Access Samba share from Windows
13,202
You are missing two key statements, in the /etc/samba/smb.conf file:
server signing = auto
client signing = auto
This should do it.
Related videos on Youtube
Author by
jam
Updated on September 18, 2022Comments
-
jam over 1 year
I have a samba share set up on a linux box which is only accessible from Windows if they turn off Microsoft network client: Digitally sign communications (always)
They would like me to configure the linux end of things to allow them to connect with this setting enabled. What is the minimum I need to do for the windows users to access this share without turning down/off any of the security options on their end?
Possibly relevant info:
- Linux box is running SLES 11 SP2 and Samba 3.6.3
- Windows box is running Windows Server 2008 with Active Directory
This is my smb.conf:
# smb.conf is the main Samba configuration file. You find a full commented # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the # samba-doc package is installed. # Date: 2012-02-03 [global] workgroup = $WINDOWS_DOMAIN_NAME passdb backend = tdbsam map to guest = Bad User include = /etc/samba/dhcp.conf logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: usershare allow guests = No add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = No domain master = No security = domain idmap gid = 10000-20000 idmap uid = 10000-20000 wins support = No wins server = encrypt passwords = yes [$shareName] comment = linux share inherit acls = Yes path = /home/$user/$shareName read only = No available = yes browseable = yes public = yes writable = yes
When they attempt to access the share currently, the errors in /var/log/messages are like:
linux smbd[3336]: [2014/01/24 11:23:25.214046, 0] rpc_client/cli_pipe_schannel.c:54(get_schannel_session_key_common) linux smbd[3336]: get_schannel_session_key: could not fetch trust account password for domain '$WINDOWS_DOMAIN_NAME' linux smbd[3336]: [2014/01/24 11:23:25.216148, 0] rpc_client/cli_pipe_schannel.c:184(cli_rpc_pipe_open_schannel) linux smbd[3336]: cli_rpc_pipe_open_schannel: failed to get schannel session key from server $DOMAIN_CONTROLLER for domain $WINDOWS_DOMAIN_NAME. linux smbd[3336]: [2014/01/24 11:23:25.219196, 0] auth/auth_domain.c:193(connect_to_domain_password_server) linux smbd[3336]: connect_to_domain_password_server: unable to open the domain client session to machine $DOMAIN_CONTROLLER. Error was : NT_STATUS_CANT_ACCESS_DOMAIN_INFO.