Web lists-archives.com

Re: [Samba] Cannot login to Samba server remotely of 20)




Hi Rowland, the server was just a standalone server. Not sure what 'other' type of VPN to use to connect to the router. PPTP is no longer considered secure as I am sure you are aware of.  Originally this box was setup as a PDC but people there hated the login/logoff time because of user profiles being kept on server.

Will add ntlm auth = yes and see if that helps.

I will let you know.
Thanks!



On 8/25/2017 4:40 PM, Rowland Penny via samba - samba@xxxxxxxxxxxxxxx wrote:
On Fri, 25 Aug 2017 15:54:07 -0400
"samba.x.eliezer613--- via samba" <samba@xxxxxxxxxxxxxxx> wrote:

Hi, can't seem to login to Samba Server using notebook. OS is FreeBSD
10.3. Samba Version is 4.6.6
Connect to the remote Samba server using L2TP/IPSec connection. When
trying to login it's not accepting the correct credentials.

When ssh'ing to the server can login without any issue:

# smbclient -Uusername //server/share
Enter SERVERNAME\username's password:
Domain=[DOMAINNAME] OS=[] Server=[]
smb: \>

Do find it also strange the OS= and Server= are blank. Samba 3.6 did
not do this.

When trying to login remotely  from windows 7 notebook smbd.log
doesn't appear to show errors. I will show them below. The smb4.conf
has the following (tried changing some of the options to get this
working):

[global]
          workgroup = DOMAINNAME
          server string = DOMAIN NAME FreeBSD File Server on %h
          netbios name = MACHINENAME
          interfaces = em0, lo0
          hosts allow = 192.168.251.0/24 192.168.252.0/24 127.0.0.1
#       passdb backend = smbpasswd
          passdb backend = tdbsam
#       server role = standalone server
#       username map = /usr/local/etc/samba4/username.map
          log level = 10
          log file = /var/log/samba4/%m.log
          max log size = 50
#       socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
#       socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072
SO_SNDBUF=131072
          socket options = TCP_NODELAY
#       disable spoolss = Yes
#       read raw = yes
#       write raw = yes
#       use sendfile = true
#       strict locking = No
          security = user
          logon script = netlogin.cmd
          logon path = \\%L\Profiles\%U
          logon drive = Z:
          domain logons = Yes
          os level = 33
          preferred master = Yes
          domain master = Yes
          dns proxy = No
          wins support = Yes

What is this supposed to be ? a standalone server or an NT4-style PDC ?
If it is the later, I would suggest you remove 'security = user'.

I think you are getting hit by a change made when 4.5.0 came out, the
default for 'ntlm auth' changed from 'yes' to 'no', but you should
consider trying to find another connection method before adding 'ntlm
auth = yes'.

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba