Differences between version 28 and revision by previous author of SambaNotes.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 28 | Last edited on Thursday, August 25, 2005 1:25:47 pm | by CraigBox | Revert |
| Older page: | version 25 | Last edited on Thursday, September 2, 2004 1:38:17 pm | by DanielLawson | Revert |
@@ -17,12 +17,14 @@
!! Firewalling SMB/CIFS
If you wish to firewall out all smb/cifs traffic (from either samba or windows pc's) you will need to firewall the following ports:
+<pre>
UDP/137 - used by nmbd
UDP/138 - used by nmbd
TCP/139 - used by smbd
TCP/445 - used by smbd
+</pre>
The last one is important as many older firewall setups may not be aware of it, given that this port was only added to the protocol in recent years.
For more information on the use of port 445, go to http://www.petri.co.il/what_is_port_445_in_w2kxp.htm
@@ -34,46 +36,35 @@
In newer lpd versions, there is a parameter (done_jobs) which is set to 1 by default - it stores old completed jobs for "reference". Unfortunately, windows retains these jobs in the spooler. This is not usually desirable behaviour.
Set "done_jobs=0" in lpd.conf and restart lpd.
!!Unable to login to samba - logs show "nobody" being auth'd instead of user.
-This is probably a symptom of having usernames with mixed case. If this is so, you need to modify the
-[
[global] section of smb.conf with the parameter:
-
username level = 3
-You may need more, depending on your pattern of usernames. This parameter tells samba to try at least $username_level initial caps in the supplied name. For example, I had a site where the username pattern matched Y[
[-2]name. In this case, I needed to set username level to 1, to catch the initial uppercase character. Needless to say this would not be necessary if windows
clients would behave and send the username exactly as provided...
+This is probably a symptom of having usernames with mixed case. If this is so, you need to modify the ~
[global] section of smb.conf with the parameter <tt>
username level = 3</tt>.
+
+You may need more, depending on your pattern of usernames. This parameter tells samba to try at least $username_level initial caps in the supplied name. For example, I had a site where the username pattern matched Y~
[-2]name. In this case, I needed to set username level to 1, to catch the initial uppercase character. Needless to say this would not be necessary if Windows
clients would behave and send the username exactly as provided...
!!Print Queue in Windows 2000/XP shows "Access denied, unable to connect".
This drove me insane. I now have the answer:
-1. Edit smb.conf. Ensure you add in the global section "
use client driver = yes"
.
+1. Edit smb.conf. Ensure you add in the global section <tt>
use client driver = yes</tt>
.
2. On the printers share definition, ensure the following rights are granted:
+<pre>
printer = raw
browseable = yes
public = yes
guest ok = yes
writable = yes
printable = yes
+</pre>
3. Restart Samba.
!!Storing profiles on a Samba 2.2.x server fails after applying either Win XP SP1 or Win 2k SP4 on the client
Microsoft changed things and it broke samba versions older than 2.2.6. 2.2.6 added a new config option (profile acls (S)) to allow a work around for this. Check the smb.conf man page from version 2.2.6 or higher.
-Debian woody only ships version 2.2.3a with back-ported patches for security updates so needs to be updated for this to work.
-
-8a
packages can be found here
http://people.debian.org/~peloy/samba/ or here ftp://au1
.samba.org/pub/samba/Binary_Packages/Debian
-
-You can just add either
-
-
deb !
http://people.debian.org/~peloy/samba stable main
-
-or
-
- deb !ftp://au1.samba.org/pub/samba/Binary_Packages/Debian stable main
-
-
+Debian woody only ships version 2.2.3a with back-ported patches for security updates so needs to be updated for this to work. Use [Debian backported
2.2.9
packages|
http://people.debian.org/~peloy/samba/]
. Add =
deb http://people.debian.org/~peloy/samba stable main=
to your apt sources.list.
!!Offline files fails
If you have a file share with multiple users using it regularly, and one of the users tries to synchronize the files using Windows's "Offline Files" feature, you might find that random files fail. The user will have read/write access through their group, but the file will be owned by someone else.
