[KLUG Members] linux as print server

[bill]

sham shaman saga below:

> >>ether specifically.  That will both solve the security issue (at least
> >>in part) and make sure it is listening in the right place.
> >There's two parameters, apparently. "Bind interfaces only" (can be yes or no) which I'm
> >not using or "interfaces" which is set to the internal eth0 ("interfaces=eth0")
>
> That should work.  What does "netstat -ap | grep smb" say?

Words unitelligible to me:

tcp 0 0 *:netbios-ssn *:*  LISTEN 11255/smbd

> >What does "smbclient -L localhost" say?
> >It adds the local interface and asks for a password.  That kept failing
> >(I kept trying the command) until I put in a password from a user on the
> >Linux box.  That worked.  It displayed a table of info that looked
> >correct (shares, server, workgroup) but "Master" had no value.
>
> You have browse master = yes and local master = yes

Do you mean to say I -should- have browse master = yes and local master = yes?

> >So, do users (and passwords) need to be set up on the Linux box for
> >the win9x machines?
>
> In user mode yes,  in share mode no.  Although in user mode one can still
> make shares available to anonymoususers (public = yes),  Be sure to define
> a valid guest account.

Is the valid guest account necessary for user or share mode?

> >>Are your win9x boxes in DNS or /etc/hosts?  Or do you have a WINS server
> >>floating about?  To circumnavigate name-space mire it is probably
> >>easiest to enable WINS support on the Samba process and set the Win9x
> >>boxes to use it as the WINS host if you don't already have one.
> >Not using DNS, don't know what  /etc/hosts is.
>
> A flat file in both Windows and Linux used to realted names to IP
> addresses when no name service is available.

Ah, ok.  I had added a lmhosts file to the win9x box with the following entry:

192.168.0.1 (linux machine name)

Not that it seems to do any good, though.

> >No WINS server exhibiting levitation.
>
> Is the local shaman on vacation?

I don't think he comes with the CD version.  I was quite shockingly appointed
even though I don't
know all the secret keystrokes.  The natives may begin to question my powers
unless I soon raise this turkey from the dead.


> Ah ha!  Welcome to the joys of CIFS,  which shares much in common with
> it's name-alike the venereal disease.  "Protocol Priority" is the term of
> the day.  Samba provides CIFS over UDP/IP as does Win2000 and XP (and late
> service pack NT boxes).  Your Win9x boxes are processing all sharing
> related information and namespace management over NetBeui.  As long as
> NetBeui is installed they won't see the Samba box and the Samba box won't
> see them.  Just as if you were installing a 2000/XP box you need to remove
> netbeui and tell them to use the Samba box as the WINS server.  File
> sharing will then work between the Win9x boxes via TCP/IP,  with no
> difference in operation, peer-to-peer and everything.  But with Win9x
> NetBeiu is the highest priority protocol, so if installed that one gets
> picked for doing everything.
>
> Just set "wins support = yes" in your samba config and the win9x boxes
> will automatically register their names/ips.  And samba will create a
> browse list.

Ah, if it would be so easy.  Tried it on one win9x machine and now nothing shows
up in Network Neighborhood (I'm guessing the other win machines would show up if
I removed Netbeui from them).  FWIW, I set 

wins support = yes

and tried 

announce = Win95 

as well as 

announce = winNT

The win9x box had netbeui removed.  WINS enabled and the local IP address given
as the sole entry in the search order.  Left Scope ID blank.  Client for
Microsoft Networks and File & printer sharing was bound to the TCP/IP and
NetBios support is enabled over TCP/IP.

On the positive side NetBios is showing up as enabled now on grc.com. 
dslreports.com says that tcp ports 111, 139, 515, and 6000 are open. 
Unfortunately, that's via the internet.

On a whim, I tried smbclient -L win9xmachinename and got the following:

"Got a positive name query response from 127.0.0.1 (static local ip# of win9x
machine)"

at which point it asks for a password.  Hmmmmm.  The win9x machines don't use a
password, they use the windows logon.

Put in a bogus password and it showed me some file shares on the win9x machine. 
Server, workgroup, and Master were unexplicably blank.

I believe that is good news, but I wait for the interpretation.