我有一台Debian正在運行的計算機Samba。我從另一台運行Windows 7.作為訪客,我可以將共享列為唯讀、強制用戶等。我只得到\\ip\storage 無法訪問。
這是我的配置:
* 使用者作為真實使用者存在
* samba 運行為security = user
* 我已新增使用者smbpasswd -a user
* 日誌沒有顯示任何錯誤
* testparm 顯示以下內容:
[global]
server string = %h server
interfaces = 127.0.0.0/8, eth1
bind interfaces only = Yes
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap config * : backend = tdb
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
print ok = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[cdrom]
comment = Samba server's CD-ROM
path = /cdrom
guest ok = Yes
locking = No
[allusers]
comment = Access to all users
path = /home/samba-all-users
valid users = @sambashare
force group = sambashare
read only = No
create mask = 0770
directory mask = 0771
[guest]
comment = Read/Write Guest Account Access
path = /home/samba-guest
force group = sambashare
read only = No
create mask = 0775
directory mask = 0775
guest only = Yes
guest ok = Yes
[storage]
comment = Music
path = /home/daniel/storage
筆記:
* samba 版本是 3.6.6
* 用戶端運行的是 Windows 7 Home Premium
* 我在這台電腦上有一個帶有 iptables 的防火牆,但在這些測試時它只執行 ICS。預設情況下,所有規則均設定為接受。
答案1
Windows 7 網路用戶端需要預設資料包簽章(以防止中間人攻擊)和 Samba停用預設情況下資料包簽署。您的客戶端和伺服器可能無法就此專案進行相互協商。因此,您可以透過兩種方式之一來解決它。
伺服器端解決方案:在 Samba 上啟用封包簽名
將以下內容新增到您的 smb.conf 中:
server signing = auto
重新啟動服務並重試。
您也可以嘗試mandatory代替auto.閱讀文件這裡。
用戶端解決方案:在 Microsoft 網路用戶端上停用封包簽名
首先,開啟本機群組原則編輯器:
- 按開始按鈕
gpedit.msc在開始搜尋框中輸入內容並按 Enter 鍵
在本機群組原則編輯器中,前往:
Local Computer Policy->
Computer Configuration->
Windows Settings->
Security Settings->
Local Policies->
Security Options
查找政策:
Microsoft network client: Digitally sign communications (always)
如果已啟用,請將其變更為停用。按“應用”,重新啟動計算機,然後重試。
答案2
答案3
這是我的工作配置(在 OpenSUSE 11,3 smbd 版本 3.5.4-5.11.1-2573-SUSE-SL11.3 上):
[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = no
domain logons = Yes
domain master = Yes
security = users
wins support = No
hosts allow = 192.168.0.*
[personal_projects]
inherit acls = No
path = /data_storage/personal_projects
read only = No
admin users = backupcat
available = Yes
browseable = Yes
comment = Komodo projects
guest ok = No
hosts allow = 192.168.0.*
valid users = @users
write list = @users
用你的配置嘗試。
答案4
也許不太可能,但 idmap config * 呼叫 winbind,你的 nsswitch.conf 看起來怎麼樣?特別是有關 passwd 的行:
如果您還沒有閱讀過,請參考此處以供進一步閱讀: http://www.samba.org/samba/docs/man/manpages-3/winbindd.8.html
問候