Is there a Samba expert in the house?

I've got a machine running Fedora Core 3, and I can't get Samba, or Swat to work properly. The Samba server seems to be running, and the machine shows up in my network neighborhood from the Windows client, but when I click on it, I get a "network path not found" message. The smbd and nmbd services seem to be running on the server.

When I try to log in to Swat from the server (even as root), I get a "connection refused" message.

I'm looking at the configuration. According to the troubleshooting guides, the xinetd.conf file should be looking for it in /usr/sbin/swat, but that file doesn't seem to exist, even though I installed the full Samba package. When I do a "locate swat" the binary doesn't show up anywhere--only the configuration file of that name in /etc/xinetd.d. The config file right now actually has this line (which I probably inserted as a result of some other troubleshooter):

swat stream tcp nowait.400 root simberg /usr/sbin/tcpd swat

Is that right? There is at least a program "tcpd" with that path.

The troubleshooting guides I've found all leave much to be desired. They will tell you to check if something is happening, but no guidance on what to do if it isn't.

Anyone know what's going on?

Oh, and yes, before anyone asks, this (among other reasons) is why posting is sparse.

[Update at 12:45 PM EST]

OK, thanks to help from the comments section, I've theoretically got swat installed. But still no joy--it refuses the connection. Now what?

Are you sure swat is installed? It isn't part of the standard samba package. With Fedora Core 3, you can do this to install it:

yum install samba-swat

I can do that in theory. In practice what happens is this:

[root@myserver]# yum install samba-swat

You have enabled checking of packages via GPG keys. This is a good thing.
However, you do not have any GPG public keys installed. You need to download
the keys for packages you wish to install and install them.
You can do that by running the command:
rpm --import public.gpg.key
For more information contact your distribution or package provider.
[root@myserver]# rpm --import public.gpg.key
error: public.gpg.key: import read failed.

Not a hint, of course, as to why it failed.

Isn't Linux fun?

Ah, the Linux fun never ends!

rpm --import /usr/share/rhn/*KEY* /usr/share/doc/k12ltsp/*KEY*

Try that (it should all be one one line)

[root@myserver]# rpm --import /usr/share/rhn/*KEY* /usr/share/doc/k12ltsp/*KEY*
error: /usr/share/doc/k12ltsp/*KEY*: import read failed.
[root@myserver]#

Ok, you must not have the k12ltsp stuff installed. No big deal. First, check that you have the right key files:

ls -la /usr/share/rhn/*KEY*

It should show a couple of files. If it does, try this:

rpm --import /usr/share/rhn/*KEY*

Feel free to email me directly if you want to take this offline.

-Kevin

That did it. Now swat is installing.

Thanks much.

Personally, I'd just skip using swat, and check the samba and system logs vs. the samba docs, and just fix the thing.

Of course, I also date back to the days before swat even existed.

Personally, I also rarely use swat. But samba configuration files can be a PITA, so it's nice to have around.

When you installed swat, it should have created a file called swat in /etc/xinetd.d. If you edit that and change the 'disable = yes' to 'disable = no', comment out the 'only_from' line, and then restard xinetd '/etc/init.d/xinetd restart', it should be enabled.

If I were you I'd also delete the xinetd.d line you mentioned in your original entry. That looks like an inetd configuration entry, not an xinetd.d entry.

If you want help with your smb.conf file to bypass swat, either email me a copy or post it here and I'd be glad to help. I've got a FC3 machine running here with a similar setup.

Did all that. 901 still refuses the connection.

Hmm, I'm running out of ideas now. Are you trying to connect from the Linux machine itself, or are you connecting from another machine? Maybe you have the firewall enabled, and that is blocking the port.

If you haven't already, I would try connecting from the Linux machine itself (i.e. http://localhost:901).

I've been attempting to connect directly from the server all along. It's not a firewall problem.

Right now I'm trying to keep things simple. I'm running a barebones smb.conf:

[global]
workgroup = INTERGLOBAL

security = user
browsable = yes
local master = yes
[homes]
guest ok = no
browsable = no
[temp]
path = /tmp
public = yes
************************

When I run: smbclient -L servername

I get:

Password:
Anonymous login successful
Domain=[INTERGLOBAL] OS=[Unix] Server=[Samba 3.0.10-1.fc3]

Sharename Type Comment
--------- ---- -------
temp Disk
IPC$ IPC IPC Service (Samba 3.0.10-1.fc3)
ADMIN$ IPC IPC Service (Samba 3.0.10-1.fc3)
Anonymous login successful
Domain=[INTERGLOBAL] OS=[Unix] Server=[Samba 3.0.10-1.fc3]

Server Comment
--------- -------
SERVERNAME Samba 3.0.10-1.fc3

Workgroup Master
--------- -------
INTERGLOBAL SERVERNAME

Which seems fine, but when I attempt to connect to the "temp" share:

# smbclient '\\servername\temp'

I get:

Connection to servername failed

So I don't have any idea what the problem is, though I seem to be making progress.

Are there any clues in the files in /var/log/samba ? There should be a file for each device that tries to connect, plus a log for smbd and nmbd.

The only logs written to today are smbd.log and nmbd.log, with no clue there.

I guess I could up the logging level.

What happens when you enter "smbclient //servername/temp -U [username]" (with [username] being one of the valid users in /etc/passwd)?

When I attempt to log in as a valid user (me), after typing in my password, I get the message:

Domain=[LINUX-STATION] OS=[Unix] Server=[Samba 3.0.10-1.fc3]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

BTW... I don't know if this matters, but I notice you are using the directive name "browsable" in smb.conf, while I think the spelling is usually "browseable".

Anyway, I pasted your exact smb.conf file in my FreeBSD laptop running Samba 3.0.11, and had no trouble connecting from a Windows box *as a valid user*.

I don't claim to know all the ins and outs of Samba, but my basic approach to a barebones install is to create valid Unix users, and then (as root) to issue the command "smbpasswd -a [username]", in which case I am then prompted to enter a password. (Here, you can enter the same password as the Unix password for that user, but you might want a different password, matching that of the remote Windows user)

Then, in any share definition, you just explicitly enter the valid user(s):

[shared]
path = /home/shared
valid users = you me someone_else

Or, you can use "public = yes" to enable for all valid users. Just note that Samba by default requires valid users to be in /etc/passwd AND to be entered with "smbpasswd -a".

IMHO anonymous logins are problematic to configure with Samba, because *nix-ish systems are just a little too finicky with security. The method I am describing is the simplest, clunkiest approach, but it usually works. If you want to get more sophisticated, of course, there are ways to authenticate against other services, such as LDAP, databases, etc...