Hola a todos...
Tengo un servidor de archivos con samba y firestarter para compartir internet. Accedo a los recursos compartidos sin problemas desde la red interna pero no asi desde una ip externa. Al parecer el problema esta en la autentificacion ya que al intentarlo desde la ip externa, me pide nombre de usuario y password, cosa que no me pide si me conecto desde alguna de las ips internas....
tengo samba 3.0.10-1.fc2
Alguien me puede ayudar?? Adjunto smb.conf para quien quiera hacerlo
Muchas gracias de antemano
Hugo
# This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #======================= Global Settings ===================================== [global] log file = /var/log/samba/%m.log load printers = yes idmap gid = 16777216-33554431 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 null passwords = yes winbind use default domain = no template shell = /bin/false dns proxy = no server string = Samba Server idmap uid = 16777216-33554431 default = global remote announce = 216.241.4.233/prosepan workgroup = prosepan os level = 20 printcap name = /etc/printcap security = share max log size = 50
[homes] comment = Home Directories browseable = no writeable = yes
# Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /home/netlogon ; guest ok = yes ; writable = no ; share modes = no
# Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print printable = yes
# This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes
# A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; read only = yes ; write list = @staff
# Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes
# A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no
# a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %u option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes
# A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no
# The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765
[workdir] guest account = usuariosmb force user = usuariosmb comment = Directorio de trabajo writeable = yes guest ok = yes path = /workdir
[cobranzas] writeable = yes guest ok = yes guest only = yes path = /workdir/cobranzas
Hugo Bravo Reyes wrote:
Hola a todos...
Tengo un servidor de archivos con samba y firestarter para compartir internet. Accedo a los recursos compartidos sin problemas desde la red interna pero no asi desde una ip externa. Al parecer el problema esta en la autentificacion ya que al intentarlo desde la ip externa, me pide nombre de usuario y password, cosa que no me pide si me conecto desde alguna de las ips internas....
tengo samba 3.0.10-1.fc2
Alguien me puede ayudar?? Adjunto smb.conf para quien quiera hacerlo
Muchas gracias de antemano
Hugo
Hola antes que nada, y una pregunta: ¿Estás tratando de acceder al servidor samba desde una IP externa, o sea, Internet u otra subred dentro de una red más grande (como en el caso de una corporación/Universidad)? Aunque el resultado sería virtualmente idéntico, no así (creo) el manejo, especialmente de la seguridad. Ahora bien, dices que puedes acceder a los recursos compartidos desde la red donde se encuentra el servidor samba como parte de la misma, pero no desde una red externa (IP externa) ¿Cómo están configurados los usuarios? Veo que tienes la seguridad puesta como "share", lo que implica que los usuarios no necesitan un nombre de usuario ni contraseña para acceder a un recurso samba (extraído del archivo ayuda de system-config-samba):
*Share* -- Samba users do not have to enter a username and password combination on a per Samba server basis. They are not prompted for a username and password until they try to connect to a specific shared directory from a Samba server.
Pero quizá sea necesario que explícitamente indiques que el acceso desde la red externa sea soportado también con el tipo de seguridad "share"... Es una sugerencia. Realmente no soy un gurú de Samba...
es-users@lists.fedoraproject.org