| View previous topic :: View next topic |
| Author |
Message |
Skotlex
Guru
Joined: 13 Mar 2004
Posts: 309
|
 Posted: Sat May 01, 2004 9:24 pm Post subject: (Solved) Samba 3 blocks everyone... |
 |
|
Man I feel like a noob for asking this, but I've been at this for almost two hours now, and it looks to be such a simple problem.. yet it's breaking my nerves already. I just upgraded to Samba 3 (3.0.2), and apparently using the same configuration as before is not good enough.
Samba " is now a local master browser for workgroup" or so the message claims (simple setup I hope).
The problem is... well, it denies connections from everyone:
| Code: |
[smbd] [2004/05/01 15:14:12, 0] lib/access.c:check_access(328)_
[smbd] Denied connection from UNKNOWN (200.63.225.129)_
|
This is what pops out in my logs when I removed the "hosts allow" and "interface" lines of my smb.conf (in hopes of opening the server to the world), if I add the machines back to my "hosts allow" line, replace UNKNOWN for the actual machine's name, but the connection is still denied.
I am SURE this must be a dead simple thing to resolve, but the Samba docs are huge and I am going dizzy browsing from page to page looking for that solution... and I've been searching the net and even these forums.. my head hurts, and I am about to give up. Where is that "moving from Samba 2 to 3 howto" document when I need it...
Last edited by Skotlex on Sun May 02, 2004 8:47 pm; edited 1 time in total |
|
| Back to top |
|
 |
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Sat May 01, 2004 9:43 pm Post subject: |
|
|
post your samba configuration. it is much easyer to help you, when we know your config.
cheers
SteveB |
|
| Back to top |
|
|
Skotlex
Guru
Joined: 13 Mar 2004
Posts: 309
|
| Posted: Sat May 01, 2004 10:14 pm Post subject: |
|
|
Hmm... ah well, if ya think it will do any difference... it basicly goes like this:
| Code: |
[global]
workgroup = MCDOOM
netbios name = RYEL
server string = Gentoo Linux Server
message command = /usr/bin/linpopup "%f" "%m" %s; rm %s
printcap name = cups
load printers = yes
printing = cups
printer admin = @adm
log file = /var/log/samba/log.%m
max log size = 50
log level = 3
hosts allow = 200.63.242.10, 127.0.0.1
map to guest = bad user
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/private/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
|
I am not placing the share options since that's beyond the scope of the problem. And yes the "hosts allow" line is correct, but it blocks incoming requests regardless of what I place in there (placing them there just gives me the advantage of seeing the machine name who gets rejected in the logs). |
|
| Back to top |
|
|
ARC2300
Apprentice
Joined: 30 Mar 2003
Posts: 267
|
| Posted: Sun May 02, 2004 12:09 am Post subject: |
|
|
I had the same problem too, and I found out (at least for me) Samba was exporting UID's across the network.
So 1001 on one machine was different than 1001 on the other machine and I couldn't connect. 
Try downgrading to 2.2.8, see if it works. If it does, then you'll possibly have to go through and make a new smb.conf file telling it not to export UID's and GID's across the network.
_________________
It's fun to take a trip
Put acid in your veins |
|
| Back to top |
|
|
Skotlex
Guru
Joined: 13 Mar 2004
Posts: 309
|
| Posted: Sun May 02, 2004 3:16 am Post subject: |
|
|
| Well.. my smb.conf was working fine with Samba 2.2.something, just today I upgraded to 3, and using my same smb.conf it stopped working, so I thought there was some 2->3 step I missed somewhere. I suppose I'll have to try creating a minimal smb.conf and see if it works and start from that... |
|
| Back to top |
|
|
Skotlex
Guru
Joined: 13 Mar 2004
Posts: 309
|
| Posted: Sun May 02, 2004 8:45 pm Post subject: |
|
|
Ok fixed.
After fiddling around, I found out that the problem was the HOSTS ALLOW line... for some reason, just placing the hostname was not enough, I had to place it in the format "HOST.WORKGROUP" (and even stranger was that placing the ip 127.0.0.1 in there did NOT let me connect either  ) |
|
| Back to top |
|
|
Tarball
Tux's lil' helper
Joined: 19 Jun 2002
Posts: 142
Location: Cheshire, UK
|
| Posted: Sun May 02, 2004 9:59 pm Post subject: |
|
|
I too have a similar problem. I don't have any fancy network set up. Mainly, I use samba to allow my gf's laptop (WinXP) to access files on my desktop (Gentoo) machine.
The shares were setup as public shares (ie requiring no username or password and after upgrading to samba 3.0.2a I can no longer access them.
Here's my smb.conf
| Code: |
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/05/01 14:38:06
# Global parameters
[global]
workgroup = NATTYNET
server string = Ecco (Samba Server)
interfaces = 192.168.0.2/24
security = SHARE
username map = /etc/samba/smbusers
log level = 1
log file = /var/log/samba/log.%m
max log size = 128
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
logon drive = h:
logon home = \\ecco\home\%U
domain master = Yes
dns proxy = No
wins server = 127.0.0.1
hosts allow = 192.168.0., 127.
hosts deny = ALL
min print space = 2000
printing = cups
hide unreadable = Yes
[homes]
comment = Home Directories
path = /home/%S
username = %S
read only = No
browseable = No
[printers]
comment = All Printers
path = /tmp
read only = No
create mask = 0700
guest ok = Yes
printable = Yes
print command = lpr -P %p -o raw %s -r # using client side printer drivers.
use client driver = Yes
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
[Music]
comment = Music files
path = /mnt/multimedia/Audio
guest only = Yes
guest ok = Yes
[Videos]
comment = Video files
path = /mnt/multimedia/Video
guest only = Yes
guest ok = Yes
[Images]
comment = Music files
path = /mnt/multimedia/Audio
guest only = Yes
guest ok = Yes
|
Here are the log files for smbd:
| Code: |
[2004/05/02 21:36:49, 0] smbd/server.c:main(747)
smbd version 3.0.2a started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/05/02 21:36:49, 0] smbd/server.c:main(781)
standard input is not a socket, assuming -D option
|
and nmbd:
| Code: |
[2004/05/02 21:36:49, 0] nmbd/nmbd.c:main(664)
Netbios nameserver version 3.0.2a started.
Copyright Andrew Tridgell and the Samba Team 1994-2004
[2004/05/02 21:36:49, 0] nmbd/nmbd.c:main(683)
standard input is not a socket, assuming -D option
[2004/05/02 21:36:49, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(327)
become_domain_master_browser_wins:
Attempting to become domain master browser on workgroup NATTYNET, subnet UNICAST_SUBNET.
[2004/05/02 21:36:49, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(341)
become_domain_master_browser_wins: querying WINS server from IP 0.0.0.0 for domain master browser name NATTYNET<1b> on workgroup NATTYNET
[2004/05/02 21:36:49, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:36:49, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:36:49, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:36:49, 0] nmbd/nmbd_incomingrequests.c:process_name_registration_request(213)
process_name_registration_request: unicast name registration request received for name NATTYNET<00> from IP 192.168.0.2 on subnet UNICAST_SUBNET. Error - should be sent to WINS server
[2004/05/02 21:36:49, 0] nmbd/nmbd_nameregister.c:register_name_response(130)
register_name_response: WINS server at IP 192.168.0.2 rejected our name registration of NATTYNET<00> IP 192.168.0.2 with error code 1.
[2004/05/02 21:36:49, 0] nmbd/nmbd_workgroupdb.c:fail_register(210)
fail_register: Failed to register name NATTYNET<00> on subnet UNICAST_SUBNET.
[2004/05/02 21:36:49, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283)
standard_fail_register: Failed to register/refresh name NATTYNET<00> on subnet UNICAST_SUBNET
[2004/05/02 21:36:49, 0] nmbd/nmbd_incomingrequests.c:process_name_registration_request(213)
process_name_registration_request: unicast name registration request received for name NATTYNET<1e> from IP 192.168.0.2 on subnet UNICAST_SUBNET. Error - should be sent to WINS server
[2004/05/02 21:36:49, 0] nmbd/nmbd_nameregister.c:register_name_response(130)
register_name_response: WINS server at IP 192.168.0.2 rejected our name registration of NATTYNET<1e> IP 192.168.0.2 with error code 1.
[2004/05/02 21:36:49, 0] nmbd/nmbd_workgroupdb.c:fail_register(210)
fail_register: Failed to register name NATTYNET<1e> on subnet UNICAST_SUBNET.
[2004/05/02 21:36:49, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283)
standard_fail_register: Failed to register/refresh name NATTYNET<1e> on subnet UNICAST_SUBNET
[2004/05/02 21:36:55, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:36:55, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:36:55, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:00, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:00, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:00, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:04, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:04, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:04, 0] nmbd/nmbd_packets.c:process_nmb_request(1448)
process_nmb_request: Multihomed registration request must be directed at a WINS server.
[2004/05/02 21:37:10, 0] nmbd/nmbd_become_dmb.c:become_domain_master_query_fail(252)
become_domain_master_query_fail: Error 0 returned when querying WINS server for name NATTYNET<1b>.
[2004/05/02 21:37:12, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
*****
Samba name server ECCO is now a local master browser for workgroup NATTYNET on subnet 192.168.0.2
*****
[2004/05/02 21:37:33, 0] nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(350)
find_domain_master_name_query_fail:
Unable to find the Domain Master Browser name NATTYNET<1b> for the workgroup NATTYNET.
Unable to sync browse lists in this workgroup.
[2004/05/02 21:42:03, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(327)
become_domain_master_browser_wins:
Attempting to become domain master browser on workgroup NATTYNET, subnet UNICAST_SUBNET.
[2004/05/02 21:42:03, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(341)
become_domain_master_browser_wins: querying WINS server from IP 0.0.0.0 for domain master browser name NATTYNET<1b> on workgroup NATTYNET
[2004/05/02 21:42:24, 0] nmbd/nmbd_become_dmb.c:become_domain_master_query_fail(252)
become_domain_master_query_fail: Error 0 returned when querying WINS server for name NATTYNET<1b>.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172)
process_name_refresh_request: unicast name registration request received for name NATALIE<03> from IP 192.168.0.4 on subnet UNICAST_SUBNET.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173)
Error - should be sent to WINS server
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172)
process_name_refresh_request: unicast name registration request received for name JAY<03> from IP 192.168.0.4 on subnet UNICAST_SUBNET.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173)
Error - should be sent to WINS server
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172)
process_name_refresh_request: unicast name registration request received for name NATTYNET<00> from IP 192.168.0.4 on subnet UNICAST_SUBNET.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173)
Error - should be sent to WINS server
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172)
process_name_refresh_request: unicast name registration request received for name FLICKY<03> from IP 192.168.0.4 on subnet UNICAST_SUBNET.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173)
Error - should be sent to WINS server
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172)
process_name_refresh_request: unicast name registration request received for name FLICKY<20> from IP 192.168.0.4 on subnet UNICAST_SUBNET.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173)
Error - should be sent to WINS server
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172)
process_name_refresh_request: unicast name registration request received for name FLICKY<00> from IP 192.168.0.4 on subnet UNICAST_SUBNET.
[2004/05/02 21:42:32, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173)
Error - should be sent to WINS server
|
Here is the client log when I try to access one of the shares from the laptop:
| Code: |
[2004/05/02 21:37:07, 0] smbd/service.c:make_connection_snum(677)
'/mnt/multimedia/Audio' does not exist or is not a directory, when connecting to [Images]
[2004/05/02 21:37:08, 0] smbd/service.c:make_connection_snum(677)
'/mnt/multimedia/Audio' does not exist or is not a directory, when connecting to [Images]
|
Regarding the above log, the directory /mnt/multimedia/Images definately does exist!
I also used to access these shares from my modded Xbox using an application called Xbox Media Center which actual contains samba code ported to the Xbox, when I try to access a share from the Xbox I get the error NT_STATUS_OBJECT_NAME_NOT_FOUND
I tried changing the hosts allow option as suggested to no avail!! |
|
| Back to top |
|
|
Skotlex
Guru
Joined: 13 Mar 2004
Posts: 309
|
| Posted: Sun May 02, 2004 11:16 pm Post subject: |
|
|
Ow man why did ya go ahead and post in a thread I already marked as "solved"... people won't come here to see the problem now ^.^o
But I CAN see the problem quite clearly (and I don't understand how it was working before for you). Your logs left and right keep screaming that there's something wrong with your WINS server (ie, you keep connecting to yourself as if your box was a wins server, but samba keeps screaming "I am not a wins server!")
So I went to read the smb.conf file for the wins related info:
| Code: |
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
|
Notice the part where it says you CAN'T be a wins server AND client at a time? Well what do you think your config says?
| Code: |
wins server = 127.0.0.1
|
That is basicly saying "I want to be a wins client, and the wins server is me". Um... 
If you want your box to be the WINS server, then try using "win support = yes" and NOT "wins server = 127.0.0.1"...
If that doesn't solves your problem, I suggest to go make a thread about it because I don't think people go and solve problems in threads marked as solved |
|
| Back to top |
|
|
Tarball
Tux's lil' helper
Joined: 19 Jun 2002
Posts: 142
Location: Cheshire, UK
|
| Posted: Sun May 02, 2004 11:34 pm Post subject: |
|
|
When I started typing the post it was not solved, by the time I'd submitted it you had marked it solved 
I changed my smb.conf, the nmbd.log looks a lot better but I am still having a problem. If I try to connect from WinXP I get an error 'Th network name cannot be found'. If I try to connect from Konqueror, I get prompted for a password. I'll take you advice and start a new thread!
Cheers |
|
| Back to top |
|
|
humbletech99
Veteran
Joined: 26 May 2005
Posts: 1229
Location: London
|
| Posted: Wed May 03, 2006 8:26 am Post subject: |
|
|
Skotlex, I've found the WINS errors in my nmbd log for an older server of mine but checking it's smb.conf both lines containing the wins server and wins support are commented out so I don't think it's this.
Did anybody find out the cause of or the solution to the errors:
| Code: | [2006/05/03 09:22:39, 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_reque
st(184)
Error - should be sent to WINS server |
_________________
The Human Equation:
value(geeks) > value(mundanes) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
