known as plain text equivalents and
	   must NOT be made available to anyone but the root user. To protect these passwords the smbpasswd file is placed in a directory with
	   read and traverse access only to the root user and the smbpasswd file itself must be set to be read/write only by root, with no other
	   access.

       Account Flags
	   This section contains flags that describe the attributes of the users account. This field is bracketed by '[' and ']' characters and is
	   always 13 characters in length (including the '[' and ']' characters). The contents of this field may be any of the following
	   characters:

	   o   U - This means this is a "User" account, i.e. an ordinary user.

	   o   N - This means the account has no password (the passwords in the fields LANMAN Password Hash and NT Password Hash are ignored).
	       Note that this will only allow users to log on with no password if the
		null passwords parameter is set in the smb.conf(5) config file.

	   o   D - This means the account is disabled and no SMB/CIFS logins will be allowed for this user.

	   o   X - This means the password does not expire.

	   o   W - This means this account is a "Workstation Trust" account. This kind of account is used in the Samba PDC code stream to allow
	       Windows NT Workstations and Servers to join a Domain hosted by a Samba PDC.

       Other flags may be added as the code is extended in future. The rest of this field space is filled in with spaces. For further information
       regarding the flags that are supported please refer to the man page for the pdbedit command.

       Last Change Time
	   This field consists of the time the account was last modified. It consists of the characters 'LCT-' (standing for "Last Change Time")
	   followed by a numeric encoding of the UNIX time in seconds since the epoch (1970) that the last change was made.

       All other colon separated fields are ignored at this time.

VERSION

       This man page is correct for version 3 of the Samba suite.

SEE ALSO

       smbpasswd(8), Samba(7), and the Internet RFC1321 for details on the MD4 algorithm.

AUTHOR

       The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

       The original Samba man pages were written by Karl Auer. The man page sources were converted to YODL format (another excellent piece of Open
       Source software, available at ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 release by Jeremy Allison. The conversion to
       DocBook for Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was done by Alexander Bokovoy.

Samba 4.0							    06/17/2014							      SMBPASSWD(5)
All times are GMT -4. The time now is 06:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy