SOLVED: Avoiding the need for passwords for shares

[philld]

Just one hurtle to get over and I'll be satisfied with my home network setup.  Here is the situation.  There are multiple machines in the network but I'm going to focus on only two of them since that is where the shares are located.  There is machine LP, a newmachine with a fresh install from 2009.2 with kde4 and LP2, a machine that has been on the network for a while also with kde4.  Both machines have XP running in a Virtualbox.
 
Below are the observed behaviours:
1) LP accessing LP2 shares - works fine - no password requested
2) LP VB application accessing LP shares - prompted for password from Windows Explorer.
3) LP VB application accessing LP2 shares - prompted for password from Windows Explorer.   If attempt to connect to a file before going into Windows Explorer and providing the password, am told the file does not exist
3) LP2 accessing LP shares - does not appear to connect
4) LP2 VB accessing LP shares - Windows Explorer doesn't see any shares on LP
5) LP2 VB accessing LP2 shares - works fine - no password requested

My conclusion is that is it some setting on the LP machine that is the problem but I've checked everything more than once that I can think of and nothing seems to make a difference.

Your guidance is appreciated.

[Xero]

 Have a read of http://linuxgator.org/forums/viewtopic.php?f=15&t=879 and see if there are any useful bits you may hav missed in setting things up. Works fine for me on a mixed Windows/Linux network,

[philld]

Thanks for the feedback - had actually referenced that document when setting up the new machine.  Went back through it and its still a no-go.  I'm wondering if the problem may be at a higher (or is that lower) level than the share, i.e. samba as I don't even see the share on the network from Windows, in either of the VBs on both machines.

[Xero]

 Do either the windows or linux machines have firewalling enabled?

[altair4]

You have a lot of possible stumbling blocks in that setup mainly VBox which has it's own complexity to deal with. Let me throw out some general thoughts about home networking. You might even find some of them helpful  

[1] Give each of your boxes fixed ip addresses and access those shares by ip address. Linux sometimes has a hard time resolving machine names with ip addresses. There's a lot of technobable on the net about resolving this issue by installing winbind and such and some downright incorrect information about the necessity of all boxes having the same workgroup name. Static ip addresses fixes this issue. You can either do that internally in each OS or have the router do it:

I have the router assign the same IP address to the same box depending of the MAC address of each box. So BoxA always gets one address and BoxB always gets another...

For Netgear routers it's called "Address Reservation" ( I think :?: )
For D-Link routers it's called "Static DHCP"
Linksys routers are more problematic. Some routers can do it and some cannot.
It also goes by the names: "reserved DHCP", "reserved leases", and "Pre-assigned DHCP" .

[2] Are you by any chance using the same login username on all your boxes and have you set up that username as a "Samba user" in the linux server using smbpasswd ( or the PCLOS / KDE gui equivalent ).

This may be a problem depending on how you set this up and it's only a problem when accessing linux shares from Windows. Let me explain:

When linux browses another linux's shares it sends a message: "Hi, I'm nobody in particular, may I see your lists of available shares please?" The linux server responds with "Sure, but for protected shares you will have to provide a username and password"

When Windows browses for linux shares it sends this message: "Hi, I have logged into my Windows box with username=altair4 and password=altair4pw, may I see your list of shares please." ( You can see how Windows by design is a security problem ). Linux responds to that message by checking against it's smbpasswd database to see if there is a matching username. If there is no match it will respond the same way it does if the Windows box was another linux and let you see the shares. If there is an exact match ( username and password ) it will also let you see the shares. If there is a match to the username but not the password, you will be in an infinite loop. You know you have this password mismatch problem if Windows Explorer keeps asking for authentication BEFORE it allows you to see the available linux shares.  You've got two solutions:
(a) Eliminate the "samba user name" in the server smbpasswd database.
(b) Make sure that the samba user name and password is an exact match to the windows login username and password.

[3] There may be something incorrect in your smb.conf file. Open up a terminal and post the output of the followng command: testparm -s

[philld]

Thanks Xero and Altair4 for your replies.

Re the firewall question - no firewall is enabled - I'm letting the Dlink router handle that for the time being.

Re IPs, the dlink router is assigning each of the boxes a fixed ip based on the MAC of the ethernet card.

Re userid and passwords, the same id and password is being used on each machine (trying to keep it simple for this feeble mind these days).  Am going to reread this and make sure I fully understand it.  You did mention 'eliminate the "samba user name" in the server smbpasswd database' - won't even know where to start looking for that one.

Re the smb.conf - here is the information:
testparm -s
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"                 
Processing section "[printers]"               
Processing section "[print$]"                 
Processing section "[pdf-gen]"               
Processing section "[LPWinE]"                 
Processing section "[testwine]"               
Loaded services file OK.                     
Warning: Service printers defines a print command, but rameter is ignored when using CUPS libraries.                                                           
Server role: ROLE_STANDALONE                                                   
[global]                                                                       
        workgroup = HOME                                                       
        server string = %h                                                     
        map to guest = Bad User                                                 
        log file = /var/log/samba/%m.log                                       
        max log size = 50                                                       
        printcap cache time = 60                                               
        printcap name = cups                                                   
        logon path = \\%25N\%25U\profile                                       
        logon home = \\%25N\%25U                                               
        domain master = No                                                     
        dns proxy = No                                                         

[homes]
        comment = Home Directories
        read only = No           
        browseable = No           

[printers]
        comment = All Printers
        path = /var/spool/samba
        create mask = 0700
        guest ok = Yes
        printable = Yes
        print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
        use client driver = Yes
        browseable = No

[print$]
        path = /var/lib/samba/printers
        write list = @adm, root
        inherit permissions = Yes
        guest ok = Yes

[pdf-gen]
        comment = PDF Generator (only valid users)
        path = /var/tmp
        printable = Yes
        printing = bsd
        print command = /usr/share/samba/scripts/print-pdf "%s" "%H" "//%L/%u" "%m" "%I" "%J" &
        lpq command = /bin/true
        lprm command = lprm -P'%p' %j

[LPWinE]
        comment = E Drive
        path = /mnt/windows
        read only = No
        guest ok = Yes

[testwine]
        comment = Windows E Drive
        path = /mnt/windows

LPWinE and testwine is the same partition/drive - I created testwine to test some other ideas but it too was not seen by the LP2 machine.

[altair4]

You did mention 'eliminate the "samba user name" in the server smbpasswd database' - won't even know where to start looking for that one.

PCLinuxOS Control Centre > Network Sharing > Share Drives and Directories..... > Samba Users

You would have had to set them up here so if you didn't know how to get here I'm pretty sure it's blank. Since you want guest access you want it to be blank.

[LPWinE]
        comment = E Drive
        path = /mnt/windows
        read only = No
        guest ok = Yes

[testwine]
        comment = Windows E Drive
        path = /mnt/windows

Get rid of one of them since their definitions conflict. I would personally keep the LPWinE. Now that I know it's a windows partition you're sharing this might be a simple permissions problem. I'm going to start ranting again but this might be an easy solution.

Samba permissions determine whether you MAY access a share, Linux file permissions determines whether you CAN access the share. I would have to know how you're mounting the /windows partition in /etc/fstab to fix this correctly but samba allows you another way:

[LPWinE]
       comment = E Drive
        path = /mnt/windows
        read only = No
        guest ok = Yes
        force user = altair4

Change altair4 to whatever your login user name is.
To do that:
Press Alt+F2
Type kdesu kwrite /etc/samba/smb.conf

The force user = altair4 tricks linux into thinking that the remote guest user accessing that particular share is you as far as permissions for that particular share are concerned.

EDIT: Sorry , forgot one essential step. After you edit and save the /etc/samba/smb.conf file open a terminal and issue the following command:

su -c "service smb restart"

[philld]

Thanks again Altair4 - the problem has been located.  You suggestion  'eliminate the "samba user name" in the server smbpasswd database' was the key (and thanks for telling me where to find it).  I did have entries there and once they were removed, the share became visible/accessible on the LP2 machine (both Linux and the VB Windows machine).

Thanks for the assistance.

[fraxinus]

Change altair4 to whatever your login user name is.
To do that:
Press Alt+F2
Type kdesu kwrite /etc/samba/smb.conf

The force user = altair4 tricks linux into thinking that the remote guest user accessing that particular share is you as far as permissions for that particular share are concerned.

EDIT: Sorry , forgot one essential step. After you edit and save the /etc/samba/smb.conf file open a terminal and issue the following command:

su -c "service smb restart"

altair4 - I am so grateful that a forum search has revealed this information. I was going completely mad as a samba newbie. Now I can gain full r/w access to my newly-acquired NAS for the first time!