1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
8 CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
12 HREF="samba-faq.html"><LINK
14 TITLE="Specific client application problems"
15 HREF="clientapp.html"><LINK
18 HREF="features.html"></HEAD
29 SUMMARY="Header navigation table"
73 NAME="ERRORS">Chapter 5. Common errors</H1
79 NAME="AEN205">5.1. Not listening for calling name</H1
82 CLASS="PROGRAMLISTING"
83 >Session request failed (131,129) with myname=HOBBES destname=CALVIN
84 Not listening for calling name</PRE
87 >If you get this when talking to a Samba box then it means that your
88 global "hosts allow" or "hosts deny" settings are causing the Samba
89 server to refuse the connection. </P
91 >Look carefully at your "hosts allow" and "hosts deny" lines in the
92 global section of smb.conf. </P
94 >It can also be a problem with reverse DNS lookups not functioning
95 correctly, leading to the remote host identity not being able to
96 be confirmed, but that is less likely.</P
103 NAME="AEN212">5.2. System Error 1240</H1
105 >System error 1240 means that the client is refusing to talk
106 to a non-encrypting server. Microsoft changed WinNT in service
107 pack 3 to refuse to connect to servers that do not support
108 SMB password encryption.</P
110 >There are two main solutions:
118 >enable SMB password encryption in Samba. See the encryption part of
119 the samba HOWTO Collection</TD
123 >disable this new behaviour in NT. See the section about
124 Windows NT in the chapter "Portability" of the samba HOWTO collection</TD
137 NAME="AEN219">5.3. smbclient ignores -N !</H1
141 >"When getting the list of shares available on a host using the command
146 the program always prompts for the password if the server is a Samba server.
147 It also ignores the "-N" argument when querying some (but not all) of our
151 >No, it does not ignore -N, it is just that your server rejected the
152 null password in the connection, so smbclient prompts for a password
155 >To get the behaviour that you probably want use <B
157 >smbclient -L host -U%</B
160 >This will set both the username and password to null, which is
161 an anonymous login for SMB. Using -N would only set the password
162 to null, and this is not accepted as an anonymous login for most
170 NAME="AEN228">5.4. The data on the CD-Drive I've shared seems to be corrupted!</H1
172 >Some OSes (notably Linux) default to auto detection of file type on
173 cdroms and do cr/lf translation. This is a very bad idea when use with
174 Samba. It causes all sorts of stuff ups.</P
176 >To overcome this problem use conv=binary when mounting the cdrom
177 before exporting it with Samba.</P
184 NAME="AEN232">5.5. Why can users access home directories of other users?</H1
188 >"We are unable to keep individual users from mapping to any other user's
189 home directory once they have supplied a valid password! They only need
190 to enter their own password. I have not found *any* method that I can
191 use to configure samba to enforce that only a user may map their own
192 home directory."</SPAN
197 >"User xyzzy can map his home directory. Once mapped user xyzzy can also map
198 *anyone* elses home directory!"</SPAN
201 >This is not a security flaw, it is by design. Samba allows
202 users to have *exactly* the same access to the UNIX filesystem
203 as they would if they were logged onto the UNIX box, except
204 that it only allows such views onto the file system as are
205 allowed by the defined shares.</P
207 >This means that if your UNIX home directories are set up
208 such that one user can happily cd into another users
209 directory and do an ls, the UNIX security solution is to
210 change the UNIX file permissions on the users home directories
211 such that the cd and ls would be denied.</P
213 >Samba tries very hard not to second guess the UNIX administrators
214 security policies, and trusts the UNIX admin to set
215 the policies and permissions he or she desires.</P
217 >Samba does allow the setup you require when you have set the
218 "only user = yes" option on the share, is that you have not set the
219 valid users list for the share.</P
221 >Note that only user works in conjunction with the users= list,
222 so to get the behavior you require, add the line :
224 CLASS="PROGRAMLISTING"
227 this is equivalent to:
229 CLASS="PROGRAMLISTING"
230 >valid users = %S</PRE
232 to the definition of the [homes] share, as recommended in
233 the smb.conf man page.</P
240 NAME="AEN245">5.6. Until a few minutes after samba has started, clients get the error "Domain Controller Unavailable"</H1
242 >A domain controller has to announce on the network who it is. This usually takes a while.</P
249 NAME="AEN248">5.7. I'm getting "open_oplock_ipc: Failed to get local UDP socket for address 100007f. Error was Cannot assign requested" in the logs</H1
251 >Your loopback device isn't working correctly. Make sure it's running.</P
259 SUMMARY="Footer navigation table"
270 HREF="clientapp.html"
279 HREF="samba-faq.html"
298 >Specific client application problems</TD