URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID14
Нить номер: 711
[ Назад ]

Исходное сообщение
"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"

Отправлено marlis , 10-Янв-06 07:43 
    samba 3.0.20 на suse 10
    win98 работает, но вот в winXP выдается сообщение что не найдено имя польз-ля хотя в логах ясно видно что оно авторизовано!
    Хотя пользователь test1 есть и машина acount7(с которой заходим) тоже есть!

    1.и в  passwd
(test1:x:1000:100:test1:/home/test1:/bin/bash)
acount7$:x:1003:201:acount7$:/dev/null:/bin/false

    2.и в smbpasswd   (test1:1000:01FC5A6BE7BC6929AAD3B435B51404EE:0CB6948805F797BF2A82807973B89537:[U          ]:LCT-43C20643:test1)
acount7$:1003:E78E99F86A284CC8AAD3B435B51404EE:B7D9EA8866E94FFEACBCA6223269EA76:[W          ]:LCT-43C23F99:

    Вот конфиги:

    smb.conf
    [global]
    netbios name = ns
    workgroup = kafc
    server string= name server

    os level = 64
    preferred master = yes
    domain master = yes
    local master = yes

    domain logons = yes
    security = user
    encrypt passwords = yes
    log file= /var/log/samba/log.$m
    log level= 2
    max log size= 100
    hosts allow= 127.0.0.1 172.22.31.0/255.255.255.0

    logon home = \\home\%u
    logon drive = H:
    logon path = \\%L\profiles\%U

    logon script= netlogon.bat

    [homes]
    comment= Home Directories
    browsable= no
    writeable= yes

    [profiles]
    path= /home/samba/profiles
    browsable= no
    writeable= yes
    create mask= 0600
    directory mask= 0700

    [netlogon]
    path = /home/netlogon
    read only= yes
    writelist= test1


    log-и
    [2006/01/09 13:14:43, 2] lib/access.c:check_access(324)
      Allowed connection from  (172.22.31.33)
    [2006/01/09 13:14:43, 2] smbd/sesssetup.c:setup_new_vc_session(704)
      setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
    [2006/01/09 13:14:43, 2] smbd/sesssetup.c:setup_new_vc_session(704)
      setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
    [2006/01/09 13:14:43, 2] auth/auth.c:check_ntlm_password(307)
      check_ntlm_password:  authentication for user [test1] -> [test1] -> [test1] succeeded
    [2006/01/09 13:14:43, 2] lib/access.c:check_access(324)
      Allowed connection from  (172.22.31.33)
    [2006/01/09 13:14:43, 2] smbd/server.c:exit_server(608)
      Closing connections
    [2006/01/09 13:14:43, 2] lib/access.c:check_access(324)
      Allowed connection from  (172.22.31.33)
    [2006/01/09 13:14:43, 2] smbd/sesssetup.c:setup_new_vc_session(704)
      setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
    [2006/01/09 13:14:43, 2] smbd/sesssetup.c:setup_new_vc_session(704)
      setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
    [2006/01/09 13:14:43, 2] auth/auth.c:check_ntlm_password(307)
      check_ntlm_password:  authentication for user [test1] -> [test1] -> [test1] succeeded
    [2006/01/09 13:14:43, 2] lib/access.c:check_access(324)
      Allowed connection from  (172.22.31.33)
    [2006/01/09 13:14:44, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2276)
      Returning domain sid for domain KAFC -> S-1-5-21-2730226570-2153102434-2005764341
    [2006/01/09 13:14:44, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2276)
      Returning domain sid for domain KAFC -> S-1-5-21-2730226570-2153102434-2005764341
    [2006/01/09 13:14:44, 2] smbd/server.c:exit_server(608)
      Closing connections


Содержание

Сообщения в этом обсуждении
"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"
Отправлено marlis , 10-Янв-06 10:19 
Вот продолжение! Из которого следует что NT_STATUS_NETWORK_ACCESS_DENIED!!!

  Got NTLMSSP neg_flags=0x60088215
[2006/01/10 13:06:31, 3] smbd/password.c:register_vuid(257)
  User name: test1    Real name: test1
[2006/01/10 13:06:31, 3] smbd/password.c:register_vuid(276)
  UNIX uid 1000 is UNIX user test1, and will be vuid 101
[2006/01/10 13:06:31, 3] smbd/password.c:register_vuid(305)
  Adding homes service for user 'test1' using home directory: '/home/test1'
[2006/01/10 13:06:31, 3] param/loadparm.c:lp_add_home(2434)
  adding home's share [test1] for user 'test1' at '/home/test1'
[2006/01/10 13:06:31, 3] smbd/process.c:process_smb(1114)
  Transaction 3 of length 74
[2006/01/10 13:06:31, 3] smbd/process.c:switch_message(900)
  switch message SMBtconX (pid 18778) conn 0x0
[2006/01/10 13:06:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/01/10 13:06:31, 3] lib/access.c:check_access(313)
  check_access: no hostnames in host allow/deny list.
[2006/01/10 13:06:31, 2] lib/access.c:check_access(324)
  Allowed connection from  (172.22.31.33)
[2006/01/10 13:06:31, 3] smbd/service.c:make_connection_snum(477)
  Connect path is '/var/tmp' for service [IPC$]
[2006/01/10 13:06:31, 3] lib/util_seaccess.c:se_access_check(250)
[2006/01/10 13:06:31, 3] lib/util_seaccess.c:se_access_check(251)
  se_access_check: user sid is S-1-5-21-2730226570-2153102434-2005764341-3000
  se_access_check: also S-1-5-21-2730226570-2153102434-2005764341-2201
  se_access_check: also S-1-1-0
  se_access_check: also S-1-5-2
  se_access_check: also S-1-5-11
  se_access_check: also S-1-5-21-2730226570-2153102434-2005764341-1033
  se_access_check: also S-1-5-21-2730226570-2153102434-2005764341-1067
[2006/01/10 13:06:31, 3] smbd/vfs.c:vfs_init_default(215)
  Initialising default vfs hooks
[2006/01/10 13:06:31, 3] lib/util_seaccess.c:se_access_check(250)
[2006/01/10 13:06:31, 3] lib/util_seaccess.c:se_access_check(251)
  se_access_check: user sid is S-1-5-21-2730226570-2153102434-2005764341-3000
  se_access_check: also S-1-5-21-2730226570-2153102434-2005764341-2201
  se_access_check: also S-1-1-0
  se_access_check: also S-1-5-2
  se_access_check: also S-1-5-11
  se_access_check: also S-1-5-21-2730226570-2153102434-2005764341-1033
  se_access_check: also S-1-5-21-2730226570-2153102434-2005764341-1067
[2006/01/10 13:06:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (1000, 600) - sec_ctx_stack_ndx = 0
[2006/01/10 13:06:31, 3] smbd/service.c:make_connection_snum(662)
  testmachine1 (172.22.31.33) connect to service IPC$ initially as user test1 (uid=1000, gid=600) (pid 18778)
[2006/01/10 13:06:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/01/10 13:06:31, 3] smbd/reply.c:reply_tcon_and_X(666)
  tconX service=IPC$
[2006/01/10 13:06:31, 3] smbd/process.c:process_smb(1114)
  Transaction 4 of length 104
[2006/01/10 13:06:31, 3] smbd/process.c:switch_message(900)
  switch message SMBntcreateX (pid 18778) conn 0x803a2468
[2006/01/10 13:06:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (1000, 600) - sec_ctx_stack_ndx = 0
[2006/01/10 13:06:31, 3] smbd/nttrans.c:nt_open_pipe(351)
  nt_open_pipe: Known pipe lsarpc opening.
[2006/01/10 13:06:31, 3] smbd/process.c:process_smb(1114)
  Transaction 5 of length 76
[2006/01/10 13:06:31, 3] smbd/process.c:switch_message(900)
  switch message SMBtrans2 (pid 18778) conn 0x803a2468
[2006/01/10 13:06:31, 3] smbd/error.c:error_packet(147)
  error packet at smbd/trans2.c(4877) cmd=50 (SMBtrans2) NT_STATUS_NETWORK_ACCESS_DENIED
[2006/01/10 13:06:31, 3] smbd/process.c:process_smb(1114)


"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"
Отправлено liks , 10-Янв-06 15:18 
Если вы прибавите еще 5 восклицательных знаков вам быстрее не ответят.

Ошибка выдается при доступе к шарам или при входе в домен? Точное название ошибки в windows? Увеличьте log level до 5, а еще лучше до 10, пересмотрите на предмет ошибки.

Он аутентификацию проходит, но почему-то ему запрещен доступ, а вот почему - здесь не видно.


"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"
Отправлено marlis , 11-Янв-06 07:36 
все заработало! глюк был в самой винде а вернее в политике безопасности!
всем спасибо :)

"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"
Отправлено teebot , 17-Янв-06 13:39 
>все заработало! глюк был в самой винде а вернее в политике безопасности!
>
>всем спасибо :)

а расскажи что имнно было в политике безопасности


"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"
Отправлено Andrei V. Lavreniyuk , 12-Янв-06 20:11 

  Замучала меня самба, броадкаст не проходит, что делать?

Два интерфейса, один в инет другой интранет. IPFW+NAT.


[2006/01/12 19:05:32, 0] nmbd/nmbd.c:main(724)
  Netbios nameserver version 3.0.21a started.
  Copyright Andrew Tridgell and the Samba Team 1992-2005
[2006/01/12 19:05:32, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(137) ERRNO=Permission denied
[2006/01/12 19:05:32, 0] nmbd/nmbd_packets.c:send_netbios_packet(163)
  send_netbios_packet: send_packet() to IP 192.168.0.255 port 137 failed
[2006/01/12 19:05:32, 0] nmbd/nmbd_nameregister.c:register_name(512)
  register_name: Failed to send packet trying to register name SIGMA<20>
[2006/01/12 19:05:32, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(137) ERRNO=Permission denied
[2006/01/12 19:05:32, 0] nmbd/nmbd_packets.c:send_netbios_packet(163)
  send_netbios_packet: send_packet() to IP 192.168.0.255 port 137 failed
[2006/01/12 19:05:32, 0] nmbd/nmbd_nameregister.c:register_name(512)
  register_name: Failed to send packet trying to register name SIGMA<03>
[2006/01/12 19:05:32, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(137) ERRNO=Permission denied
[2006/01/12 19:05:32, 0] nmbd/nmbd_packets.c:send_netbios_packet(163)
  send_netbios_packet: send_packet() to IP 192.168.0.255 port 137 failed
[2006/01/12 19:05:32, 0] nmbd/nmbd_nameregister.c:register_name(512)
  register_name: Failed to send packet trying to register name SIGMA<00>
[2006/01/12 19:05:32, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(137) ERRNO=Permission denied
[2006/01/12 19:05:32, 0] nmbd/nmbd_packets.c:send_netbios_packet(163)
  send_netbios_packet: send_packet() to IP 192.168.0.255 port 137 failed
[2006/01/12 19:05:32, 0] nmbd/nmbd_nameregister.c:register_name(512)
  register_name: Failed to send packet trying to register name TECHNICA-03<00>
[2006/01/12 19:05:32, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(137) ERRNO=Permission denied
[2006/01/12 19:05:32, 0] nmbd/nmbd_packets.c:send_netbios_packet(163)
  send_netbios_packet: send_packet() to IP 192.168.0.255 port 137 failed
[2006/01/12 19:05:32, 0] nmbd/nmbd_nameregister.c:register_name(512)
  register_name: Failed to send packet trying to register name TECHNICA-03<1e>
[2006/01/12 19:05:42, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(138) ERRNO=Permission denied
[2006/01/12 19:06:42, 0] libsmb/nmblib.c:send_udp(791)
  Packet send failed to 192.168.0.255(138) ERRNO=Permission denied


"SAMBA PDC ---- WindowsXP??? help!!! sos!!!"
Отправлено Andrei V. Lavreniyuk , 25-Янв-06 08:23 
>  Замучала меня самба, броадкаст не проходит, что делать?
>Два интерфейса, один в инет другой интранет. IPFW+NAT.
>
>
>[2006/01/12 19:05:32, 0] nmbd/nmbd.c:main(724)
>  Netbios nameserver version 3.0.21a started.
>  Copyright Andrew Tridgell and the Samba Team 1992-2005
>[2006/01/12 19:05:32, 0] libsmb/nmblib.c:send_udp(791)


  Всем спасибо. Сам разобрался. Не в то место в конфиге ipfw "влепил"
  правило, вот оно и не работало. Вопрос снят.