Re: Anyone Familiar With Samba?

From: Karl Levinson [x y] MVP (jamescagney90210@excite.com)
Date: 10/27/02 

From: "Karl Levinson [x y] MVP" <jamescagney90210@excite.com>
Date: Sun, 27 Oct 2002 06:55:30 -0500

Your web scripts may not be running using the login ID you think they are.
If the application isolation settings on the folder containing the web
scripts in the IIS MMC are set to low, it is running as the
IUSR_computername account [unless you have changed it]. If this setting is
set to medium or high, the IWAM_computername account is the one being used.
The password for these accounts is stored both in the Windows user database
and also a copy of the password is cached in the IIS metabase [and both
passwords have to match]. You can get or change the current password for
either of these accounts using the ADSUTIL.VBS command with the SET or GET
option as described at
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q296851

"David P. Donahue" <ddonahue@ccs.neu.edu> wrote in message
news:ug#tqGSfCHA.1768@tkmsftngp11...
> Ok, I've been trying off and on for some time now to get IIS to
successfully
> use a Samba share from my Linux server as its web root. I keep running
into
> "Unauthorized Access" errors of one sort or another. My setup is
currently
> as follows:
>
> smb.conf file:
> [global]
> workgroup = CYBER0NE
> security = server
> netbios name = HARDAC
> server string = Samba 2.2.2
> interfaces = 192.168.0.3/24
> encrypt passwords = Yes
> passwd program = /usr/bin/passwd %u
> smb passwd file = /etc/smbpasswd
> passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r
> "*Password changed*"
> unix password sync = Yes
> syslog = 2
> log file = /var/log/samba/log.%m
> time server = Yes
> add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M
%u
> logon script = %U.bat
> logon path = \\hardac\profile\%U
> domain logons = Yes
> os level = 34
> preferred master = Yes
> domain master = Yes
> lock directory = /var/lock/samba/locks
> admin users = root
> hosts allow = 192.168.0.
> hide dot files = No
> guest account = ftp
>
> [netlogon]
> comment = "Domain Logon Services"
> path = /etc/smblogon
> browseable = No
>
> [homes]
> comment = "Home Directory for : %u "
> path = /home/%u
> writeable = Yes
> create mask = 0644
> directory mask = 0755
> browseable = No
>
> [profile]
> comment = "User profiles"
> path = /etc/smbprofile
> writeable = Yes
> create mask = 0600
> directory mask = 0700
> browseable = No
>
> [web]
> comment = "Website"
> path = /home/www/public
> guest ok = yes
> read only = yes
>
>
> smbusers file:
> www = www IUSR_Cerebro
>
>
> As you can see, there is a real-only share for the website. Also, the
user
> currently logged into the console of the Windows box running IIS is "www"
> who's read/writable home directory share can also be used for the IIS root
> (although I would prefer the read-only share, just to sleep better at
> night). Also, these two shares are mapped as drives on the Windows box.
> And it's ok to leave the same user logged in to that box at all times,
> nobody else will be using it. IIS is set to use a network share as its
> root, and to connect as the "www" user. In Samba, I have also made
> IUSR_Cerebro an alias for www. And, in IIS, the Anonymous Access section
> under Directory Security has "www" set as the anonymous username, with me
> controlling the password, and has Integrated Windows Security checked.
>
> Now, from the localhost, with "www" logged in, the website comes up just
> fine. But from any other host it prompts a login. I'd like to be able to
> allow public access to the root folder and its child folders, and I will
set
> more security on child folders where necessary.
>
> Anyone encounter this before? Any ideas? I did find something on the
> Microsoft site:
> http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q256322&
> but its suggestions didn't do the trick.
>
>
>
> David P. Donahue
> ddonahue@ccs.neu.edu
>
>
>
>

Relevant Pages

  • Re: Manually Created Web Site Does Not Work - What am I Missing?
    ... between my VS project - and therefore assembly names - and the IIS Web site. ... have the same name or folder structure as my VS project. ... The ASP.NET Dev Server runs as the Administrator account in VS 2008. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: OWA distorted
    ... list for the Exchsvr folder. ... The user can only access OWA when they have Domain Admin rights on ... if you hadn't changed the account used for Anonymous Access. ... synchronize it with the value in IIS Manager. ...
    (microsoft.public.exchange.admin)
  • Re: Sometime the JavaScript function becomes undefined
    ... I find I am running IIS 5.1 and see that IIS 7 is around. ... And the root is the last folder in that project title? ... This is the folder that show in IIS properties for this site. ... I always get openWindow is undefined. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: A few file upload questions
    ... I found an "ASP.net machine account" in my Windows security (I'm guessing ... that IIS added that when I installed IIS either that or one of the .net ... under that folder but that was a while ago before I got into this side of ... writing and therefore needs permissions on the folder where you're putting ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: A few file upload questions
    ... Since you added the machine account to the folder permissions and it's working now, your site must be running under the machine account. ... that IIS added that when I installed IIS either that or one of the .net ...
    (microsoft.public.dotnet.framework.aspnet)