Connecting Ubuntu to Windows network

Asked by cgaski on 2007-06-12

I have installed samba and my configuration is generally as shown at:

http://www.debianadmin.com/ubuntu-networking-for-basic-and-advanced-users.html

On the Ubuntu machine if I click Places/Network I see two icons. One is "David3", (the name of the Ubuntu machine), and the other is "Microsoft Network"

If I click the latter I see two icons, "MShome" and "Workgroup". Within Workgroup I see the Windows machines connected to my network.

I can see the shared folders on these Windows machines but if I try open any of them I get a pop up asking for User name, Domain and password.

If I insert the name of the machine as User name, "Workgroup" as the domain and the password for the machine in question I get another pop up saying "The folder contents could not be displayed"

Within MShome there is simply the icon for the Ubuntu machine.

On any of the Windows machines if I go:- My Network Places/Entire Network/Microsoft Windows Network I see two domains, MShome, (if the Ubuntu machine is connected ), and Workgroup.

Within Workgroup I see the Windows machines on the network. In MShome I see the Ubuntu machine with the comment "David3 server (Samba, Ubuntu)".

If I click this I get a pop up entitled Enter Network Password. Beneath this it says "Incorrect password or unknown user name for \ \David3"

There are two fields "Connect as" and "Password". I have tried every combination of user names and passwords I can think of and none of them work.

In summary:

The Windows machines can see the Ubuntu machine but can't access it.

The Ubuntu machine can see the Windows machines and the shared folders on them but can't access these folders.

I think that I need to get the Ubuntu machine on to the Workgroup domain but can't see a way doing this.

I would be very grateful for anyr help,

David

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu samba Edit question
Assignee:
No assignee Edit question
Solved by:
Lars Friedrichs
Solved:
Last query:
Last reply:
Revision history for this message
KÜRŞAD SEZAİ TÜRKER (kursad.turker) said :
#1

Hi David,

First you should check and configure the windows permissions from Windows Console. As all we know the security problems within NTFS and Linux File Systems, should handle via network connection coders. In a detailed way I wish my expert friends gonna help you. Best wishes...

Revision history for this message
cgaski (david-consul-net) said :
#2

KÜRŞAD,

Many thanks for your response.

My network connects with out problems to at any other Windows machines and can see folders on the Ubuntu machine - it just can't see the contents! Similarly the Ubuntu machine can see the folders but not the contents on the Windows machines.

I have checked the permissions on the Windows machine and they seem to be OK - I certainly hope your expert friends will help me!

David

Revision history for this message
Jason Sandlin (crane) said :
#3

Check your samba config file to start.Located at /etc/samba/smb.conf. You should see the following line close to the top of the file that looks like this:

[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = WORKGROUP

I believe yours would say "workgroup = mshome"
You can change this to WORKGROUP so all the computers will be visible under the same workgroup.
 A couple of other notes. Make sure you have installed the samba client and server. The client allows you to browse the network from your Ubuntu box. The server will allow you to share files with the other boxes.
 To simplify things make sure you have the same username and password on both boxes.
Also be sure to assign yourself a samba password.with
$smbpasswd –a username
It will prompt you for a password. I just set my samba password to the same as my log in password.
Then restart samba with :
$/etc/init.d/samba restart.

Revision history for this message
cgaski (david-consul-net) said :
#4

Jason,

Many thanks for the help.

I changed the workgroup as you suggested and I can now see and open files on the Ubuntu machine from Windows machines. I cannot however edit these files or transfer files to the Ubuntu machine. I still cannot view files on Windows machines from the Ubuntu machine.

How can I check whether I have installed both the client and server version of Samba? I'm pretty sure the server version is installed because the Ubuntu machine identifies itself in My net work places on Windows as "david3 server (Samba, Ubuntu)"

One further question - where in smb.conf should I put $smbpasswd –a username?

Thanks again for your help,

David

Revision history for this message
cgaski (david-consul-net) said :
#5

Jason,

I've just had a look at the DHCP Client List in the router:

IP Address Host Name MAC Address

192.168.1.4 david-2qop8vgof 00-07-E9-80-86-45
192.168.1.2 david-g 00-90-F5-37-12-97
192.168.1.11 david3 00-0E-A6-38-55-6C
192.168.1.3 david3 00-0D-FE-00-56-27

david3, (the Ubuntu machine), has two IP addresses. Would one be for the Samba client and one for the server?

David

Revision history for this message
Jason Sandlin (crane) said :
#6

Sorry for the long response time. if you haven't got it fixed yet let see what we can do. If you can select System>Administration>Shared Folder from the menu and you don't get any warnings, then the samba server is installed. You cannot share folders on the network with out the server being installed.
$smbpasswd –a username - this command you just need to enter in a terminal . Something like
$smbpasswd -a david3
when you hit enter it will ask for a password. Just type a password and enter. It may ask you to type the password again to verify.
I would suggest using the same username and password that you do to log into your system. You should also have the same user name and password on your windows system.
 I'm not to sure about the IP address though. It looks like it has 3 mac addresses listed as well, which means there are 4 pieces of hardware being accounted for.

Revision history for this message
cgaski (david-consul-net) said :
#7

Jason,

Many thanks for your response - I am grateful for your help.

I wasn't quite sure whether I should add another $ after the prompt so I tried it both ways:

david@david3:~$ $smbpasswd -a david3
Usage: command-not-found [options] <command-name>

command-not-found: error: no such option: -a
bash: -a: command not found

Then with out the extra $:

david@david3:~$ smbpasswd -a david3
When run by root:
    smbpasswd [options] [username]
otherwise:
    smbpasswd [options]

options:
  -L local mode (must be first option)
  -h print this usage message
  -s use stdin for password prompt
  -c smb.conf file Use the given path to the smb.conf file
  -D LEVEL debug level
  -r MACHINE remote machine
  -U USER remote username
extra options when run by root or in local mode:
  -a add user
  -d disable user
  -e enable user
  -i interdomain trust account
  -m machine trust account
  -n set no password
  -W use stdin ldap admin password
  -w PASSWORD ldap admin password
  -x delete user
  -R ORDER name resolve order
david@david3:~$

(The only way I could find of transferring this to the Windows machine was to copy the contents of the terminal window and paste it into an e-mail which I then sent to myself!)

David

Revision history for this message
cgaski (david-consul-net) said :
#8

Jason,

After reading some of the help files I thought maybe I should try running the command from the root.

I started to get excited when it asked for confirmation of the password but as you see my optimism was not justified...

David

david@david3:~$ sudo -i
Password:
root@david3:~# smbpasswd -a david3
New SMB password:
Retype new SMB password:
Failed to modify password entry for user david3

Revision history for this message
Jason Sandlin (crane) said :
#9

David,
 You may need to add yourself as a Samba user. Instead of trying to explain everything let me point you to a link. This is a little more detail on how to add users and passwords to samba.
Let me know if this helps.
http://www.faqs.org/docs/securing/chap29sec286.html

Revision history for this message
cgaski (david-consul-net) said :
#10

Jason,

Thanks for your patience.

This is what I get:

david@david3:~$ sudo -i

Password:

root@david3:~# useradd smbclient

root@david3:~# passwd smbclient

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

root@david3:~# cat /etc/passwd | mksmbpasswd.sh > etc/smbpasswd

-bash: etc/smbpasswd: No such file or directory

root@david3:~#

I have checked in the etc directory and there is indeed no directory smbpasswd. I could of course create such a directory manually but I suspect this is the wrong thing to do.

Comparing with the links you gave me the prompt appears to be different - I don't know if this is significant?

(I haven't used the command line since I was an OS/2 user!)

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#11

Hi david,

you gave us the hint during the last post but I guess you didn't even notice.
So whats up with this Samba stuff? A little explanation:

When you setup Linux as a SMB server, with most likely Samba, you actually need to have two things setup.
1. you need a user on your linux system that would be allowed to access the files on the directory you share with samba.
2. you need to add a useraccount within the samba itself.
You have the first, what Jason was up to is the second but you failed because the users must have the same name. So again, Samba has its own user management (which is mostly because of their passwords, Samba can't use your local linux passwords)
To get access to a Samba share, Samba must know the user within its user base, you add that with the smbpasswd command together with the password that will be used for Samba access only.
After that one could connect but then, what local username should Samba use to access the files? Of course, you say, use the given name and that lead us to the point: to make that work Sambas username (so the one added by smbpasswd and used by the windows machine) must have a perfect match with a username that already exists on your linux system.
The error so far was - you tried to add 'david3' as a Samba user, but by reading your prompts I see your user is called 'david'
Try this:
sudo smbpasswd -a david

That should do the trick (for accessing files on your samba server via a windows machine).

If that works we can move over to the other direction

Bye,
Lars

Revision history for this message
cgaski (david-consul-net) said :
#12

Lars,

Many thanks for taking the time to provide me with such a full response.

I think before I go any further it might be helpful to recap my present situation - as you can see from the correspondence I have tried many different things in my attempts to establish communication between the Ubuntu machine and the Windows machines on my network.

From a Windows machine I can see the Ubuntu machine, open directories and copy files from these directories on to the Windows machine. I have only been able to do this quite recently and to be honest I don't know which action enabled this.

If however I modify a file on the Ubuntu machine from the Windows machine I am unable to save it. I can of course do this from one Windows machine to another but I can see that this may not be possible on the Ubuntu machine which is using a different file system.

However when I have a Ubuntu machine directory open on the Windows machine if I drag and drop a file on to it it is rejected with the message that the file is in use - maybe again this is down to the different file system?

It might at this point be helpful to explain the names and passwords by I am using. (To avoid confusing matters even further I'll deal with just one of the Windows machines on the network). This machine is called david-g and its password is the same as that for the Ubuntu machine. Its name on the network is david-g.

The Ubuntu machine is called david and its name on the network is david3.

From the Ubuntu machine I can see the shared folders on david-g but if I try and open any of them I get a pop up asking for authentication requiring user name, domain and password.

The domain is workgroup, (that is already filled in), the password is the same on all machines and what every user name I put in the pop-up just reappears.

As you suggested I ran:

sudo smbpasswd -a david

(Interestingly it asked me for a new password - maybe implying that there already was a user "david"?)

Sad to say, after doing this, (I used the same password of course), nothing had changed.

Apologies for the long response but I wanted to make the situation clear even at the expense of being boring!

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#13

Hehe, this seems quite tricky, even understanding the whole situation takes a long time...

Of course, my advice was regarding the other direction so you could connect to your ubuntu machine (david) from your windows machine (david-g) by using the username 'david' which should be a user already existing on your ubuntu system.

Btw, smbpasswd always asks for a new password but the response after giving the password is the critical one, it either states 'user bla added' or something denying it. If it does not work it's either because the user already exists or the user does not exist in the Linux user database. I knew you had a user namend david on there since this line of your post: "david@david3:~$ sudo -i" david@...

Ok, enough of that, now for something completely different... :-)

Not being able to save it may have several reasons:
1. Samba does not allow it. There is an option in the /etc/samba/smb.conf file which states 'read only = yes' or 'writable = no' - that option may exist in the general part or in the share-specific part. In most cases standard configuration allows read only access and no write access.
2. After checking and maybe changing that you will have to restart samba and check again. Eventhough you have now allowed the write access you will most likely be unable to write anything, so what's wrong now? Now Samba would allow the write but linux (linux filesystem drivers/rights checking algorithm to be exact) doesn't allow it.
This is typically because the access to the share is not really made by a user/pass combo known by Samba. If this is the case, then Samba always uses a special user to access these files, the so called guest user. You will find an option in the smb.conf file which is most likely set to 'nobody', a user that exists on linux but is or should be never used in giving rights on the filesystem. So this user may have read rights wherever the filesystem has given (read) access to everybody but with the exception of the /tmp directory nobody has never write access.
That is already point 3 in our list: The username Samba uses to access the files doesn't have appropriate rights on that part of the filesystem. This may be the user nobody in case of our 'guest szenario' above or even a correctly authenticated Samba user.

So once again, please check the above. Please connect to your ubuntu from windows using the username 'david' and the password you entered when you used the smbpasswd command. This might be a little bit tricky since windows likes anonymous access and sometimes prefers it over authentication. You may force windows to authenticate by puting a line 'guest ok = no' into the global section of the smb.conf file.

It then still might be impossible since windows states that the connection information is different from the already established connection (windows is totally nuts, it allows only one username per connected machine at a time and caches this information), You may try to clear that by rebooting windows (the horrible way) or deleting the wrong connection on the command line (the right way :-) To do so you click start -> run..., enter 'cmd' and type 'net view'. This lists you all smb network connections that are in the cache (or even in use) atm. Find the one that states \\david\... and then enter 'net delete \\david\...', this should close the wrong session and allow you to try a new connection with a different login name.

Hope this helps,
bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#14

Lars,

OK,

1. I already have "writeable=yes"

2. "Guest account=nobody" is commented out. I cannot find out how to save changes in smb.conf - it says I do not have permission and I am not authorised to change permissions...

3. "Net to view" on the Windows machine shows the Ubuntu machine as david3. If I try and add a network place called "david" it says that it can't find the net work path.

Apologies this time for the brevity but it is 2am here and I must go to bed!

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#15

Hi David,

thats ok, it's 20:37 over here now.

1. ok
2. to edit that file type
sudo gedit /etc/samba/smb.conf
in a terminal window, you have write access then.
3. Sorry, it's been a while since I last used windows, so I mixed some options up. Please use
net use
on the windows console cmd.exe to view the actual connections. forget about net view...

Bye,
Lars

Revision history for this message
cgaski (david-consul-net) said :
#16

Lars,

I have removed the commenting (;) on "Guest account=nobody" but it hasn't made any difference.

"Net use" gave me the following:

==================================================

C:\Documents and Settings\Administrator>net use
New connections will be remembered.

Status Local Remote Network

-------------------------------------------------------------------------------
                       \\David3\File System Microsoft Windows Network
The command completed successfully.

C:\Documents and Settings\Administrator>

================================================

I am now starting to see that the problem is that the Ubuntu machine is being identified as david3 rather than david but I don't know how to correct this. I guess it can only be done via the command line...

I tried changing the host name the Ubuntu machine in network settings from david3 to david but the Windows machines were still looking for david3

I thought that another alternative might be to change the name of the Ubuntu machine to david3 so I searched the help files to try and find out how to do this but without success.

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#17

Hi David,

you can either change your systems name via the network-admin tool. That you should find in your administration menu. Click on the second tab, change the name and afterwards reboot.
You might wanna try a less invasive way to make your Smaba server appear as a certain name in the windows network neighborhood.
Try adding this line in the global section of your smb.conf file:

netbios name = WHATEVER_NAME_YOU_WANT

and of course restart Samba via

sudo /etc/init.d/samba restart

You may even want to give more than one name. That is possible and makes your server appear as several machines serving the same shares (with a little more effort you could even let them share different shares but that's too much work now). All it takes is this line in the global section of your smb.conf file:

netbios aliases = TEST TEST1 TEST2

This would give your Samba server the addidtional names TEST, TEST1 and TEST2.

The output of the net view command shows the connection windows made to your samba server. You didn't assign a drive letter to it, that would appear in the first column. You may reboot your windows without any trys accessing the samba server so that the output of net view would be empty. You can try a special connection using a certain username and password by typing

net use x: "\\david3\NameDesShares" /USER:david

in the windows command line window. You should be asked for a password, enter the one you entered when typen the smbpasswd password. If everything is correct, you will now have a drive letter x: which should represent your samba share and hopefully now it will be writable...

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#18

Lars,

I took your advice and change the netbios name rather than changing the name of the computer.

After I had done that david3 disappeared from "My network places" in Windows and was replaced by the new name I had specified - "ubuntu".

As before I could see all shared folders on the Ubuntu machine from a Windows machine and could open and copy files from them but I still cannot edit or add files.

Because david3 has disappeared I changed:

net use x: "\\david3\NameDesShares" /USER:david
to:

net use x: "\\ubuntu\NameDesShares" /USER:david:

=============================================

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator>net use x: "\\ubuntu\NameDesShares" /USER:david
System error 67 has occurred.

The network name cannot be found.

C:\Documents and Settings\Administrator>net use x: "\\workgroup\ubuntu\NameDesShares" /USER:david
System error 53 has occurred.

The network path was not found.

==================================================

After it complained that it couldn't find the network name I put this in and tried again but this time, as you see, it said it couldn't find the path.

The path seems to be OK to me so I'm not sure what the problem is.

A really am very grateful to you for your help; I would have stood no chance at all of getting the Ubuntu machine on the network without it.

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#19

Hi again,

sorry, that I did not make the net use command clear. (In fact I used german words...) What I wanted you to do is to put the name of the share that you created on the ubuntu samba server in the command so it looks like this:

net use x: \\ubuntu\PUT_THE_NAME_OF_THE_SHARE_HERE /USER:david

Maybe I can make an even more educated guess if I could have a look at the smb.conf file.

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#20

Lars,

I have to confess that I am not really sure what is meant by "share" in this context. I could make some guesses but I'm sure it will be quicker for both of us if I append the smb.conf file as you suggest.

(I actually copied this over the network from the Ubuntu machine!)

David

================================================

#
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options most of which
# are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentary and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command
# "testparm" to check that you have not made any basic syntactic
# errors.
#

#======================= Global Settings =======================

[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = workgroup

# server string is the equivalent of the NT Description field
   server string = %h server (Samba, Ubuntu)

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
; wins support = no

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z

# This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

# What naming service and in what order should we use to resolve host names
# to IP addresses
; name resolve order = lmhosts host wins bcast

map to guest = bad user

netbios name=ubuntu

#### Networking ####

# The specific set of interfaces / networks to bind to
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred
; interfaces = 127.0.0.0/8 eth0

# Only bind to the named interfaces and/or networks; you must use the
# 'interfaces' option above to use this.
# It is recommended that you enable this feature if your Samba machine is
# not protected by a firewall or is a firewall itself. However, this
# option cannot handle dynamic or non-broadcast interfaces correctly.
; bind interfaces only = true

#### Debugging/Accounting ####

# This tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/log.%m

# Put a capping on the size of the log files (in Kb).
   max log size = 1000

# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
; syslog only = no

# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
   syslog = 0

# Do something sensible when Samba crashes: mail the admin a backtrace
   panic action = /usr/share/samba/panic-action %d

####### Authentication #######

# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/ServerType.html
# in the samba-doc package for details.
; security = user

# You may wish to use password encryption. See the section on
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
   encrypt passwords = true

# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
   passdb backend = tdbsam

   obey pam restrictions = yes

   guest account = nobody
   invalid users = root

# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
; unix password sync = no

# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan <<email address hidden> for
# sending the correct chat script for the passwd program in Debian Sarge).
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .

# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
; pam password change = no

########## Domains ###########

# Is this machine able to authenticate users. Both PDC and BDC
# must have this setting enabled. If you are the BDC you must
# change the 'domain master' setting to no
#
; domain logons = yes
#
# The following setting only takes effect if 'domain logons' is set
# It specifies the location of the user's profile directory
# from the client point of view)
# The following required a [profiles] share to be setup on the
# samba server (see below)
; logon path = \\%N\profiles\%U
# Another common choice is storing the profile in the user's home directory
; logon path = \\%N\%U\profile

# The following setting only takes effect if 'domain logons' is set
# It specifies the location of a user's home directory (from the client
# point of view)
; logon drive = H:
; logon home = \\%N\%U

# The following setting only takes effect if 'domain logons' is set
# It specifies the script to run during logon. The script must be stored
# in the [netlogon] share
# NOTE: Must be store in 'DOS' file format convention
; logon script = logon.cmd

# This allows Unix users to be created on the domain controller via the SAMR
# RPC pipe. The example command creates a user account with a disabled Unix
# password; please adapt to your needs
; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u

########## Printing ##########

# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
; load printers = yes

# lpr(ng) printing. You may wish to override the location of the
# printcap file
; printing = bsd
; printcap name = /etc/printcap

# CUPS printing. See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
; printing = cups
; printcap name = cups

# When using [print$], root is implicitly a 'printer admin', but you can
# also give this right to other users to add drivers and set printer
# properties
; printer admin = @lpadmin

############ Misc ############

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /home/samba/etc/smb.conf.%m

# Most people will find that this option gives better performance.
# See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/speed.html
# for details
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
   socket options = TCP_NODELAY

# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

# Domain Master specifies Samba to be the Domain Master Browser. If this
# machine will be configured as a BDC (a secondary logon server), you
# must set this to 'no'; otherwise, the default behavior is recommended.
; domain master = auto

# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash

#======================= Share Definitions =======================

# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user's home directory as \\server\username
;[homes]
; comment = Home Directories
; browseable = no

# By default, \\server\username shares can be connected to by anyone
# with access to the samba server. Un-comment the following parameter
# to make sure that only "username" can connect to \\server\username
; valid users = %S

# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
; writable = yes

# File creation mask is set to 0600 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0664.
; create mask = 0600

# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
; directory mask = 0700

# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
;[netlogon]
   comment = Network Logon Service
  path = /home/samba/netlogon
   guest ok = yes
   writable = yes
   share modes = no

# Un-comment the following and create the profiles directory to store
# users profiles (see the "logon path" option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
;[profiles]
; comment = Users profiles
; path = /home/samba/profiles
; guest ok = no
; browseable = no
; create mask = 0600
; directory mask = 0700

wins support = no
[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   printable = yes
   public = no
   writable = no
   create mode = 0700

# Windows clients look for this share name as a source of downloadable
# printer drivers
[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# Replace 'ntadmin' with the name of the group your admin users are
# members of.
; write list = root, @ntadmin

# A sample share for sharing your CD-ROM with others.
;[cdrom]
; comment = Samba server's CD-ROM
; writable = no
; locking = no
; path = /cdrom
; public = yes

# The next two parameters show how to auto-mount a CD-ROM when the
# cdrom share is accesed. For this to work /etc/fstab must contain
# an entry like this:
#
# /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
#
# The CD-ROM gets unmounted automatically after the connection to the
#
# If you don't want to use auto-mounting/unmounting make sure the CD
# is mounted on /cdrom
#
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom

[File System]
path = /
available = yes
browsable = yes
public = yes
writable = no

[test]
path = /tmp
available = yes
browsable = yes
public = yes
writable = no

[Test1]
path = /tmp/Test1
available = yes
browsable = yes
public = yes
writable = no

[Pics]
path = /home/david/Pics
available = yes
browsable = yes
public = yes
writable = yes

===================================================

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#21

Hi,

no problem...
Let's analyze your file:

[global] - OK, this is the global section which holds the general setup
...
map to guest = bad user
   means: If you type in a wrong password, samba will not complain but not use the username you gave and use the guest user instead - so your trouble may still be due to a wrong password. We check that later on...

netbios name=ubuntu GREAT :-)
...
log file = /var/log/samba/log.%m
   ok, this one might help us too. If the user is not recognized correctly than it should be logged here. We keep that in mind...
...
; security = user
   Commented out but stil the default value, means you have to authenticate against the samba user database. (The one you work with by using smbpasswd)
...
guest account = nobody
   Like I said, unknown (and as seen above not correctly authenticated users) will access files on the linux filesystem as user nobody
...
[File System]
path = /
available = yes
browsable = yes
public = yes
writable = no

[test]
path = /tmp
available = yes
browsable = yes
public = yes
writable = no

[Test1]
path = /tmp/Test1
available = yes
browsable = yes
public = yes
writable = no

[Pics]
path = /home/david/Pics
available = yes
browsable = yes
public = yes
writable = yes

OK, these are your shares, each share is an entry that appears in windows network neighborhood when you doubleclick on a host name. It is better (more compatible) not to use spaces in share names, so consider renaming [File System] to [FileSystem].
As we can see each share has its own configuration and the only share that allows write access at all is the [Pics] share. So you may want to try this command in the dos box of your freshly booted windows system:

net use x: "\\ubuntu\Pics" /USER:david

This should make your Pics stored on the ubuntu system available to windows using the drive letter x: (Keep in mind that the directory has to exist on ubuntu with the exact name - Linux is case sensitive.) Using the user david should allow you to write into that directory.

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#22

Lars,

Success - I can write to the "Pics" directory!

The X drive appears in a "My computer" on the Windows machine.

Flushed with this success I tried:

net use p: "\\ubuntu\home" /USER:david

The P Drive duly appeared in My computer but I can't write to the "home" directory even though I have set it to share and made it writeable.

Although I could funnel everything through Pics it would be a bit laborious and it would be good to be able to write to other directories without setting up a drive for each one on the Windows machine.

I still can't open directories on the Windows machine from the Ubuntu machine - while this not essential it would be nice to be able to do it.

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#23

Whoohoo, that was the first step :-)
Let's go for that home-thingy:
Add this to your smb.conf and it will create a share named home that represents the home directory of the user david:

[home]
path = /home/david
available = yes
browsable = yes
public = yes
writable = yes

Don't forget to restart Samba then.
Now use your command from the post above and it will work like a charm,

Once we get this going we will turn to the windows side.
Lars

Revision history for this message
cgaski (david-consul-net) said :
#24

Lars,

Actually I already had:

[home]
path = /home
available = yes
browsable = yes
public = yes
writable = yes

In smb.conf. I just added "david" to the path and I can now access the "home" directory - write, delete, create directories, etc from the Windows machine.

If I am understanding this correctly the last name in a path statement is the user? I need to understand what I'm doing otherwise you're never going to get any peace!

There is a lot to learn - it seems that Linux has a completely different structure to anything I have used before.

If we can now just get the Linux machine to open directories on a Windows machine the job is complete!

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#25

Hi David,

for your understanding:
the path declaration in the smb.conf file is just the exact path in the file system. The reason for the david in the path is that your home directory (so the home directory of the user 'david') is located in the directory /home and typically called the same way as the username. Have a (read-only) look at the file /etc/passwd which is Linux's user directory together with e.g. the home directory.

Why could you only write if there was a david behind the home? actually you could have written but only below the directory 'david' that is because Linux is designed completely multiuser and there needs to be some security so a normal user (normal means not root) may read large parts (the shared parts like the binaries) of the file system but write access is only allowed in very few places: the temp directory /tmp, and most important the users home-directory, typically located below the /home directory as /home/username. This way one users actions can not affect other users. So it was now not Samba but Linux itself, the file systems rights management that did not allow you to write anything.

You should have a look at file permissions and how the rights system works in Linux. This will be even more important if you try to fiddle around with guest accounts and write access. (If you would ever want to do this...)

btw. if you add an ' /PERSISTENT:YES' to your net add command windows will recognize your connection and try to recreate it the next time you boot. Sadly (or safely?!) it does not save your password so you would still have to enter that again unless your username and password are exactly the same unter windows and linux/samba or you use guest accounts so windows can connect anonymously but thats typically a bad idea regarding safety.

The next part I'll answer soon, must go away for a little while...

Bye
Lars

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#26

Ok, here I go again :-)

Now for the Linux to Windows way: We should use a little helper tool which is very useful in Windows networks, called smbclient. It should be somewhere in the samba packages. Ok, just rechecked - the package is called - surprise - smbclient.
It's a command line tool that can connect to windows (file) shares and even transfer files in a ftp (text client) manner even if you are just a normal user. (This is especially interesting in areas where many users reside on a host and will get no rights to mount any external file system including Windows file shares.)

Ok, we should start with a linux terminal as usual. First shoot is
smbclient -L //IP_ADDRESS_OF_WINDOWS

-L gives us a listing of all shares available on that machine. Side note: you may see even so called 'hidden' shares that you wouldn't normally using windows gui tools. Those hidden shares end with a $-sign in the name (it really is part of the name) Using Samba on the linux side can go further and really hide shares fro mbeing listet but not from being used if you know the name...

An additional test should be to exchange the ip address in that command with the name of the windows machine. That way we can see wether netbios name resolution works alright.

Please post the output so we can move on to the next steps.

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#27

Lars,

Good to have you back.

I am afraid I have fallen at the first hurdle - I don't know the IP address of the Windows machine and my attempts to find it have failed.

It is using DHCP which, as I understand it, automatically allocates IP addresses but I don't know how to find out what address has been allocated.

Having failed on this I thought I would try the name of the Windows machine but, as you can see below, this also failed:

==================================

david@david3:~$ smbclient -L //david-g
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
david@david3:~$

=================================

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#28

Hi David,

no prob. To find out windows ip address you click start->run... and startup a command box with cmd.exe

once there you type

ipconfig

which gives you a text only overview of your ip configuration including the actual ip addresses for each interface. (If you add the option ' /all' you would even get more detailed data...)

But actually you passed the first hurdle quite well because the second one is quite shaky but still standing :-) You are asked for a password - that is good news - because it means that there is someone out there questioning your password. So netbios name resolution works and we can already move on.

The funny thing is that things are not of so great difference between Linux and Windows, at least not conceptual, in this case. What happened is simple: Windows asks you to authentify yourself correctly because also within windows if you create a share you give rights to the share and the underlying file system rights are used as well. Windows simply wants to know who you are - and windows only knows the users that are in its user base.
There are two possible users at this point: The user you logged in as under windows or an anonymous guest account. In windows (2000 and greater) the guest account is disabled by default, enabling it would decrease system security so we should keep it that way.
So since there is no guest account and you did not correctly autheticate yourself you are kept out of the system and to your surprise you will not even get a list of what you missed (no list of shares that is). so we have to find out what your username and password is.
For this step i would like to know what Windows Version you have and whether you are asked for a password when booting or if at least you have to clik on some username to launch your windows system. That way we will narrow down for a valid account we can use for our smbclient command.

If you already know these details (don't post your password here!) you may type this into your linux terminal:

smbclient -L //david-g -U YOUR_WINDOWS_USERNAME

and then enter your windows user's password. It should now let you in and show you the list of shares.

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#29

Lars,

I know the user names and passwords for the Windows machines so I was able to do as you suggest and this was the result:

=======================================================

david@david3:~$ smbclient -L //david-g -U administrator
Password:
Domain=[DAVID-G] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]

        Sharename Type Comment
        --------- ---- -------
        Video Disk
        Jakarta Disk
        IPC$ IPC Remote IPC
        Download Disk
        Downloads Disk
        KL Disk
        Cam Disk
        Temp Disk
        Desktop Disk
        ProBox Disk
        Syd Disk
        ADMIN$ Disk Remote Admin
        PMMail 2000 Disk
        Misc Disk
        C$ Disk Default share
        INBOX.FLD Disk
        Kai Disk
Domain=[DAVID-G] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]

        Server Comment
        --------- -------

        Workgroup Master
        --------- -------
david@david3:~$

=========================================================

If I double-click the "david-g" icon in the network folder on the Ubuntu machine I can see the same list of shared directories. The problem is when I try to open any of them I get the demand for:

User name:
Domain:
Password:

and nothing I try will let me in.

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#30

OK, we will try with our command line tool first to circle the problem.

Try this command:

smbclient //david-g/c$ -U administrator

Enter the password and then type

dir

You should see the root directory of your windows drive c:.

Correct?

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#31

Lars,

Yes indeed!

This looks promising...

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#32

Ok, when using the graphical tools like nautilus you say a dialog pops up asking for username, domain and password. Try these values then:

User name: Administrator
Domain: <empty>
Password: Administrator's Windows Password

if that does not work set domain to "david-g" without the quotes. Now finally, this should do it.

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#33

Lars,

I have tried both of those, (and several others), without success.

I suspect a clue might lie in the text which appears at the top of the pop up requesting authentication. It says:

"You must login to access guest@david-g/temp" where temp is the name of the directory I am trying to open.

I have of course tried the username "guest" and "guest@david-g" with and without anything in the domain field.

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#34

Now that is strange...
Maybe there is a bug or a feature I am unaware of in nautilus. But as always with linux there is mire than one way, so lets try this:

We use FuseSMB - it is much more like the windows network neighborhood and once setup works like a charm. Additional bonus: every application is able to use the network files...

please install fusesmb via

sudo apt-get install fusesmb fuse-utils

and have a look at this page: http://grumpymole.blogspot.com/2006/12/xubuntu-browsing-samba-shares-with.html
Sorry to guide you to another page but I will be short in time over the next days so I can't answer explaing as usual.

Bye
Lars

Oh, one more thing to try before fusesmb: try this uri in nautilus:

smb://Administrator@david-g

Since your gui states it tries to connect as "guest" we can force it to use the username Administrator.

Revision history for this message
cgaski (david-consul-net) said :
#35

Lars,

As I understand it Nautilus is the Ubuntu File browser and I am not sure where to put smb://Administrator@david-g

In view of this I thought I would try to use but fusesmb but in the installation instructions it says:

"3) Edit /etc/modules and add the word 'fuse' to the modules list to be loaded (without quotes), and save the file."

Unfortunately I don't have a modules directory in etc so I didn't get very far with that either.

I realise that you have spent a lot of time trying to solve this problem for me and indeed I can now read and write to the Ubuntu machine from a Windows machine.

When you have some spare time I would be very grateful for your further help but the matter is not urgent and I already feel guilty about the amount of your time I am consuming.

David

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#36

Hm, when using nautilus I have a toolbar below the menubar where I can enter an uri directly. It's possible that you have to change your view to show that toolbar. Have a look at the nautilus menus, I have the option but it won't help you since it is all german in my case...

Installing fusesmb may be more difficult and I must admit that I only took a short look at the webpage and the information seemed to be ok. Hm, that's strange anyway since I do have that file and there is some comment in it that makes me sure I did not create it. But

dpkg -S /etc/modules

tells me nothing about who created it. I believe it is not really needed since when you installed the fuse-utils package adds a file named 'fuse' to the directory /etc/modprobe.d which contains the command to load the 'fuse' module.
You can test that by typing

 lsmod | grep fuse

This will give you one line if the module is already loaded (and was loaded automatically since you didn't try to load it after the last reboot) and it wont give a single line if the module is not loaded, Anyhow, fusesmb will still work if we add one command when mounting it so that file won't be our problem.

To make this short:
as a normal user type this at a terminal:

cd
mkdir .smb
   (that may give an error if that directory already exists but does not matter)
cd .smb
gedit fusesmb.conf

Now enter these line into that file:
[global]
username=Administrator
password=YOUR_ADMIN_PASSWORD_HERE

Save it, exit the editor and back in the terminal type again

cd
mkdir network
fusesmb network

if the last one fails do this before trying again:

sudo modprobe fuse

Now it should take a few seconds to a minute and if you open nautilus now and look for your home directory and enter the 'network' directory there should be directories for each workgroup of a windows PC connected to that network.
As I recall 'WORKGROUP' shold be yuor workgroup so change into it and you should see your windows machine as another folder in there named 'DAVID-G'. Change into that directory and you should see a folder for every share you have on the windows machine (including C$) and it should 'just work'(TM) to access files now.

I really hope this works, we may add an automatic start of that after getting this to work.

Bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#37

Lars,

SUCCESS glorious SUCCESS!!

There is a button on the extreme left end of the Nautilus toolbar which allows you to toggle between button and text-based locations. I set it to text-based and then could enter the URL in the text field. This enabled read/write access to shared folders on the Windows machines.

I have told it to remember the passwords forever and added short cuts to the Windows machines so that is now simpler to access Windows from Ubuntu than it is to access Ubuntu from Windows!

By the time I read your last posting a I had nearly got "fuse" working in spite of the fact that my version of Ubuntu is different from that referred to in the posting to which you gave me the link. (I got stuck because there doesn't seem to be an Autostart directory in my Ubuntu),

Even though it's not now necessary to use thunar/fuse because Nautilus is working fine I learnt quite a lot about Ubuntu in my attempts to get a fuse working so the time was not wasted.

I would like to say again that I am really grateful for your time and very clear explanations even though, (I presume although I cannot tell), your first language is not English.

If you ever come to Hong Kong I will buy you the best dinner in town!

David

PS. I haven't clicked "This solved my problem" because I suspect I would not have been able to send this

Revision history for this message
Best Lars Friedrichs (l-friedrichs) said :
#38

You may do so now :-)

If I ever go there I'll call you :-) You guess was right - I'm from Germany, near Hannover where the CeBIT computer fair takes place. (the original one - not the local spinoffs) so chances are probably better you may come and visit me :-)

We all love the sound of that word 'SUCCESS' - have a nice time with your network,
bye
Lars

Revision history for this message
cgaski (david-consul-net) said :
#39

Thanks Lars Friedrichs, that solved my question.

Revision history for this message
Manoj (manoj-kollam) said :
#40

Hi Lars,

This thread was extremely useful to me. I am a new Ubuntu user facing some of the same problems that David had. I could browse tomy ubuntu folders from Windows using the samba user addition and restart procedure that you had outlined. However I am not able to browse the windows folders from ubuntu. I get the following error message when I run smbclient //windowscomputername/C$

Domain=[CPQ-LAP-MAN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]
tree connect failed: NT_STATUS_ACCESS_DENIED

I guess this should be some setting on my Windows computer. I am able to browse to the same windows computer from other windows computers on the same network

Hope you can throw some light on this

Thanks in advance for your help with this

Manoj

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#41

Hi Manoj,

this error message means the username/password combination you use when connecting to your windows box is not the same as the one that is setup on th windows computer.
You should check your username on the ubuntu machine. I guess it is not "Administrator", so please try again using this command:

smbclient -L //windows_machine_name -U administrator

If that doesn't work either check if you renamed the administrator account on your windows box. Remember that if it asks for a password it asks for the administrator password of the windows machine.

Bye
Lars

Revision history for this message
Manoj (manoj-kollam) said :
#42

Hi Lars,

Using the administrator password works for the smbclient -L. It lists the all the shares.

manoj@UBU-RAK-WRK:~$ sudo smbclient -L //cpq-lap-man -U administrator
Password:
Domain=[CPQ-LAP-MAN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Sharename Type Comment
        --------- ---- -------
        E$ Disk Default share
        IPC$ IPC Remote IPC
        print$ Disk Printer Drivers
        SharedDocs Disk
        Downloads Disk
        Users Disk
        ADMIN$ Disk Remote Admin
        wwwroot$ Disk Used for file share access to web projects
        C$ Disk Default share
        Printer Printer Microsoft Office Document Image Writer
Domain=[CPQ-LAP-MAN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Server Comment
        --------- -------

        Workgroup Master
        --------- -------

However when used with out the -L option to connect to c$ it does not work

manoj@UBU-RAK-WRK:~$ sudo smbclient //cpq-lap-man/c$ -U administrator
Password:
Domain=[CPQ-LAP-MAN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]
tree connect failed: NT_STATUS_ACCESS_DENIED

Revision history for this message
Geoff J (geoff-jankowski) said :
#43

Lars

I am a long time user of Linux and I STILL found the above very informative. I have managed at last (after months of trying) to connect to my linux shares from windows with R/W access.

Many thanks for time which will I am sure help many others in the future.

Geoff

Revision history for this message
J Hohman (steve-hohman) said :
#44

Lars,

When first installed Ubuntu-Gusty was able to see and to share the Windows Network files with all computers, but the Windows machines could not access the Ubuntu machine. After a few automatic updates, the Ubuntu machine could not see the Windows files any longer. The error message would say, "The folder contents could not be displayed."

I have followed most, but not all of the dialogue in these posts (and other posts) AND have been able to get the Windows machines to see the Ubunto (Gusty) machine. That was done by installing Samba and editing the cnf file using gedit and replacing "; browseable = no" to "browseable = yes" and "; writable = no" to "writable = yes" under Share Definitions.

After applying your 2007-6-26 suggestion, below, I was able to see and share only one of the Windows machines with the Ubuntu machine, but could not access the Ubuntu machine files from the same Network window; receiving the same message, "The folder contents could not be displayed."
cd
mkdir .smb
   (that may give an error if that directory already exists but does not matter)
cd .smb
gedit fusesmb.conf

Now enter these line into that file:
[global]
username=Administrator
password=YOUR_ADMIN_PASSWORD_HERE

Save it, exit the editor and back in the terminal type again

cd
mkdir network
fusesmb network

if the last one fails do this before trying again:

sudo modprobe fuse
----------
Of note: typing the last command, "sudo modprobe fuse" into the terminal resulted in "The program 'fusesmb' is currently not installed. You can install it by typing:
sudo apt-get install fusesmb

Executing this command installed Fuse. After which, I could interact with one Windows machine from the Ubuntu machine, but not the Ubuntu machine itself.

Can you help me with what I missed, please?

Revision history for this message
Lars Friedrichs (l-friedrichs) said :
#45

Hi,

I am sorry but I am a bit in a hurry at the moment. To be honest, I don't get the point yet. Would it be possible to explain the network setup a bit more so I can see which machines you are talking about, what operating systems the do run and from which of these machines you try to access which ones and whether that already works :-)

Bye
Lars

Revision history for this message
Diegor (brunoknight) said :
#46

Hi Lars,

I am a complete newbie when it comes to Linux ( i have had it for 2 days now ) and i have ran into the same problem described in this discussion. I can view and edit files on my ubuntu machine from my windows machine but i cannot access the window shared files from my ubuntu machine. Here is what i get when i use the following command:
root@dream-machine:~# smbclient -L //192.16815.101
Password:
Anonymous login successful
Domain=[MSHOME] OS=[Unix] Server=[Samba 3.0.22]

        Sharename Type Comment
        --------- ---- -------
        print$ Disk Printer Drivers
        TEST Disk
        HOME Disk
        IPC$ IPC IPC Service (dream-machine server (Samba, Ubuntu))
        ADMIN$ IPC IPC Service (dream-machine server (Samba, Ubuntu))
Anonymous login successful
Domain=[MSHOME] OS=[Unix] Server=[Samba 3.0.22]

        Server Comment
        --------- -------
        DIEGO-MAIN Diego's Main Pc
        DREAM-MACHINE dream-machine server (Samba, Ubuntu)

        Workgroup Master
        --------- -------
        MSHOME DIEGO-MAIN
-----------------------------------------
as you can tell the shared files on my windows machine ( DIEGO-MAIN) dont even show up. PLEASE HELP ! :)

Thanks in advance.
diegor

Revision history for this message
Diegor (brunoknight) said :
#47

OKAY. I mis-typed the IP address. Here is the right output:

root@dream-machine:~# smbclient -L //192.168.15.101
Password:
Domain=[DIEGO-MAIN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Sharename Type Comment
        --------- ---- -------
Error returning browse list: NT_STATUS_OK
session request to 192.168.15.101 failed (Called name not present)
session request to 192 failed (Called name not present)
Domain=[DIEGO-MAIN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Server Comment
        --------- -------

        Workgroup Master
        --------- -------