HPE Community
Operating System - Linux
1827295 Members
3799 Online
109717 Solutions
New Discussion

Re: Samba (smbd) messages in log files

 
Charles Holland
Trusted Contributor

‎06-13-2003 11:21 AM

‎06-13-2003 11:21 AM

Samba (smbd) messages in log files

Running SuSE SLS7 on an ML530 G2. I believe that it has to do with the compatibilty between W2K/XP machines and my samba configuration, which is attached. Since midnight today, this is just and example, I have received 166 messages to the affect.....
smbd[20498]: Denied connection from 192.0.2.XXX (192.0.2.XXX)

Seven differant addresses are showing up 6 ar XP machines and one is a W2K Pro machine. I have just about burned up the last brain cell allocated for this week. All help appreciated and points awarded within 48 hours.
"Not everything that can be counted counts, and not everything that counts can be counted" A. Einstein
0 Kudos
9 REPLIES 9
Manuel Wolfshant
Trusted Contributor

‎06-13-2003 12:13 PM

‎06-13-2003 12:13 PM

Re: Samba (smbd) messages in log files

I quote from smb.conf:
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.

I assume that you need to allow acces from 192.0.2.
0 Kudos
Manuel Wolfshant
Trusted Contributor

‎06-13-2003 12:13 PM

‎06-13-2003 12:13 PM

Re: Samba (smbd) messages in log files

I quote from smb.conf:
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.

I assume that you need to allow acces from 192.0.2.
0 Kudos
Steven E. Protter
Exalted Contributor

‎06-13-2003 12:27 PM

‎06-13-2003 12:27 PM

Re: Samba (smbd) messages in log files

Just for grins, I'm going to upload you a working configuration.

Mine is off an HP-UX and we are not currently validating users on the PDC. The smbpasswd command is being used to create authroized users.

Anyway, this one works. See the attachment.

SEP

11 points away from the Linux leader board.

grrrr.

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Caesar_3
Esteemed Contributor

‎06-13-2003 12:31 PM

‎06-13-2003 12:31 PM

Re: Samba (smbd) messages in log files

Hello!

You can run the samba configurator that
run on 901 port
http://localhost:901
And made/check configurations.

Caesar
0 Kudos
Steven E. Protter
Exalted Contributor

‎06-13-2003 12:31 PM

‎06-13-2003 12:31 PM

Re: Samba (smbd) messages in log files

I would note that we are not doing the allow access command noted in the prior post. We restrict access on the UX side with inetd.sec.

I kind of like the concept but first get it working, thenb tighten up security(don't wait long though).

On the Linux side at my private office, we don't use iptables to keep users outside our network off our samba shares.

That configuration is available upon request. Its already posted in itrc under my name.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Oliver Stoklossa
Frequent Advisor

‎06-16-2003 05:05 AM

‎06-16-2003 05:05 AM

Re: Samba (smbd) messages in log files

Hello there ...

I'm neither a Linux/nor a MS nor a Samba crack, but I guess your connections might result from each machine trying to be the (I hope I am able to use the correct description) the main computer browser and therefore communicating with each other ...
As far as I'm informed, there's a switch to turn this off in the smb.conf

Best regards

Oliver
0 Kudos
Charles Holland
Trusted Contributor

‎06-16-2003 07:55 AM

‎06-16-2003 07:55 AM

Re: Samba (smbd) messages in log files

Thanks for the replies, but maybe I should be asking this in the M$ forum instead of here.
Manual, In the smb.conf I uploaded when I opened this thread I simply substituted
"PC_name_1" etc for names defined in my /etc/hosts file.

SEP, Thanks for the smb.conf file, but there are only 2 of us using the samba system on this box to store files on. We don't use the smbpasswd to do any password authentication. Since we can't rely on our network people to have our file server available, we use the file system on the tux server to store our files. We know when it is up/down.

Caesar, Been there done that......


Oliver, As the configuration file originally attached indicates
preferred master = False
local master = No
domain master = False

The messages recorded in the log files come in 3's and about every 32 minutes that the machines are turned on.

Thanks for any help
"Not everything that can be counted counts, and not everything that counts can be counted" A. Einstein
0 Kudos
Nobody's Hero
Valued Contributor

‎07-26-2003 03:06 PM

‎07-26-2003 03:06 PM

Re: Samba (smbd) messages in log files

I just experienced this problem when loading a linux RH8/SAMBA ICFS system. If you are using a map file to validate userid's and passwords from a windoz box, look closely in the userid fields and /or groups that are mapped. Samba does not like multiple userid's in this file, nor does it like 2 ID's that are mapped to different groups, like:

GROUP1=bob ted harry cindy tina
GROUP2=bob sue larry jodi tina

although your map file destinguishes 2 different groups. Samba will get confused and deny "bob" access. I believe there is a patch from HP that will correct this problem. Please repost if you can't find it.
UNIX IS GOOD
0 Kudos
Avinoam
Frequent Advisor

‎07-26-2003 11:06 PM

‎07-26-2003 11:06 PM

Re: Samba (smbd) messages in log files

you should add to your share the line :
browseable = yes

next :
instead of the pc_name1 pc_name2
try putting the whole subnet ip that you wish ( this is just for debugging your problem ) and if everything is good try specifying the client's ip instead of pc_name1


you can specify the clients ip in your share section , and specify the full subnet ip in the global ( hosts allow ) section.
hope this will help



Sababa
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.