[wplug] Samba share question XPP, Win98, WinME

[Frank W. Holden Jr.]

Hi again Randy. With the Win9X series you didn't have the ability to 
do a connect as a particular user UNLESS the username and password is 
being used on that machine. If the samba account is needed for:
UserName: Bonkers
Password: WinSnore
then Bonkers has to be the user name on the machine as the login on 
the Win9X series box and that persons pasword has to be WinSnore. Now, 
you can install the security policies from the Win9X CD. This is a 
real snot of a job in my book. Then you will have a little more 
flexibility, but not enough! The encryption that the 9X series uses 
stinks! This is why I have always used NO ENCRYPTION when W9X boxes 
are on the network...

Several have stated to install NetBEUI on all the boxes. M$ doesn't 
recomend this with W2K or XP. The protocol is basically safe, but it 
is indiginous to WinSnore machines only! There is no NetBEUI for *NIX 
machines... SPX/IPX along with TCP/IP is the transport protocol(s) 
used for Samba. These protocols are routable and NetBEUI is not, so no 
connections via the internet. NetBEUI has no real security other than 
the fact it ISN'T routable.

Example:
I have a whole network up and running with NO NetBEUI using W9X series 
boxes using a W2K server (if that is what you want to call it!) and 
NONE of the machines can see anything to browse on the network, but 
EVERY share is available on ALL machines to ALL machines. You just 
can't see them and it is set that way. I even have specific network 
compliant programs running their own shares to the slave client 9X 
boxes. Calendars, schedulers and databases use this connection 
efficiently! No encryption works well between W2K and W9X boxes 
without flaw. If needed a small LRP-Router (386-25MHzDX 16MB) can be 
used to keep the internet out of your network. I see you have a router 
already so a DMZ can be setup if security is in question. This is what 
I use on a lawyers network and you know they can be a bigger pain in 
a$$ than a large corp... Todate there has been many attempts to crack 
the system with NO successes!!! (No I won't tell you the IP!)

Drawback, you see 'NOTHING' when you browse the network, but it is ALL 
there to use! If you NEED to be able to browse the network, why I 
wouldn't know, then you have to set the Linux box as a master 
everything browser with all accounts browsable and set each WinSnore 
box to broadcast so they are seen by the master browser. An XP or W2K 
machine will fight it out with the Linux box, but the Linux box WILL 
win! The master browser will keep track of what is out there for you 
and announce it to every machine. My personal home network is setup so 
the shares are there to be seen for the rest of the family, not me...

Frank

PS - YES, the W9X machines are causing the problems for you and there 
isn't really anything you can do but to step back and punt the 
encryption out!


Randy Kosarik wrote:
> XPP connects to the Samba share fine.
> 
> I do a:
>     adduser -m {username}
>     smbpasswd -a {username}
> and the XPP sees the shares, connects without issue.
> 
> It's the Win98/ME machines that are giving me the grief.
> They see the Linux box in the workgroup but, cannot get past security to see
> the shared folders.
> They want a password and I can't seem to catch who the username is. I tried
> adding the logon name and the network name figuring it would be one or the
> other - both case sensitive and not - to the Linux box.
> I got tied up today and am finally looking over the advice to weigh the
> options and start reconfiguring.
> 
> All I want at this point is to replace a Windows machine with a Linux
> machine. It will simply be network storage that I can VPN into to do remote
> backups and maintenance. (ohh the joys of a small family owned business)
> Since I am using hardware VPN, some of my configuration headache is
> alleviated.
> Also, I have everything sitting fairly securely behind a firewall, so I am
> not paranoid about security.
> Although, I like the idea of requiring a username/password to access the
> shared folders.
> 
> As I keep playing with Linux, I am going to start looking at Mail and Web
> services.
> I just need to force myself get this machine implemented or I will end up
> "putting" Linux back in the back-burner again.
> Sorry, I am still more comfortable in a MS world - even after the years of
> Mr. Dinsel's preaching at college <G>.
> Even with the RH9 -that I paid for- it is still cryptic or different - not
> trying to say this is bad only that it takes time to learn.

-- 

"When business interfers with pleasure, give up business!!!"-fwh-

<-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <->
<->     The future of "ALL MANKIND" lies within himself!        <->
<-> Until he figures out who he is, then he can never know me,  <->
<->     and to know me is to know the WORLD... -fwh-            <->
<->                           frankh at zelie.com                  <->
<->                           Some dumb Ham radio operator      <->
<-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <-> <->
Disclaimer:<standard dodo.c>