configuring linux samba to access OS/2 shares
m...@privacy.net
systems to check it out. I am trying to configure samba on there so it
will allow mounting of some OS/2 shares, but I am not getting in. I did
set the workgroup properly and it shows all my OS/2 systems except my
domain controller. When I attempt to open one of the OS/2 systems in the
network browser I get prompted for a user/password and this the fails. So
I assume I have other samba settings to change so I can use OS/2 shares
from linux. Any pointers? Is there a reason my domain controller isn't
being seen? It is a Warp Server Advanced machine and the other systems
have no problems seeing it, but they are all OS/2 systems.
Eventually I will probably set up some shares on the linux system for
access from other systems. Are there other samba settings I will be
needing to change to allow this as well?
-- Dave
-----------------------------------------------------------
dhdurgee<at>verizon<dot>net
-----------------------------------------------------------
Sjoerd Visser
You certainly need:
lanman auth = yes
from the manual:
lanman auth (G)
This parameter determines whether or not smbd(8) will attempt to
authenticate users or permit password changes using the LANMAN
password hash. If disabled, only clients which support NT password
hashes (e.g. Windows NT/2000 clients, smbclient, but not Windows 95/98
or the MS DOS network client) will be able to connect to the Samba
host.
The LANMAN encrypted response is easily broken, due to it's
case-insensitive nature, and the choice of algorithm. Servers without
Windows 95/98/ME or MS DOS clients are advised to disable this option.
Unlike the encrypt passwords option, this parameter cannot alter
client behaviour, and the LANMAN response will still be sent over the
network. See the client lanman auth to disable this for Samba's
clients (such as smbclient)
If this option, and ntlm auth are both disabled, then only NTLMv2
logins will be permited. Not all clients support NTLMv2, and most will
require special configuration to use it.
Default: lanman auth = no
Other usefull settings are:
[Globals]
store dos attributes = Yes
ea support = Yes
lm announce = Yes
dos charset = CP850
unix charset = UTF-8
display charset = LOCALE
Sjoerd Visser
Sjoerd Visser
To acess OS/2 shares via samba client you need:
client lanman auth = Yes
client lanman auth (G)
This parameter determines whether or not smbclient(8) and other samba
client tools will attempt to authenticate itself to servers using the
weaker LANMAN password hash. If disabled, only server which support NT
password hashes (e.g. Windows NT/2000, Samba, etc... but not Windows
95/98) will be able to be connected from the Samba client.
The LANMAN encrypted response is easily broken, due to it's
case-insensitive nature, and the choice of algorithm. Clients without
Windows 95/98 servers are advised to disable this option.
Disabling this option will also disable the client plaintext auth
option
Likewise, if the client ntlmv2 auth parameter is enabled, then only
NTLMv2 logins will be attempted.
Default: client lanman auth = no
--
Using knetattach I got the best results.
http://docs.kde.org/stable/en/kdebase-runtime/knetattach/index.html
Mounting OS/2 shares via CIFS and fstab did not work.
Sjoerd Visser
Sjoerd Visser
<sjoerd....@spam.hccnet.nl> wrote:
>
> Using knetattach I got the best results.
> http://docs.kde.org/stable/en/kdebase-runtime/knetattach/index.html
The essential component seems to be:
http://barryp.org/software/py-smbpasswd
dev-python/py-smbpasswd
SMB Password Hash Generator
This module can generate both LANMAN and NT password hashes, suitable
for use with Samba.
> Mounting OS/2 shares via CIFS and fstab did not work.
This is an �old� problem.
Originally Samba could be mounted with smbmount. And also via fsta
(fstab type smbfs). But smbmount/SMB FS was lost in samba 3.2.0 (or
earlier). It was replaced by the Common Internet File System (CIFS),
that was supported by Windows 2000 server.
zolder:/home/sjoerd # mount /mnt/data
mount: onbekende bestandssysteemsoort 'smbfs'
(translated: mount: unknown file system �smbfs�)
The samba team had to follow Microsofts moves. One of them was to more
and more refusing to connect with legacy SMB versions. For this reason
OS/2 and Windows 9x users cannot connect to Windows Vista shares via
the LANMAN protocol (Windows 7 was not tested by me, but will probably
have the same problem). As they do not support the LANMAN hash:
http://en.wikipedia.org/wiki/LM_hash.
As the python plugin does.
Sjoerd Visser
m...@privacy.net
I am using Gnome, not KDE here. Is there a Gnome version of this out
there somewhere? If not, is there a way to use the kde utility with my
Gnome based system?
I am still trying a few other things here, but not getting anywhere very
fast.
Marty
> I have just installed Linux Mint x64 release 8 (helena) on one of my
> systems to check it out. I am trying to configure samba on there so it
> will allow mounting of some OS/2 shares, but I am not getting in. I did
> set the workgroup properly and it shows all my OS/2 systems except my
> domain controller. When I attempt to open one of the OS/2 systems in the
> network browser I get prompted for a user/password and this the fails. So
> I assume I have other samba settings to change so I can use OS/2 shares
> from linux. Any pointers? Is there a reason my domain controller isn't
> being seen? It is a Warp Server Advanced machine and the other systems
> have no problems seeing it, but they are all OS/2 systems.
>
> Eventually I will probably set up some shares on the linux system for
> access from other systems. Are there other samba settings I will be
> needing to change to allow this as well?
If it helps, here is my /etc/fstab settings for some OS/2 filesystems
(with Samba server on OS/2, not LANMAN):
//computername/cdrive /mnt/computername_c cifs
credentials=/etc/remote_samba_auth,uid=1000,gid=100,nocase,noacl,noperm 0 0
The user id and group id are those of my main (non-root) user who should
have access to the filesystem.
I created the credentials file with root read/write only, containing:
username=...
password=...
It's plain text, but if the filesystem permissions are protected, it's
ok in my book.
These now mount on startup for me on my OpenSuse 11 system. I know it's
not your exact situation, but I hope it helps some.
--
Reverse the parts of the e-mail address to reply by mail.
Bart
OS/2 apps make good use of EA's (64kb in size), but the only Linux file system
that supports 64kb EA's is XFS
When using an OS/2 Lan client to connect to a Samba server, Samba checks your
clients authorization. So you need to set up the Samba server with client logon
information. On the server you would run: smbpasswd (for each of your clients)
Appears to be case insensitive.
Bart
Toronto
Sjoerd Visser
> In <BphwdKdjdSdj-pn2-88dQFmWJcEx4@localhost>, on 12/23/2009
> at 02:12 AM, "Sjoerd Visser" <sjoerd....@spam.hccnet.nl> said:
>
> >On Wed, 23 Dec 2009 00:29:20 UTC, "Sjoerd Visser"
> ><sjoerd....@spam.hccnet.nl> wrote:
> >>
> >> Using knetattach I got the best results.
> >> http://docs.kde.org/stable/en/kdebase-runtime/knetattach/index.html
> >
> I am using Gnome, not KDE here. Is there a Gnome version of this out
> there somewhere? If not, is there a way to use the kde utility with my
> Gnome based system?
Gnome en KDE libraries can coexist. Under Suse (in theory all Linux
versions) you can choose the desktop. And you can run KDE applications
under Gnome and Gnome applications under the KDE.
If you have a RPM installer, select KNetattach and let the installer
install the needed KDE base libraries.
Greetings,
Sjoerd Visser
m...@privacy.net
I went ahead and installed the KDE base libraries as you suggested. I find
that I can invoke KNetattach as you indicated, but I must have missed
something somewhere in using this as I am seeing much the same behavior
with KNetattach that I do with the Gnome network object. I select the
Microsoft Windows network drive radio button and hit the next button. On
the next form I enter the OS/2 machine name and the share name along with
a name for the network folder and hit the save& connect button. This pops
up another form requesting the user and password for the OS/2 machine. I
enter this, and I have tried both in lower and upper case, and click the
button and after a few seconds I get another prompt for the user and
password.
So what did I miss in all this? Do I need to add my Linux user/pwd to my
OS/2 machine? Do I need to use this py-smbpasswd utility in some fashion
on the Linux system to prepare things? Perhaps once I do whatever I
missed things will work from the Gnome network object as well, since the
behavior is so similar to that of KNetattach.
Jim Moe
>
> //computername/cdrive /mnt/computername_c cifs
> credentials=/etc/remote_samba_auth,uid=1000,gid=100,nocase,noacl,noperm 0 0
>
--
jmm (hyphen) list (at) sohnen-moe (dot) com
(Remove .AXSPAMGN for email)
Marty
> On 12/26/09 10:45 pm, Marty wrote:
>> //computername/cdrive /mnt/computername_c cifs
>> credentials=/etc/remote_samba_auth,uid=1000,gid=100,nocase,noacl,noperm 0 0
>>
> What do the options "noacl,noperm" do?
They basically make it so that only the single user/group ID that you
specify can access the filesystem. This also helped me resolve some
issues with validating credentials on the eCS Samba server side.
--
[Reverse the parts of the e-mail address to reply.]