Samba 提示输入密码两次

Samba 提示输入密码两次

我有一个相对较新的 samba 安装,配置为允许 Windows 用户访问系统日志服务器(“littleEngineer”)上的一些日志文件。但是,它会提示输入密码才能通过访问获取共享列表\\littleEngineer\,有没有办法禁用此行为,以便仅在用户尝试访问安全共享时才提示输入密码?

这是我的testparm输出:

root@littleEngineer /var/log/samba $ testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: The "idmap uid" option is deprecated
WARNING: The "idmap gid" option is deprecated
Processing section "[aviationLogs]"
WARNING: The security=share option is deprecated
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
        workgroup = BIZCO
        realm = BIZCO.COM
        server string = Samba Server Version %v
        security = SHARE
        password server = BIZCO.COM
        log file = /var/log/samba/log.%m
        max log size = 50
        utmp = Yes
        template shell = /bin/bash
        winbind use default domain = Yes
        idmap config * : range = 16777216-33554431
        idmap config * : backend = tdb
        cups options = raw

[aviationLogs]
        comment = Apache httpd Log Files (Access and Error)
        path = /var/log/central-logs/aviation
        force user = root
        guest ok = Yes

编辑:

客户端:Windows 7 SP1 客户端计算机通过 VPN 连接到客户的本地网络,但不属于其 AD 域。 Samba 是为 Bizco.com(我们的客户端)配置的,假设我的笔记本电脑是 Fuzzypants.com 域的一部分。

log.%m我拉起共享并单击提示上的“取消”时开始:

[2014/08/13 21:56:28.812088,  3] lib/access.c:338(allow_access)
  Allowed connection from xxx.xxx.28.194 (xxx.xxx.28.194)
[2014/08/13 21:56:28.812201,  3] smbd/oplock.c:922(init_oplocks)
  init_oplocks: initializing messages.
[2014/08/13 21:56:28.812372,  3] smbd/oplock_linux.c:226(linux_init_kernel_oplocks)
  Linux kernel oplocks enabled
[2014/08/13 21:56:28.812519,  3] smbd/process.c:1662(process_smb)
  Transaction 0 of length 159 (0 toread)
[2014/08/13 21:56:28.812569,  3] smbd/process.c:1467(switch_message)
  switch message SMBnegprot (pid 2467) conn 0x0
[2014/08/13 21:56:28.813049,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2014/08/13 21:56:28.813104,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [LANMAN1.0]
[2014/08/13 21:56:28.813143,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [Windows for Workgroups 3.1a]
[2014/08/13 21:56:28.813177,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [LM1.2X002]
[2014/08/13 21:56:28.813212,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [LANMAN2.1]
[2014/08/13 21:56:28.813247,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [NT LM 0.12]
[2014/08/13 21:56:28.813315,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [SMB 2.002]
[2014/08/13 21:56:28.813350,  3] smbd/negprot.c:598(reply_negprot)
  Requested protocol [SMB 2.???]
[2014/08/13 21:56:28.813514,  3] smbd/negprot.c:401(reply_nt1)
  not using SPNEGO
[2014/08/13 21:56:28.813553,  3] smbd/negprot.c:704(reply_negprot)
  Selected protocol NT LM 0.12
[2014/08/13 21:56:46.975628,  1] smbd/process.c:457(receive_smb_talloc)
  receive_smb_raw_talloc failed for client xxx.xxx.28.194 read error = NT_STATUS_CONNECTION_RESET.
[2014/08/13 21:56:46.975865,  3] smbd/server_exit.c:181(exit_server_common)
  Server exit (failed to receive smb request)

我可以提供成功身份验证的日志输出,但它可能没有那么丰富的信息。

编辑#2

由于最后一个日志没有任何信息告诉我通过登录提示并开始check_ntlm_password看到log.%m

[2014/08/14 12:33:59.988239,  3] auth/auth.c:219(check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user []\[]@[] with the new password interface
[2014/08/14 12:33:59.988274,  3] auth/auth.c:222(check_ntlm_password)
  check_ntlm_password:  mapped user is: []\[]@[]
[2014/08/14 12:33:59.988328,  3] auth/auth.c:268(check_ntlm_password)
  check_ntlm_password: guest authentication for user [] succeeded
[2014/08/14 12:33:59.988379,  3] smbd/process.c:1467(switch_message)
  switch message SMBtconX (pid 6290) conn 0x0
[2014/08/14 12:33:59.988450,  3] lib/access.c:338(allow_access)
  Allowed connection from XXX.XXX.29.76 (XXX.XXX.29.76)
[2014/08/14 12:33:59.988613,  3] auth/auth.c:219(check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [bizco]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.988651,  3] auth/auth.c:222(check_ntlm_password)
  check_ntlm_password:  mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.988735,  3] auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.988772,  2] auth/auth.c:319(check_ntlm_password)
  check_ntlm_password:  Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.988819,  3] auth/auth.c:219(check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [BIZCO]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.988853,  3] auth/auth.c:222(check_ntlm_password)
  check_ntlm_password:  mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.988927,  3] auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.988964,  2] auth/auth.c:319(check_ntlm_password)
  check_ntlm_password:  Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.989005,  3] auth/auth.c:219(check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [BIZCO]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.989039,  3] auth/auth.c:222(check_ntlm_password)
  check_ntlm_password:  mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.989092,  3] auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.989126,  2] auth/auth.c:319(check_ntlm_password)
  check_ntlm_password:  Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.989167,  3] auth/auth.c:219(check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [BIZCO]\[davisja5]@[XXX.XXX.29.76] with the new password interface
[2014/08/14 12:33:59.989201,  3] auth/auth.c:222(check_ntlm_password)
  check_ntlm_password:  mapped user is: [XXXXXXVLP01]\[davisja5]@[XXX.XXX.29.76]
[2014/08/14 12:33:59.989253,  3] auth/check_samsec.c:399(check_sam_security)
  check_sam_security: Couldn't find user 'davisja5' in passdb.
[2014/08/14 12:33:59.989286,  2] auth/auth.c:319(check_ntlm_password)
  check_ntlm_password:  Authentication for user [davisja5] -> [davisja5] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/08/14 12:33:59.989359,  3] smbd/password.c:721(authorise_login)
  authorise_login: ACCEPTED: guest account and guest ok (root)
[2014/08/14 12:33:59.989566,  3] passdb/lookup_sid.c:1754(get_primary_group_sid)
  Forcing Primary Group to 'Domain Users' for root
[2014/08/14 12:33:59.989752,  3] smbd/service.c:872(make_connection_snum)
  Connect path is '/tmp' for service [IPC$]

相关内容