[vox-tech] Passing the proper username from Windows XP to
Linuxvia Samba
ME
vox-tech@lists.lugod.org
Tue, 7 Oct 2003 08:48:20 -0700 (PDT)
Jeff Newmiller said:
> On Mon, 6 Oct 2003, Richard Crawford wrote:
>
>> I'm trying to perfect my home network. I have a server running Red Hat
>> 8, and I'd like to connect to it from my Windows XP laptop so that files
>> I create on my laptop can be edited easily from my Linux desktop.
>>
>> The problem is that even though I map to the network drive with the
>> "user other username and password" function of Windows
When you browse to a share from the network neighborhood or my computers
or my network (the name changes, but the purpose is still "there") and you
double-click on a networked volume, you should be able to "right click and
"connect as"
If not, there is a windows command-line based tool which should permit you
to connect to a samba share as a specific user. (This works with Windows
NT 3.5.1, 4.0), Windows2000, and should work with XP. This should not work
with Widows 95, 98 or ME (as they only allow you to authenticate to
windows file shares as the user with which you first log into windows.)
C:> net use z: \\w.x.y.z.\share /user:username /persistent:no
Z: becomes the network drive letter that is mounted to your windows box,
the username is the username you want to connect to the server with, and
w.x.y.z is the IP address or hostname of the server (the trailing period
seems to be required for the lookup to work properly if you wish to use
IP-based connections) and the /persistent:no is to make sure the
connection is not persistant. (Optional.)
For windows 95, 98, ME you cannot specify the user. When you first start
up windows and you "log into windows" you enter a username on the login
screen of windows. That user is what is used for any and all connections
(except the guest/nobody which still seems to work -- no password.)
Once you have properly authenticated yourself on the samba share, then the
files you create should be owned by the user that you connect to the share
with.
If you cannot connect to the samba share with your username, it is
possible that you do not have a "samba" account.Samba uses a separate
password/auth db from the passwords file. Assume you have added a user to
the system and they exist in /etc/passwd, you can try this:
# smbpasswd non-root-user-to-connect-to-samba-with
You may be prompted for a password to set. If there is an error like "no
such user" reported back by smbpasswd, then that user has not been added
to the samba authentication db. If that is the case, then try this:
# smbpasswd -a username-to-add-to-the-samba-auth-db
(See the man page for smbpassword for more great fun.)
>>, and set the
>> username and password to the username and password of my account on the
>> Linux box,
>
> But Samba uses its own password maintenance utility... it does NOT
> piggyback off the normal login security mechanism, so giving your unix
> username/password to Windows is hopeless. While you can certainly set the
> Samba password to be the same as the unix password, you have to remember
> that when it comes time to change it using "passwd".
I think that samba can be configured to use PAM, but that is normally not
the default, AFAIK.)
What Jeff writes here is accurate (AFAIK.) When you specify a password for
a user with smbpasswd that is usually different from the password that is
set when you run passwd as a regular user.
>> files I create with Windows on the Linux box still show up as
>> owned by "nobody". So I can't edit them on my Linux box without
>> chowning them, which is annoying.
>
> You must be accessing a Samba "guest" account since the Samba
> user/password is not set to match what you are telling Windows to pass to
> Samba.
Yep, and that is a security risk. In cases where you have multiple
authenticated users sharing access to files on a single volume with samba,
it is possible to set the default privs (kind of like a umask) and default
group ownership. This will permit you to have multiple users share
read/write access to files they move, copy create and exit on that share
if they are in the same group.
(Humor) For asking a mostly windows question on a Linux list you owe me
one virtual enigma device, and you owe Jeff a box of his favorite cereal.
(heh-heh: just kidding.)