diff options
author | cvs2svn Import User <samba-bugs@samba.org> | 2002-10-04 19:11:37 +0000 |
---|---|---|
committer | cvs2svn Import User <samba-bugs@samba.org> | 2002-10-04 19:11:37 +0000 |
commit | 326a429d4665130980e1f77cc2c6e65835fdb235 (patch) | |
tree | cbde7e96bdd0139c7b05c91bbeff4f567f5312b4 /docs/faq/errors.html | |
parent | 36ef82a52953384acedbd51f54ded9357fa8ca3e (diff) | |
parent | d2ea6d5ae759bd2c842b5836d778b5a52b8af477 (diff) | |
download | samba-326a429d4665130980e1f77cc2c6e65835fdb235.tar.gz samba-326a429d4665130980e1f77cc2c6e65835fdb235.tar.bz2 samba-326a429d4665130980e1f77cc2c6e65835fdb235.zip |
This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This used to be commit 7950dfc795568798e8ede784b4e8b927be0add49)
Diffstat (limited to 'docs/faq/errors.html')
-rw-r--r-- | docs/faq/errors.html | 307 |
1 files changed, 307 insertions, 0 deletions
diff --git a/docs/faq/errors.html b/docs/faq/errors.html new file mode 100644 index 0000000000..b36251ec13 --- /dev/null +++ b/docs/faq/errors.html @@ -0,0 +1,307 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<HTML +><HEAD +><TITLE +>Common errors</TITLE +><META +NAME="GENERATOR" +CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK +REL="HOME" +TITLE="Samba FAQ" +HREF="samba-faq.html"><LINK +REL="PREVIOUS" +TITLE="Specific client application problems" +HREF="clientapp.html"><LINK +REL="NEXT" +TITLE="Features" +HREF="features.html"></HEAD +><BODY +CLASS="CHAPTER" +BGCOLOR="#FFFFFF" +TEXT="#000000" +LINK="#0000FF" +VLINK="#840084" +ALINK="#0000FF" +><DIV +CLASS="NAVHEADER" +><TABLE +SUMMARY="Header navigation table" +WIDTH="100%" +BORDER="0" +CELLPADDING="0" +CELLSPACING="0" +><TR +><TH +COLSPAN="3" +ALIGN="center" +>Samba FAQ</TH +></TR +><TR +><TD +WIDTH="10%" +ALIGN="left" +VALIGN="bottom" +><A +HREF="clientapp.html" +ACCESSKEY="P" +>Prev</A +></TD +><TD +WIDTH="80%" +ALIGN="center" +VALIGN="bottom" +></TD +><TD +WIDTH="10%" +ALIGN="right" +VALIGN="bottom" +><A +HREF="features.html" +ACCESSKEY="N" +>Next</A +></TD +></TR +></TABLE +><HR +ALIGN="LEFT" +WIDTH="100%"></DIV +><DIV +CLASS="CHAPTER" +><H1 +><A +NAME="ERRORS" +></A +>Chapter 4. Common errors</H1 +><DIV +CLASS="SECT1" +><H1 +CLASS="SECT1" +><A +NAME="AEN201" +></A +>4.1. Not listening for calling name</H1 +><P +><PRE +CLASS="PROGRAMLISTING" +>Session request failed (131,129) with myname=HOBBES destname=CALVIN +Not listening for calling name</PRE +></P +><P +>If you get this when talking to a Samba box then it means that your +global "hosts allow" or "hosts deny" settings are causing the Samba +server to refuse the connection. </P +><P +>Look carefully at your "hosts allow" and "hosts deny" lines in the +global section of smb.conf. </P +><P +>It can also be a problem with reverse DNS lookups not functioning +correctly, leading to the remote host identity not being able to +be confirmed, but that is less likely.</P +></DIV +><DIV +CLASS="SECT1" +><H1 +CLASS="SECT1" +><A +NAME="AEN208" +></A +>4.2. System Error 1240</H1 +><P +>System error 1240 means that the client is refusing to talk +to a non-encrypting server. Microsoft changed WinNT in service +pack 3 to refuse to connect to servers that do not support +SMB password encryption.</P +><P +>There are two main solutions: +<P +></P +><TABLE +BORDER="0" +><TBODY +><TR +><TD +>enable SMB password encryption in Samba. See the encryption part of +the samba HOWTO Collection</TD +></TR +><TR +><TD +>disable this new behaviour in NT. See the section about +Windows NT in the chapter "Portability" of the samba HOWTO collection</TD +></TR +></TBODY +></TABLE +><P +></P +> </P +></DIV +><DIV +CLASS="SECT1" +><H1 +CLASS="SECT1" +><A +NAME="AEN215" +></A +>4.3. smbclient ignores -N !</H1 +><P +><SPAN +CLASS="QUOTE" +>"When getting the list of shares available on a host using the command +<B +CLASS="COMMAND" +>smbclient -N -L</B +> +the program always prompts for the password if the server is a Samba server. +It also ignores the "-N" argument when querying some (but not all) of our +NT servers."</SPAN +> </P +><P +>No, it does not ignore -N, it is just that your server rejected the +null password in the connection, so smbclient prompts for a password +to try again.</P +><P +>To get the behaviour that you probably want use <B +CLASS="COMMAND" +>smbclient -L host -U%</B +></P +><P +>This will set both the username and password to null, which is +an anonymous login for SMB. Using -N would only set the password +to null, and this is not accepted as an anonymous login for most +SMB servers.</P +></DIV +><DIV +CLASS="SECT1" +><H1 +CLASS="SECT1" +><A +NAME="AEN224" +></A +>4.4. The data on the CD-Drive I've shared seems to be corrupted!</H1 +><P +>Some OSes (notably Linux) default to auto detection of file type on +cdroms and do cr/lf translation. This is a very bad idea when use with +Samba. It causes all sorts of stuff ups.</P +><P +>To overcome this problem use conv=binary when mounting the cdrom +before exporting it with Samba.</P +></DIV +><DIV +CLASS="SECT1" +><H1 +CLASS="SECT1" +><A +NAME="AEN228" +></A +>4.5. Why can users access home directories of other users?</H1 +><P +><SPAN +CLASS="QUOTE" +>"We are unable to keep individual users from mapping to any other user's +home directory once they have supplied a valid password! They only need +to enter their own password. I have not found *any* method that I can +use to configure samba to enforce that only a user may map their own +home directory."</SPAN +></P +><P +><SPAN +CLASS="QUOTE" +>"User xyzzy can map his home directory. Once mapped user xyzzy can also map +*anyone* elses home directory!"</SPAN +></P +><P +>This is not a security flaw, it is by design. Samba allows +users to have *exactly* the same access to the UNIX filesystem +as they would if they were logged onto the UNIX box, except +that it only allows such views onto the file system as are +allowed by the defined shares.</P +><P +>This means that if your UNIX home directories are set up +such that one user can happily cd into another users +directory and do an ls, the UNIX security solution is to +change the UNIX file permissions on the users home directories +such that the cd and ls would be denied.</P +><P +>Samba tries very hard not to second guess the UNIX administrators +security policies, and trusts the UNIX admin to set +the policies and permissions he or she desires.</P +><P +>Samba does allow the setup you require when you have set the +"only user = yes" option on the share, is that you have not set the +valid users list for the share.</P +><P +>Note that only user works in conjunction with the users= list, +so to get the behavior you require, add the line : +<PRE +CLASS="PROGRAMLISTING" +>users = %S</PRE +> +this is equivalent to: +<PRE +CLASS="PROGRAMLISTING" +>valid users = %S</PRE +> +to the definition of the [homes] share, as recommended in +the smb.conf man page.</P +></DIV +></DIV +><DIV +CLASS="NAVFOOTER" +><HR +ALIGN="LEFT" +WIDTH="100%"><TABLE +SUMMARY="Footer navigation table" +WIDTH="100%" +BORDER="0" +CELLPADDING="0" +CELLSPACING="0" +><TR +><TD +WIDTH="33%" +ALIGN="left" +VALIGN="top" +><A +HREF="clientapp.html" +ACCESSKEY="P" +>Prev</A +></TD +><TD +WIDTH="34%" +ALIGN="center" +VALIGN="top" +><A +HREF="samba-faq.html" +ACCESSKEY="H" +>Home</A +></TD +><TD +WIDTH="33%" +ALIGN="right" +VALIGN="top" +><A +HREF="features.html" +ACCESSKEY="N" +>Next</A +></TD +></TR +><TR +><TD +WIDTH="33%" +ALIGN="left" +VALIGN="top" +>Specific client application problems</TD +><TD +WIDTH="34%" +ALIGN="center" +VALIGN="top" +> </TD +><TD +WIDTH="33%" +ALIGN="right" +VALIGN="top" +>Features</TD +></TR +></TABLE +></DIV +></BODY +></HTML +>
\ No newline at end of file |