cnschulz
April 29th, 2008, 12:24 AM
Hi,
I understand there has been some tighnening of SMB security in Hardy. Cool, except it broke my XBMC SMB connections!
I use(d) SHARE level connectivity and I could browse the network and connect with user and pass. When I upgraded to Hardy, the browsing still worked but the user/pass failed. (and i could find no log entries!!)
A little searching and debugging with smbclient lead me to try the "client lanman auth = yes" setting but this did not help and reported the same error (curiously, smb client was still suggesting to use that setting , athough it was set!)
So, I switched to USER level connectivity and smbclient reports no errors however my network browsing no longer works...
Can anyone help out with a solution that will enable network browsing *and* successfull user/pass authentication?
Is there a(n) Hardy upgrade step I missed with respect to SMB?
Below is my smb.conf globals section (before and after messing around)
Cheers
c.
---
<original file>
[global]
workgroup = xxxxxx
server string = %h
interfaces = 127.0.0.0/8, eth0
bind interfaces only = Yes
security = SHARE
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
printcap name = cups
os level = 64
dns proxy = No
wins support = Yes
panic action = /usr/share/samba/panic-action %d
invalid users = root
printing = cups
print command =
lpq command = %p
lprm command =
<after hardy upgrade, connects but no browsing>
[global]
workgroup = xxxxxx
server string = %h
interfaces = 127.0.0.0/8, eth0
bind interfaces only = Yes
security = USER
client lanman auth = yes
;client use lanman auth = yes
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
printcap name = cups
os level = 64
dns proxy = No
wins support = Yes
panic action = /usr/share/samba/panic-action %d
invalid users = root
printing = cups
print command =
lpq command = %p
lprm command =
I understand there has been some tighnening of SMB security in Hardy. Cool, except it broke my XBMC SMB connections!
I use(d) SHARE level connectivity and I could browse the network and connect with user and pass. When I upgraded to Hardy, the browsing still worked but the user/pass failed. (and i could find no log entries!!)
A little searching and debugging with smbclient lead me to try the "client lanman auth = yes" setting but this did not help and reported the same error (curiously, smb client was still suggesting to use that setting , athough it was set!)
So, I switched to USER level connectivity and smbclient reports no errors however my network browsing no longer works...
Can anyone help out with a solution that will enable network browsing *and* successfull user/pass authentication?
Is there a(n) Hardy upgrade step I missed with respect to SMB?
Below is my smb.conf globals section (before and after messing around)
Cheers
c.
---
<original file>
[global]
workgroup = xxxxxx
server string = %h
interfaces = 127.0.0.0/8, eth0
bind interfaces only = Yes
security = SHARE
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
printcap name = cups
os level = 64
dns proxy = No
wins support = Yes
panic action = /usr/share/samba/panic-action %d
invalid users = root
printing = cups
print command =
lpq command = %p
lprm command =
<after hardy upgrade, connects but no browsing>
[global]
workgroup = xxxxxx
server string = %h
interfaces = 127.0.0.0/8, eth0
bind interfaces only = Yes
security = USER
client lanman auth = yes
;client use lanman auth = yes
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
printcap name = cups
os level = 64
dns proxy = No
wins support = Yes
panic action = /usr/share/samba/panic-action %d
invalid users = root
printing = cups
print command =
lpq command = %p
lprm command =