Basic question re Samba authentication problem

I'm just setting up a colleage here with a samba account on one of our machines. She is using a windows XP machine, and our print server runs on a Debian box... I have set herup with a user account on the Deb-box and also a Samba account. However, when she tries to print from Windoze, she still gets the message:

You do not have permission to use the selected printer. If you need
access contact your network administrator

I am wondering if I need to restart the smbd demon - is there a nice clean way of doing this, other than killall smbd && smbd ?
I wonder if anyone has any other ideas on how to get this authentication working !!
There are other XP machines in the office which can print via this machine no probs, so I'm sure that it's just a password thing. I have checked the /etc/passwd and this person definitely has an entry.

Here are the errors dumped in /var/log/smb:

[2002/06/18 12:52:55, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'pratima sood' in UNIX password database.
[2002/06/18 12:52:55, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'pratima sood': authentication failed
[2002/06/18 12:53:08, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'pratima sood' in UNIX password database.
[2002/06/18 12:53:08, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'pratima sood' in UNIX password database.
[2002/06/18 12:53:08, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'pratima sood': authentication failed

And here is a copy of the smb.conf:

[global]
printing = bsd
printcap name = /etc/printcap
load printers = yes
guest account = nobody
invalid users = root

inherit permissions = yes
security = user
workgroup=Internals
server string = %h server (Samba %v)
syslog only = no
;I have tried sync'ing password, but that didn't work either
unix password sync = False
passwd program = /usr/bin/passwd

;miscellaneous stuff:
syslog = 0;
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
encrypt passwords = yes
wins support = no
name resolve order = lmhosts host wins bcast
dns proxy = no
preserve case = yes
short preserve case = yes

passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
max log size = 1000

[homes]
comment = Home Directories
browseable = no
writable = yes

[netlogon]
comment = Network Logon Service
path = /etc/samba/netlogon
guest ok = yes
writable = no
share modes = no

[Internals]
comment = Internals Shared Files
path = /home/samba
browseable = yes
writable = yes

[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes


many thanks
Christo

if passwords are encrypted, they are no longer stored in /etc/passwd but in /etc/smbpasswd (sometimes /usr/local/samba/etc/smbpasswd or similar) since the hash differs from unix to windows which makes it impossible to use /etc/passwd.

use "$ smbpasswd <user>", then it should work. maybe you have to add a empty line in smbpasswd before:

login:userid:XXXXXXX (32 times):XXXX (32times):

then smbpasswd can set the password for you

well, a colleague of mine managed a suitably easy hack, which looked like this:

in the 'run' box, type \\machinename where machinename is the shared box.
Then in log-in box, he gave the correct UNIX username and passowrd and also clicked on the 'don't ask me again' button, so all connections to that linux box from that XP account are now made with that user/pass combination.

works a treat

later

you only loose the complete security in the network for this server

still, it only works if the unix user is also in the /etc/smbpasswd. or if you have "encrypt passwords=no" and (use win95a or you add an entry somewhere in the registry "allowunencryptedpasswords=1") or similar.

maybe your distro adds users automagically to /etc/smbpasswd when created as unix user. this would be a nice feature (SuSE does not.)

can you expand on this bit?




I set up the UNIX account and the samba user/password on the Shared machine... it was just refusing the password, because the Windoze was offering a different username, but manually logging in from the run box with proper username (and setting it to always use that username) seemed to do the job.

Hope I'm making some sense - had far too many beers last night

christo

Losing security since because if everybody uses the same login to access the samba server, everybody can delete everybody else´s files...

And for the login probs: yes, now i understand. Win2k/XP has the option to connect to a server usin different credentials than you´ve logged in to the local machine.
Win9X does not. At least not on right-clicking. So you need to keep the passwords in synch.

do you have a central logon server on the domain? this is what we use at work. and i setup samba to forward all logon attempts to the win2k server. so there is no need for passwords on the samba server, only the users must exist