<---- template headericclude ----->
How to: FC4 Samba and Windows in 6 easy steps - Page 2
FedoraForum.org - Fedora Support Forums and Community
Page 2 of 2 FirstFirst 12
Results 16 to 22 of 22
  1. #16
    Join Date
    Apr 2004
    Location
    Daytona Beach, FL
    Age
    58
    Posts
    422
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You are most welcome, Remo.

  2. #17
    Join Date
    Aug 2005
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is there any way to add the following ports using the command line?

    UDP/137 - used by nmbd
    UDP/138 - used by nmbd
    TCP/139 - used by smbd
    TCP/445 - used by smbd

    I currently cannot boot up in the graphical mode.

  3. #18
    Join Date
    Apr 2004
    Location
    Daytona Beach, FL
    Age
    58
    Posts
    422
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    a) if you are using system-config-securitylevel-tui to make iptables config:

    netbios-ns:udp netbios-dgm:udp netbios-ssn:tcp

    b) if you are modifying /etc/sysconfig/iptables direct:

    -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
    Taken from Taken from mib4's post

  4. #19
    jim's Avatar
    jim is offline Retired Community Manager & Avid Drinker Of Suds
    Join Date
    Feb 2005
    Location
    Rochester NY
    Age
    49
    Posts
    4,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Execellent how-to made it sticky for everyone
    Registered Linux User: #376813
    Western NY
    My linux site
    Smolt Profile

    please remember to say if you problem was solved

    Did you get your id10t award today?

  5. #20
    ofer_w Guest
    Quote Originally Posted by wshawn
    Disclaimer: this works perfectly for us on two fdisk'd and fresh installs, one being Fedora Core 4 (5), and the othe Windows XP Service Pack 2. All updates were applied to both systems before this process was completed. We have also gotten a FC4 laptop and multiple Windows XP machines connected with almost no effort since we completed the first machines.

    Our purpose for this project was to isolate users to their own backup areas on a FC4 Linux box, allow users to share FROM the Linux box and not their Windows machines (for security), and basically keep the data redundancy and security beefed up with an additional layer of protection with data still available even if a given users Windows machine goes down.

    Step 1: Opening the Firewall

    Under GNOME head to Dekstop | System Settings | Security Level

    Enter the root password when asked (if you don;t know the password you are finished -- refer this article to your System Admin)

    UDP/137 - used by nmbd
    UDP/138 - used by nmbd
    TCP/139 - used by smbd
    TCP/445 - used by smbd

    Add the following line to "Other ports"137:udp, 138:udp, 139:tcp, 445:tcp

    Select OK

    -- sources
    https://bugzilla.redhat.com/bugzilla....cgi?id=133478
    http://fedora.redhat.com/docs/releas.../fc4/#sn-samba

    There seems to be some confusion in the thread concerning security issues related to opening the firewall. I hope to bring some clarity. Many of us have a hardware router / NAT firewall between our networks and the Internet. We are not going to open these "hardware" ports up (keeping them safe from the Internet), instead we are going to open up the ports on the Linux file server (which gives the local network access), while the Router shields the box from the Internet on ports 137, 138, 139, 445..

    Step 2: Allowing shares from users /home

    For FC4 Open terminal and enter the following ( you must have root / admin password):


    -- source http://fedoraforum.org/forum/showthread.php?t=59437

    FC5 seems to reset this on our system upon reboots to disable the shares from the /home/user folders. To change the settings from the Gnome desktop:

    System | Administration| Security Level and Firewall settings
    Click on the SELinux tab
    Select "Modify SELinux Policy"
    Drop down the SAMBA section
    Check mark "Allow Sambe to share users home directories"

    Step 3: Cause SELinux to relable the files per your changes


    You now need to reboot.

    Step 4: Starting SMB / NMB
    We will discuss two simple ways of doing this (use your own preference). Both methods require root access:

    Method 1:
    Go to Desktop | Server Settings | Services (enter root password as necessary)

    Click on smb and hit start
    Now save it.
    You can close the window now.

    Method 2:
    Open a terminal

    Step 5: Configuring Users
    As it is our purpose to allow users to have access to their data even if their Windows box goes down we are creating local user accounts on the Linux box for each user on the system. To begin with we are only interested in doing one user, as it has been my experience that if one works the rest will work also.

    You will need root access:

    Go to Desktop | System Settings | Users and Groups
    Add a user by clicking OK after you have completed all the fields.

    Now go to Desktop | System Settings | Server Settings | Samba
    Create a user by going to the Prefernces menu and clicking on Samba Users | Add User

    Find the user name in the dropdown box in the Unix Username box.

    Now here is a neat trick. YOU DO NOT HAVE TO HAVE MATCHING USER NAME AND PASSWORDS! This is a huge misunderstanding in the networking / Linux worlds. You only have to remember what it is that you enter here. Your username does NOT have to match the Linux OR Windows username (but it does make life easier).

    In our setup we have the same user name logon for Linux, Windows and Samba. With the logon passwords the same on both boxes, but the Samba password is totally different (this will help a user protect their files if someone discovers their logon name and password - unless they are on his box).

    Step 6: Using the share

    Go to the Windows box of your respected user

    Click on any instance of "My Network Places." You are not looking for the share yet.

    You will need to get to the "Workgroup Computers"

    You may have to hit F5 a couple times or in the worse case reboot the windows machine a couple times. Eventually I turned both off and turned both on. When you see the Linux machine come up in the Workgroup Computers (you are not looking for the share -- only for the machine) click on it. A pop up asking for user name and password should come up if all other steps were finished correctly. At this point put in the SAMBA user name and password and put a check mark in "Remember this password...".

    if you hit ok and the share shows you have just finished. Windows will auto log into using the user name and password you provided REGARDLESS of what those were.

    Some snags

    We have multiple Linux boxes / devices on our network. Come to find out a print server AND the FC4 fileserver were named "localhost.localdomain"
    so as root we edited /etc/hosts


    to read



    Also, check the server settings in the Samba preferences to match the name..

    rebooting the server will get everything straightened out. After the rename the file server popped up and we were running.

    Another snag was trying to edit the /etc/samba/smb.conf file per forums and requests when there was absoluetly no need to touch the file to get shares working.

    Biggest snag is trying to hard. Networking hasn't changed much since its inception, just what we do at the ends of it (before and after transmission). The question to keep in mind is, "What am I trying to accomplish?"

    Finally we can make a real share
    I logged into the server and made two folders for the first user (namely me as network wide admin)

    I made a library which is a read only / visible share for all users. Various utilities for all systems are placed here as well as public files for all usage.

    I made another folder which can be written to but not read for inbound files to my account.

    From my Windows / Linux boxes (logged into the share) I have total access, but those on my network going to the share are limited.

    This should get your shares working at a very minimal level. Things that need to be tightened and secured can now be done as you have gotten the shares working. Repeat steps 5 and 6 as needed.

    --- taken from my site shawndisk.com which I desperately need to get back to developing

    when I am doing all the steps there is problem on the XP with the network card
    the sign for the two computers on the left is changing to x on the two computers and it means there is no network connection - I am conneting the xp and the fedora with net work cable diractly.

    so still not sure what to do on the XP and in the fedora were I set up the xp computer name and workgroup
    thanks

  6. #21
    Join Date
    Apr 2004
    Location
    Daytona Beach, FL
    Age
    58
    Posts
    422
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are you using a cross over cable? You can not use a regular patch cable for direct connection...
    Registered Linux user: 358599

  7. #22
    smudley Guest
    Quote Originally Posted by wshawn
    You do not need to do anything with permissions on the linux side. Just make a local and a samba user with the same name. Make sure you have logged into the server via your windows by clicking on the computer from the Computer list of the workgroup computers. If you try to access the file directly you will not do it.

    If you are still having a problem then shutdown the win machine, rename the FC4 server, reboot it , and then boot your windows. Windows stores a user pass combination in the registry for each network connection requiring authentication. The easiest way to reset a bad password is to rename the server or edit the registry.

    The error says "Windows cannot access.." Its a permission (which windows only has as user / pass combos) error on the windows side.
    Any chance of knowing where in the registry on the Windows side that user / pass combos are kept at?

    If not, do I have to change the hostname AND the IP of the server?

    This is really messing with my head and I need some resolution or my boss will not be happy with me. (well he ain't happy any way but he will be very PO'ed)

    Thanks,
    Smudley

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Replies: 9
    Last Post: 8th April 2009, 01:10 PM
  2. Fascist America, in 10 easy steps
    By Seve in forum Wibble
    Replies: 4
    Last Post: 24th April 2007, 06:58 PM
  3. Replies: 0
    Last Post: 4th August 2006, 12:26 AM
  4. ReInstall GRUB - EASY STEPS
    By ukanth in forum Guides & Solutions (Not For Questions)
    Replies: 1
    Last Post: 18th October 2005, 07:04 AM
  5. Replies: 5
    Last Post: 17th February 2005, 11:10 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
[[template footer(Guest)]]