On Tue, 2002-02-12 at 10:55, Paul Kraus wrote: > i start the demon. I can smbclient -L any windows pc on the network. I > can see my machine in all the windows network neighborhoods. But when I > try to attch from anywhere I am rejected. When I even try to do an > smbclient -L <mymachine name> as root I get this message. > > added interface ip=192.168.254.100 bcast=192.168.254.255 > nmask=255.255.255.0 > added interface ip=192.168.157.1 Bcast = 192.168.157.255 > nmask=255.255.255.0 > added interface ip = 175.16.17.1 bcast=172.16.17.255 nmask 255.255.255.0 > Got a positve name query response from 192.168.254.1 (192.168.254.100) > error connecting to 192.168.254.100:139 (connection refused) > Connection to <my machine> failed
This looks like you don't have Samba users set up yet. Samba has its own /etc/smbusers and /etc/smbpasswd files to authenticate users and passwords over the network. For small networks, you generally don't need to worry about the smbusers file, but the smbpasswd file is always used. To create Samba users, run the following command as root: # smbpasswd -a <username> When you press Enter, you will be prompted to enter a password for the named user, twice. The user name and password should match the Windows user name and password when they login to their desktop. It is not necessary to match Windows user accounts to actual Linux user accounts in Samba, though it might make things easier to administer for you. Also, if you DO use actual Linux user accounts, then any time a user opens Network Neighborhood to view the server, they will automatically have a share created from their home directory (based on the [homes] section of smb.conf). Also see my comments below... > #============================ Share Definitions ============================== > [homes] > comment = Home Directories > browseable = yes > writable = no So when a user logs in, their Linux home directory is read-only. You might want to change this, unless you have a good reason. Remember, the home share is created on the fly for each user, and is not visible to other users. That is to say, when I login to my laptop as "dave" and open Net Neighborhood, I see a Public share and a Dave share on my Samba server. My wife sees a Public share and a Carrie share. We do not see each other's home shares, only our own. > # This one is useful for people to share files > [tmp] > comment = Temporary file space > path = /home/paul/share > read only = no > public = yes This is a good one. Remember to set the directory permissions on share/ to 777, otherwise Samba won't really be able to use it properly. Also, notice that "writable=no" is the *same* as "read only=yes", and vise versa. > # A publicly accessible directory, but read only, except for people in > # the "staff" group > [public] > comment = Public Stuff > path = /home/pdk/share > public = yes > writable = yes > write list = @staff Another good one, with an entire user group (taken from the /etc/groups file) given permission to the share. Again, remember to set proper directory permissions. > # a service which has a different directory for each machine that connects > # this allows you to tailor configurations to incoming machines. You could > # also use the %u option to tailor it by user name. > # The %m gets replaced with the machine name that is connecting. > [pchome] > comment = PC Directories > path = /usr/pc/%m > public = no > writable = yes Does this one exist on your system, or is it a relic of the sample smb.conf file? Personally, I would never put a share in /usr. Move it to /home instead. > # The following two entries demonstrate how to share a directory so that two > # users can place files there that will be owned by the specific users. In this > # setup, the directory should be writable by both users and should have the > # sticky bit set on it to prevent abuse. Obviously this could be extended to > # as many users as required. > [myshare] > comment = Mary's and Fred's stuff > path = /usr/somewhere/shared > valid users = mary fred > public = no > writable = yes > printable = no > # create mask = 0765 I *know* this one is a relic from the sample file. However, it shoes a good example of the creation mask to automatically set permissions on all files created in this share, so others can access them as well. Dave -- Beware the wrath of dragons, for you are crunchy, and good with ketchup.
signature.asc
Description: This is a digitally signed message part