# Samba NTFS File Sharing issues!! [SOLVED]

## williamg

I've been trying to share my ntfs share on my gentoo box for about 4 days and its driving me crazy.. Been looking through the forums but can't find a fix. Basically I'm trying to share a mounted NTFS partition on my harddisk. My FAT32 partition can be seen from other computers but the NTFS shared folder keeps asking for a user name and password (which i have set). If i set the folder to public it will not let me open the folder either. Someone please help.Last edited by williamg on Thu Aug 04, 2005 10:09 pm; edited 1 time in total

----------

## adaptr

NTFS volumes have an owner and a set of ACLs, presumably you need actual access to these before you can change them over SMB.

I wouldn't do it - write "support" is still very flaky for NTFS.

----------

## williamg

Does that mean I can't share any NTFS folders on my gentoo system because of this file writing issue ? Please confirm this.

----------

## williamg

How about just sharing it as read-only. I just need to be able to access my media files over the network. I don't neccssarily need to write anything to the NTFS volume. I have a FAT32 partition for writing. Please let me know.

My current samba config for the NTFS partition is: 

[My Music]

   comment = Nexus My Music

   path = /mnt/windows_C/Documents\ and\ Settings/Wills/My\ Documents/My\ Music

   valid users = wills

   read only = yes

   public = no

   browseable = yes

If read only for samba NTFS is okay, is this setting correct? If not what should i fix.

Cheers again.

----------

## adaptr

As I said above, NTFS support on Linux kernels is /flaky/.

This has nothing to do with your issues, but it should be considered.

The reason you need drive level access to use an NTFS share (a username/password is generally referred to as needing access permissions) is because NTFS volumes actually have those - like ext2/3 etc. also have access permissions for specific users and groups.

FAT32 doesn't have any concept of ownership; as far as it is concerned, you use it == you own it.

So you need to access it with a user that has permissions to read or write the actual disk - not just the share.

Since this is virtually impossible to synchronise (NTFS uses UIDs that are intricately connected to the user IDs of the Windows system that underlies it), just using the same username as your share access probably won't do.

If you want to know how Knoppix does it, then examine how Knoppix does it.

----------

## nobspangle

The current ntfs drivers (in the 2.6 kernel) are fine, I would stay clear of the 2.4 ones.

Even write support is stable, but fairly useless as it only let's you change the contents of a file without changing it's file size.

You should be fine for read only access, mount the volume read only so that there is no danger of changing anything, then use the following share definition in samba.

```
[My Music]

comment = Nexus My Music

path = /mnt/windows_C/Documents\ and\ Settings/Wills/My\ Documents/My\ Music

valid users = wills

read only = yes

public = no

browseable = yes

force user = root
```

force user=root is normally not recommended but as long as you are on a secure network and you are mounting a readonly share it shouldn't be a problem.

----------

## darkphader

 *nobspangle wrote:*   

> force user=root is normally not recommended

 

He shouldn't need that as long as he mounts the partition with uid=<hisuserid>, or a umask=0.

To be safe don't even compile NTFS write support into the kernel.

Make a FAT32 parition and read/write privileges from both OS's will be available.

----------

## williamg

I tried the "force user = root" but it didnt work.

My entry for the NTFS partition in fstab is:

/dev/hda1     /mnt/windows_C  ntfs      ro,defaults,user,uid=wills,umask=0222,gid=users    0 0

My FAT32 partition works fine. I am just trying to get this partition shareable over samba because my music is on this partition as i explained earlier.

----------

## tutaepaki

So are you able to mount and access the NTFS partition on the local machine OK ? If so, it's a samba issue, so you need to post your SAMBA defs for the share

----------

## williamg

I attached my samba config for the share earlier in the thread. Here it is again.

Yes This partition mounts fine on the local linux sys.

[My Music]

comment = Nexus My Music

path = /mnt/windows_C/Documents\ and\ Settings/Wills/My\ Documents/My\ Music

valid users = wills

read only = yes

public = no

browseable = yes

----------

## darkphader

 *williamg wrote:*   

> Yes This partition mounts fine on the local linux sys.

 

And is it readable by your user on the local Linux system?

What does "smbtree" in a console show?

 *williamg wrote:*   

> 
> 
> [My Music]
> 
> comment = Nexus My Music
> ...

 

If you answered yes to the first question above:

Are you using user or share level security (you didn't reveal a complete smb.conf)?

If user level security, are you using an identical username and password on the other system?

If not turn guest access on and try it (public=yes). Or use share level security and match your username and password. Or change your username and password to match.

----------

## williamg

The ntfs partition is readable by me on my local gentoo system.

smbtree in console returns

```

nexus ~ # smbtree

Password:

MSHOME

        \\BEAST

                \\BEAST\Printer             Microsoft Office Document Image Writer

                \\BEAST\Movies

                \\BEAST\SharedDocs

                \\BEAST\print$              Printer Drivers

                \\BEAST\IPC$                Remote IPC

        \\NEXUS                         Samba Server

                \\NEXUS\Samba Portal    Samba Portal (Shares)

                \\NEXUS\Trans Stuff     Transfer Stuff

                \\NEXUS\My Music        Nexus My Music 

                \\NEXUS\Transfer G      Transfer_G

                \\NEXUS\print$          Home Directories

nexus ~ #

```

"Security = user" in smb.conf. I tried share level security a few days ago but that didnt work either. Any new ideas?

----------

## wesw02

This is a change of pace, but if your a newbie with samba and really don't fell like dealing with the configuration your can emerge webmin (i believe thats what its called), theres also another good one called samba swat (not sure if available threw portage, wouldn't be surprised if it was though), those two are web interfaced systems that help you to setup your samba shares quick and simple. Thats just an idea to look into.

----------

## darkphader

 *williamg wrote:*   

> "Security = user" in smb.conf. I tried share level security a few days ago but that didnt work either. Any new ideas?

 

Not really, but there are some things you haven't answered. Like does your username and passwsord from the remote system match that of your Linux system?

Have you tried allowing guest access?

Is your smb.conf copyrighted by another user who is preventing you from posting the whole of it?

Edit: since you're using security=user the Windows username/password needs to match (unless you want to be bothered putting in a set of credentials everytime you connect) your Samba username/password specifically, although most users prefer to keep these (Linux and Samba) in sync.

----------

## williamg

I could try webmin or samba swat but I would really like to get it working directly through samba smb.conf if possible.

User trying to connet to samba NTFS share is Williamg. ( user has been assigned samba passwod etc ).

My config for the NTFS share is further down towards the end of smb.conf

Here is my smb.conf

```

nexus samba # pwd

/etc/samba

nexus samba # cat smb.conf

#======================= Global Settings =====================================

[global]

# 1. Server Naming Options:

# workgroup = NT-Domain-Name or Workgroup-Name

   workgroup = MSHOME

# netbios name is the name you will see in "Network Neighbourhood",

# but defaults to your hostname

   netbios name = NEXUS

# server string is the equivalent of the NT Description field

  # server string = Samba Server %v

  server string = Samba Server 

# Message command is run by samba when a "popup" message is sent to it.

# The example below is for use with LinPopUp:

; message command = /usr/bin/linpopup "%f" "%m" %s; rm %s

# 2. Printing Options:

# CHANGES TO ENABLE PRINTING ON ALL CUPS PRINTERS IN THE NETWORK

# if you want to automatically load your printer list rather

# than setting them up individually then you'll need this

   printcap name = cups

   load printers = yes

# It should not be necessary to spell out the print system type unless

# yours is non-standard. Currently supported print systems include:

# bsd, sysv, plp, lprng, aix, hpux, qnx, cups

   printing = cups

# Samba 3.x supports the Windows NT-style point-and-print feature. To

# use this, you need to be able to upload print drivers to the samba

# server. The printer admins (or root) may install drivers onto samba.

# Note that this feature uses the print$ share, so you will need to 

# enable it below.

# printer admin = @<group> <user>

   printer admin = @adm

# This should work well for winbind:

;   printer admin = @"Domain Admins"

# 3. Logging Options:

# this tells Samba to use a separate log file for each machine

# that connects

   log file = /var/log/samba3/log.%m

# Put a capping on the size of the log files (in Kb).

   max log size = 50

# Set the log (verbosity) level (0 <= log level <= 10)

; log level = 3

# 4. Security and Domain Membership Options:

# This option is important for security. It allows you to restrict

# connections to machines which are on your local network. The

# following example restricts access to two C class networks and

# the "loopback" interface. For more examples of the syntax see

# the smb.conf man page. Do not enable this if (tcp/ip) name resolution does

# not work for all the hosts in your network.

;   hosts allow = 192.168.1. 192.168.2. 127.

# Uncomment this if you want a guest account, you must add this to /etc/passwd

# otherwise the user "nobody" is used

;  guest account = pcguest

# Allow users to map to guest:

  map to guest = bad user

# Security mode. Most people will want user level security. See

# security_level.txt for details.

   security = user

# Use password server option only with security = server or security = domain

# When using security = domain, you should use password server = *

;   password server = <NT-Server-Name>

;   password server = *

# Password Level allows matching of _n_ characters of the password for

# all combinations of upper and lower case.

;  password level = 8

;  username level = 8

# You may wish to use password encryption. Please read

# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.

# Do not enable this option unless you have read those documents

# Encrypted passwords are required for any use of samba in a Windows NT domain

# The smbpasswd file is only required by a server doing authentication, thus

# members of a domain do not need one.

  encrypt passwords = yes

  smb passwd file = /etc/samba/private/smbpasswd

# The following are needed to allow password changing from Windows to

# also update the Linux system password.

# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.

# NOTE2: You do NOT need these to allow workstations to change only

#        the encrypted SMB passwords. They allow the Unix password

#        to be kept in sync with the SMB password.

;  unix password sync = Yes

# You either need to setup a passwd program and passwd chat, or

# enable pam password change

;  pam password change = yes

;  passwd program = /usr/bin/passwd %u

;  passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \

;*passwd:*all*authentication*tokens*updated*successfully*

# Unix users can map to different SMB User names

;  username map = /etc/samba/smbusers

# Using the following line enables you to customise your configuration

# on a per machine basis. The %m gets replaced with the netbios name

# of the machine that is connecting

;   include = /etc/samba/smb.conf.%m

# Options for using winbind. Winbind allows you to do all account and

# authentication from a Windows or samba domain controller, creating

# accounts on the fly, and maintaining a mapping of Windows RIDs to unix uid's 

# and gid's. idmap uid and idmap gid are the only required parameters.

#

# winbind separator is the character a user must use between their domain

# name and username, defaults to "\"

;  winbind separator = +

#

# winbind use default domain allows you to have winbind return usernames

# in the form user instead of DOMAIN+user for the domain listed in the

# workgroup parameter.

;  winbind use default domain = yes

#

# template homedir determines the home directory for winbind users, with 

# %D expanding to their domain name and %U expanding to their username:

;  template homedir = /home/%D/%U

# When using winbind, you may want to have samba create home directories

# on the fly for authenticated users. Ensure that /etc/pam.d/samba is

# using 'service=system-auth-winbind' in pam_stack modules, and then

# enable obedience of pam restrictions below:

;  obey pam restrictions = yes

#

# template shell determines the shell users authenticated by winbind get

;  template shell = /bin/bash

# 5. Browser Control and Networking Options:

# Most people will find that this option gives better performance.

# See speed.txt and the manual pages for details

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# Configure Samba to use multiple interfaces

# If you have multiple network interfaces then you must list them

# here. See the man page for details.

;   interfaces = 192.168.12.2/24 192.168.13.2/24 

# Configure remote browse list synchronisation here

#  request announcement to, or browse list sync from:

#       a specific host or from / to a whole subnet (see below)

;   remote browse sync = 192.168.3.25 192.168.5.255

# Cause this host to announce itself to local subnets here

;   remote announce = 192.168.1.255 192.168.2.44

# set local master to no if you don't want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

;   local master = yes

# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

;   os level = 33

# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don't use this

# if you already have a Windows NT domain controller doing this job

;   domain master = yes 

# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

;   preferred master = yes

# 6. Domain Control Options:

# Enable this if you want Samba to be a domain logon server for 

# Windows95 workstations or Primary Domain Controller for WinNT and Win2k

;   domain logons = yes

# if you enable domain logons then you may want a per-machine or

# per user logon script

# run a specific logon batch file per workstation (machine)

;   logon script = %m.bat

# run a specific logon batch file per username

;   logon script = %U.bat

# Where to store roaming profiles for WinNT and Win2k

#        %L substitutes for this servers netbios name, %U is username

#        You must uncomment the [Profiles] share below

;   logon path = \\%L\Profiles\%U

# Where to store roaming profiles for Win9x. Be careful with this as it also

# impacts where Win2k finds it's /HOME share

; logon home = \\%L\%U\.profile

# The add user script is used by a domain member to add local user accounts

# that have been authenticated by the domain controller, or when adding

# users via the Windows NT Tools (ie User Manager for Domains).

# Scripts for file (passwd, smbpasswd) backend:

; add user script = /usr/sbin/useradd -s /bin/false '%u'

; delete user script = /usr/sbin/userdel '%s'

; add user to group script = /usr/bin/gpasswd -a '%u' '%g'

; delete user from group script = /usr/bin/gpasswd -d '%u' '%g'

; set primary group script = /usr/sbin/usermod -g '%g' '%u'

; add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}'

; delete group script = /usr/sbin/groupdel '%g'

# Scripts for LDAP backend (assumes nss_ldap is in use on the domain controller.

# Needs IDEALX scripts, and configuration in smbldap_conf.pm.

# This assumes you've installed the IDEALX scripts into /usr/share/samba/scripts...

; add user script = /usr/share/samba/scripts/smbldap-useradd.pl '%u'

; delete user script = /usr/share/samba/scripts/smbldap-userdel.pl '%u'

; add user to group script = /usr/share/samba/scripts/smbldap-groupmod.pl -m '%u' '%g'

; delete user from group script = /usr/share/samba/scripts/smbldap-groupmod.pl -x '%u' '%g'

; set primary group script = /usr/share/samba/scripts/smbldap-usermod.pl -g '%g' '%u'

; add group script = /usr/share/samba/scripts/smbldap-groupadd.pl '%g' && /usr/share/samba/scripts/smbldap-groupshow.pl %g|awk '/^gidNumber:/ {print $2}'

; delete group script = /usr/share/samba/scripts/smbldap-userdel.pl '%g'

# The add machine script is use by a samba server configured as a domain

# controller to add local machine accounts when adding machines to the domain.

# The script must work from the command line when replacing the macros,

# or the operation will fail. Check that groups exist if forcing a group.

# Script for domain controller for adding machines:

; add machine script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M '%u'

# Script for domain controller with LDAP backend for adding machines (You need

# the IDEALX scripts, and to configure the smbldap_conf.pm first):

; add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d /dev/null -g machines -c 'Machine Account' -s /bin/false '%u'

# Domain groups:

# Domain groups are now configured by using the 'net groupmap' tool

# Samba Password Database configuration:

# Samba now has runtime-configurable password database backends. Multiple

# passdb backends may be used, but users will only be added to the first one

# Default:

; passdb backend = smbpasswd guest

# TDB backen with fallback to smbpasswd and guest

; passdb backend = tdbsam smbpasswd guest

# LDAP with fallback to smbpasswd guest

# Enable SSL by using an ldaps url, or enable tls with 'ldap ssl' below.

; passdb backend = ldapsam:ldaps://ldap.mydomain.com smbpasswd guest

# Use the samba2 LDAP schema:

; passdb backend = ldapsam_compat:ldaps://ldap.mydomain.com smbpasswd guest

# idmap uid account range:

# This is a range of unix user-id's that samba will map non-unix RIDs to,

# such as when using Winbind

; idmap uid = 10000-20000

; idmap gid = 10000-20000

  

# LDAP configuration for Domain Controlling:

# The account (dn) that samba uses to access the LDAP server

# This account needs to have write access to the LDAP tree

# You will need to give samba the password for this dn, by 

# running 'smbpasswd -w mypassword'

; ldap admin dn = cn=root,dc=mydomain,dc=com

; ldap ssl = start_tls

# start_tls should run on 389, but samba defaults incorrectly to 636

; ldap port = 389

; ldap suffix = dc=mydomain,dc=com

; ldap server = ldap.mydomain.com

# Seperate suffixes are available for machines, users, groups, and idmap, if 

# ldap suffix appears first, it is appended to the specific suffix.

# Example for a unix-ish directory layout:

; ldap machine suffix = ou=Hosts

; ldap user suffix = ou=People

; ldap group suffix = ou=Group

; ldap idmap suffix = ou=Idmap

# Example for AD-ish layout:

; ldap machine suffix = cn=Computers

; ldap user suffix = cn=Users

; ldap group suffix = cn=Groups

; ldap idmap suffix = cn=Idmap

# 7. Name Resolution Options:

# All NetBIOS names must be resolved to IP Addresses

# 'Name Resolve Order' allows the named resolution mechanism to be specified

# the default order is "host lmhosts wins bcast". "host" means use the unix

# system gethostbyname() function call that will use either /etc/hosts OR

# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf

# and the /etc/resolv.conf file. "host" therefore is system configuration

# dependant. This parameter is most often of use to prevent DNS lookups

# in order to resolve NetBIOS names to IP Addresses. Use with care!

# The example below excludes use of name resolution for machines that are NOT

# on the local network segment

# - OR - are not deliberately to be known via lmhosts or via WINS.

; name resolve order = wins lmhosts bcast

# Windows Internet Name Serving Support Section:

# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server

;   wins support = yes

# WINS Server - Tells the NMBD components of Samba to be a WINS Client

#       Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

;   wins server = w.x.y.z

# WINS Proxy - Tells Samba to answer name resolution queries on

# behalf of a non WINS capable client, for this to work there must be

# at least one  WINS Server on the network. The default is NO.

;   wins proxy = yes

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups. The built-in default for versions 1.9.17 is yes,

# this has been changed in version 1.9.18 to no.

   dns proxy = no 

# 8. File Naming Options:

# Case Preservation can be handy - system default is _no_

# NOTE: These can be set on a per share basis

;  preserve case = no

;  short preserve case = no

# Default case is normally upper case for all DOS files

;  default case = lower

# Be very careful with case sensitivity - it can break things!

;  case sensitive = no

# Enabling internationalization:

# you can match a Windows code page with a UNIX character set.

# Windows: 437 (US), 737 (GREEK), 850 (Latin1 - Western European),

# 852 (Czech), 861 (???), 932 (Japanese),

# 936 (Simplified Chin.), 949 (Korean Hangul),

# 950 (Trad. Chin.).

# More detail about code page is in

# "http://www.microsoft.com/globaldev/reference/oslocversion.mspx"

# UNIX: ISO8859-1 (Western European), ISO8859-2 (Eastern Eu.),

# ISO8859-5 (Russian Cyrillic), KOI8-R (Alt-Russ. Cyril.)

# This is an example for french users:

;   dos charset = 850

;   unix charset = ISO8859-1

#============================ Share Definitions ==============================

#[homes]

   comment = Home Directories

   browseable = no

   writable = no

# You can enable VFS recycle bin on a per share basis:

# Uncomment the next 2 lines (make sure you create a

# .recycle folder in the base of the share and ensure

# all users will have write access to it. See

# examples/VFS/recycle/REAME in the samba docs for details

;   vfs object = /usr/lib/samba/vfs/recycle.so

# Un-comment the following and create the netlogon directory for Domain Logons

; [netlogon]

;   comment = Network Logon Service

;   path = /var/lib/samba/netlogon

;   guest ok = yes

;   writable = no

# Un-comment the following to provide a specific roving profile share

# the default is to use the user's home directory

;[Profiles]

;    path = /var/lib/samba/profiles

;    browseable = no

;    guest ok = yes

# This script can be enabled to create profile directories on the fly

# You may want to turn off guest acces if you enable this, as it

# hasn't been thoroughly tested.

;root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \

;                then mkdir -pm700 $PROFILE; chown %u:%g $PROFILE;fi

# NOTE: If you have a CUPS print system there is no need to 

# specifically define each individual printer.

# You must configure the samba printers with the appropriate Windows

# drivers on your Windows clients. On the Samba server no filtering is

# done. If you wish that the server provides the driver and the clients

# send PostScript ("Generic PostScript Printer" under Windows), you have

# to swap the 'print command' line below with the commented one.

[printers]

   comment = All Printers

   path = /var/spool/samba

   browseable = no

# to allow user 'guest account' to print.

   guest ok = yes

   writable = no

   printable = yes

   create mode = 0700

# =====================================

# print command: see above for details.

# =====================================

   print command = lpr-cups -P %p -o raw %s -r   # using client side printer drivers.

;   print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients).

# The following two commands are the samba defaults for printing=cups

# change them only if you need different options:

;   lpq command = lpq -P %p

;   lprm command = cancel %p-%j

# This share is used for Windows NT-style point-and-print support.

# To be able to install drivers, you need to be either root, or listed

# in the printer admin parameter above. Note that you also need write access

# to the directory and share definition to be able to upload the drivers.

# For more information on this, please see the Printing Support Section of

# /usr/share/doc/samba-<version>/Samba-HOWTO-Collection.pdf 

[print$]

   path = /var/lib/samba/printers

   browseable = yes

   read only = yes

   write list = @adm root

   guest ok = yes

# This one is useful for people to share files

;[tmp]

;   comment = Temporary file space

;   path = /tmp

;   read only = no

;   public = yes

# A publicly accessible directory, but read only, except for people in

# the "staff" group

;[public]

;   comment = Public Stuff

;   path = /home/samba/public

;   public = yes

;   writable = no

;   write list = @staff

# Audited directory through experimental VFS audit.so module:

# Uncomment next line.

;   vfs object = /usr/lib/samba/vfs/audit.so

# Other examples. 

#

# A private printer, usable only by Fred. Spool data will be placed in Fred's

# home directory. Note that fred must have write access to the spool directory,

# wherever it is.

;[fredsprn]

;   comment = Fred's Printer

;   valid users = fred

;   path = /homes/fred

;   printer = freds_printer

;   public = no

;   writable = no

;   printable = yes

# A private directory, usable only by Fred. Note that Fred requires write

# access to the directory.

# ===================

# NETWORK FILE SHARES

# ===================

# ======================

# PRIVATE SHARED FOLDERS

# ======================

[Williamg - My Documents]

   comment = williamg's Documents

   path = /home/williamg/myDocuments

   valid users = williamg

   public = no 

   browseable = yes

   writable = yes

   printable = no

   create mask = 0765

   

[Transfer G]

   comment = Transfer_G

   path = /mnt/transfer_G/transfer

   valid users = williamg

   public = no

   browseable = yes

   writable = yes

# =====================

# PUBLIC SHARED FOLDERS

# =====================

[Nexus Downloads]

   comment = Nexus Downloaded Files

   path = /home/williamg/myDownloads

   only guest = yes

   writable = no

   public = yes

   browseable = yes

   create mask = 0765

[My Music]

   comment = Nexus My Music

   path = /mnt/windows_C/Documents\ and\ Settings/Wills/My\ Documents/My\ Music

   valid users = williamg

   read only = yes

   public = no

   browseable = yes

[Trans Stuff]

   comment = Transfer Stuff

   path = /mnt/transfer_G/stuff

   valid users = williamg

   writable = no

   public = yes

   browseable = yes

   create mask = 0765  

[Samba Portal]

   comment = Samba Portal (Shares)

   path = /home/williamg/sambaPortal

   only guest = yes

   writable = yes

   public = yes

   browseable = yes

   create mask = 0765

# ======================================================================

# a service which has a different directory for each machine that connects

# this allows you to tailor configurations to incoming machines. You could

# also use the %u option to tailor it by user name.

# The %m gets replaced with the machine name that is connecting.

;[pchome]

;  comment = PC Directories

;  path = /usr/pc/%m

;  public = no

;  writable = yes

# A publicly accessible directory, read/write to all users. Note that all files

# created in the directory by users will be owned by the default user, so

# any user with access can delete any other user's files. Obviously this

# directory must be writable by the default user. Another user could of course

# be specified, in which case all files would be owned by that user instead.

;[public]

;   path = /usr/somewhere/else/public

;   public = yes

;   only guest = yes

;   writable = yes

;   printable = no

# The following two entries demonstrate how to share a directory so that two

# users can place files there that will be owned by the specific users. In this

# setup, the directory should be writable by both users and should have the

# sticky bit set on it to prevent abuse. Obviously this could be extended to

# as many users as required.

;[myshare]

;   comment = Mary's and Fred's stuff

;   path = /usr/somewhere/shared

;   valid users = mary fred

;   public = no

;   writable = yes

;   printable = no

;   create mask = 0765

nexus samba #

```

----------

## adaptr

 *Quote:*   

> I could try webmin or samba swat but I would really like to get it working directly through samba smb.conf if possible

 

Both webmin and swat actually do write a normal, readable smb.conf.

You can always modify or examine that later.

I would recommend swat, because

A. you already have it - it's part of samba, and

B. webmin tries to do so many things it tends to screw some of them up.

----------

## williamg

I finally got swat up and running. But after several tweaks to the samba config using swat, I still cant get the ntfs parition working. If you have an smb.conf with ntfs working the way i intend mine to work, can you post it up so i can look @ it and update mine accordingly. Even if this doesnt work thanks for letting me know about swat. It will definitely come in handy over the next few days.

----------

## darkphader

The trouble with swat is that it requires xinetd, something I would rather do without.

It's good to eliminate the comments when posting such files.

```
sed -e 's/[#;].*//;/^\s*$/d'
```

 is one version that will clean up the smb.conf. After cleaning and removing the other shares as they don't effect us we get:

```
 [global] 

    workgroup = MSHOME 

    netbios name = NEXUS 

   server string = Samba Server 

    printcap name = cups 

    load printers = yes 

    printing = cups 

    printer admin = @adm 

    log file = /var/log/samba3/log.%m 

    max log size = 50 

   map to guest = bad user 

    security = user 

   encrypt passwords = yes 

   smb passwd file = /etc/samba/private/smbpasswd 

    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 

    dns proxy = no 

    comment = Home Directories 

    browseable = no 

    writable = no 

 [My Music] 

    comment = Nexus My Music 

    path = /mnt/windows_C/Documents\ and\ Settings/Wills/My\ Documents/My\ Music 

    valid users = williamg 

    read only = yes 

    public = no 

    browseable = yes 
```

You have some changes made, your "valid users" is changed from your previous post. As there is no "username map" in your global section it would help to know: Have you renamed your Linux user account? Or adid you create a new Linux user and are you now mounting the partition as that user?

What does "net user" return?

What happens when you try to connect from the Windows box? Do you get asked for a username and password.

----------

## williamg

I had 2 accounts i was trying the NTFS share on "wills" and "williamg".. Didnt work on both. I am currently working with williamg. ( i deleted "wills" )

net user does not return anything

```

nexus ~ # net user

Password:

nexus ~ #

```

Sorry about the long smb.conf (wasnt sure if I should have deleted comments etc) thats why i didnt post from beginning of thread.

If i set security to share, the share is not visible on a windows PC. However if i set security to user, the share becomes visible on a windows pc and a username/password window pops up. But the samba password i set up for my username does not work.

P.S: I got swat working like i said earlier.

----------

## darkphader

 *williamg wrote:*   

> net user does not return anything

 

Looks like your problem is that you don't have a Samba user. Do:

```
smbpasswd -a williamg
```

 it will create a Samba user to match your Linux user. Provide that users same password at the prompt. Then 

```
net user
```

 should return your username.

----------

## williamg

I created a samba user "williamg" already.. This was when i first started trying to do all of this.

I have done what you said i should do again just as confirmation but "net user" still returns nothing to console

```

   [17:05:07][root@nexus:MailClient]$ smbpasswd -a williamg

   New SMB password:

   Retype new SMB password:

   [17:05:23][root@nexus:MailClient]$ net user

   Password:

   [17:05:32][root@nexus:MailClient]$

```

----------

## darkphader

Looks like when not dealing with a PDC you need to specify the workgroup or the IP address try:

```
net -I <your IP address> user
```

----------

## williamg

here is the output for 

```

net -I <your IP address> user

```

```

[17:36:26][root@nexus:williamg]$ net -I 192.168.1.11 user

Password:

williamg

nobody

guest

root

[17:36:49][root@nexus:williamg]$ 

```

----------

## darkphader

So all of your shares work except for "My Music"? Yet you can use "My Music" locally on the nix system?

----------

## williamg

yes all my shares work apart from "My Music" and I can also use "My Music" locally.

----------

## darkphader

Hmmm....

My guess then, even though it looks OK, is that there is something screwed up with the "path =" statement.

Move to the /etc/samba directory and do a "testparm", see if it gives you any errors.

Shorten the path statement to just the mount point "path = /mnt/windows_C" and see what happens.

Also for testing purposes (if the above doesn't work), eliminate the "valid users" statement from the share.

----------

## williamg

Oh my goodness!!! It works! Sorry for the late response. I only realised now that the thread had continued on page 2.

I changed the path in the samba smb.conf file to:

```

path = /mnt/windows_C

```

I can was able to browse content of /mnt/windows_C from a windows pc.That fixed it.

I'll move my music to "/mnt/windows_C/MyMusic" Hopefully that will be fine.

Now moving to the next thing on my list of things to set right in gentoo.. Thanks for helping me cross this off the list of things to do.

----------

## darkphader

 *williamg wrote:*   

> I'll move my music to "/mnt/windows_C/MyMusic" Hopefully that will be fine.

 

Shouldn't have to do that. Just figure out what's wrong with the path statement. Possible typo; maybe the spaces don't need to be escaped; maybe it needs to be quoted, or escaped and quoted (sorry, I don't know the exact syntax here).

You would probably need to make some registry changes to successfully move My Music under Windows, as new program additions will probably recreate it.

----------

## williamg

Its fine now. I just created c:\music in windows and copied all my music over to that directory so i can share now without any problems. Thanks.

----------

## ravkass

Did you manage to fix this?

----------

## williamg

Yes i did. What problem are you having?

----------

