[CentOS] Easiest way to get samba up and working for Windows users?

Sat Feb 28 22:03:35 UTC 2009
Craig White <craigwhite at azapple.com>

On Sun, 2009-03-01 at 02:44 +0800, Noob Centos Admin wrote:

> > you aren't too concerned about security, you can change this to
> > 'security = share' and then you can browse before authenticating, and
> > also have the option to authenticate as different users when connecting
> > to different shares on the same machine which you can't do in user or
> > server modes.
> 
> I'll probably do this since this is what they are used to, and expect.
----
security = share is for all purposes deprecated and probably a bad
option to start with now.
----
> > I don't understand the log issue, though.  Are you sure smbd is running?
> >    Nmbd would be enough to activate the netbios name - maybe you have a
> > syntax error in smb.conf and smbd did not start.
> 
> Definitely running. I have tail -f on both their logs and ls the log
> folder every time. The startup message gets logged everytime I did a
> service restart on trying a different setting. Which was why I was
> curious why there was no log message whatsoever.
> 
> The other machine would show new logs for connecting IP/machines (I
> think as a result of me using the split log function) even if they got
> rejected.
----
you can set the log level in smb.conf between 0 and 10 (10 being
highest) and the amount of detail steadily increases. Consult the man
page for smb.conf for details. The configuration from smb.conf is
re-read approximately once a minute so you don't actually have to
restart the service for changes once they are saved to take effect.

Also, it's useful to note that in 'security = user' mode, that a user
must exist in both /etc/passwd and samba
s passdb (usually now /etc/samba/passdb.tdb) and you can figure this out
by executing something like 'testparm -s -v |grep passdb' 

If you want detailed help, it's generally helpful to include the output
of the 'testparm -s' command.

Last thing that I have found useful to test users and passwords in samba
are things like this from command line on Linux machine...

smbclient -L $NETBIOS_NAME -U% 
 # anonymous authentication should show shares (no password)

smbclient -L $NETBIOS_NAME -U administrator
 # should prompt administrator password and generally, there is a file
 # called /etc/samba/smbusers which maps 'root' to 'administrator'

Once a 'user' like administrator above can connect without error, then
you can test access to specific shares like this...

smbclient //$NETBIOS_NAME/staff -U administrator
 # should prompt for administrator password

smbclient //$NETBIOS_NAME/staff -U $SOME_USER
 # should prompt for $SOME_USER password and if user is allowed access,
you are given a command prompt.

Craig