Hi I encounter the same problem accessing UNIX exports from W2K. To solve the problem (it works for UNIX so I guess it will work for LINUX), on your W2K station do (you may need to log as administrator): a. activate Control panel | select Administrative-Tools | select local Security policy b. choose local policies | chose security Options c. find the key: "send unencrypted password to connect to third part SMB servers " & enable it
I hope that this will help you (at list temporarily) Shahar Dag ____________________________________________________________________________ _________________ I am looking for old Vinyl record. If you have any that you don't need please call me at 972-56-862264 or send me mail to [EMAIL PROTECTED] Thanks Shahar ----- Original Message ----- From: "Tzafrir Cohen" <[EMAIL PROTECTED]> To: "Ira Abramov" <[EMAIL PROTECTED]> Cc: "Linux-IL mailing list" <[EMAIL PROTECTED]> Sent: Thursday, November 28, 2002 12:34 PM Subject: Re: How to export Linux/Samba shares to Windows 2000? > On Thu, 28 Nov 2002, Ira Abramov wrote: > > > Quoting Omer Zak, from the post of Thu, 28 Nov: > > > I was successful in having the Linux PC access files in shared folders in > > > the Win PC.However, the Win PC was denied access to directories exported > > > by the Samba in the Linux PC. > > > > my first guess (without enough info...) would be the password > > encryption. windows clients use a scheme where the password is sent as a > > hash and compared by the server to its own hash. the problem is that > > it's incompatible with Unix crypt nor MD5. solutions: > > Not exactly: It uses a chalange-response protocol. This means that the > password need not travel accross the wire. However, it also means that the > server needs to know the password: a hash (e.g: crypt, md5) of it won't > do. > > The password database is still "encrypted" (read: obfuscated) locally, so > you won't get the passwords by means of pure cat. You'd still get a > paswrod-equivalent. > > In plain words if someone gains root: that one can have the passwords of > all the samba users > > > > > 1. make the windows machine send cleartext passwords (less secure, look > > in the samba docs directory for instructions, it means creating a key in > > the registry and rebooting) > > > > 2. create an smbpasswd file on the linux side (man smbpasswd) and keep > > or don't keep it in synch with the /etc/shadow manually. I like the idea > > of keeping the CIFS authentications seperate from shell accounts. > > > > In light of the above, this seems wise. > > -- > Tzafrir Cohen > mailto:[EMAIL PROTECTED] > http://www.technion.ac.il/~tzafrir > > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
