This document captures
many diagnostic tools and insights into MAC OSX 10.2 and later (Jaguar) Samba
usage and sharing files with Windows machines. The document includes links to
many sites where Òhow toÓ resources are provided. This document is intended to
complement those excellent resources. My experience is Windows sharing
continues to get easier from a Mac environment, but although for some itÕs easy
to figure out, others like me have struggled to make the home office setups
completely the Òplug and playÓ Windows-only environments enjoy.
Please feel free to
contact me at william_white@mac.com
with comments, suggestions, corrections, or anything that can make our MAC OSX
lives easier living in a Windows dominated world. I only make the apology tha
this document has grown on an ad-hoc basis and started when I had no idea what
I was doingÉ
Most of the diagnostics
are quite accessible to any user comfortable with basic Mac Terminal or PC
Command Terminal usage.
SSP is recommended for
those who want to try enhanced Samba options without getting into the Terminal
or root issues.
However, the background
discussion and some of the more in-depth topics are intended for advanced
users.
So in general, there are
six areas that each need to be set up correctly.
1. Physical Network Connection.
2. Basic Networking protocols
installed and configured.
3. Shared File Services installed and
enabled.
4. Consistent workgroup, usernames and
passwords on all computers.
5.
Sharing enabled for each user.
6.
Each User must explicitly share shares.
1.1. Physical connection
to your LAN. Wireless working?
1.2. Valid TCP/IP settings
for the active location - static or dynamic IP address?
1.3. Windows File Sharing
enabled (Samba running?)
1.4. User "Allowed to
Login to Windows"?
1.5. User's Mac password
is (re-)set to force Windows password recognition?
1.6. Workgroup (or Domain)
name setup?
1.7. Preferred Computer
Host name (servername) defined?
1.8. BSD Subsystem
included in 10.2 installation? See Article 107086.
2.1. Physical connection
to your LAN. Wireless working?
2.2. Valid TCP/IP settings
for the active connection - static or dynamic IP address?
2.3. NetBIOS over TCP/IP
enabled?
2.4. File and Printer
Sharing enabled?
2.5. Workgroup (or Domain
name) setup
2.6. Preferred Computer
Host name (servername) defined.
2.7. Folders set up for
Sharing (Share name not more than 8 characters)
2.8. XP: Are users
"Allowed to connect remotely to this computer"?
Note - you may want to, or
if names resolution is an issue, you may need to substitute the ipAddress for the servername in the following tests. IpAddress = 127.0.0.1 will always refer to your MacÕs
localhost.
3.1. Show current
IP values
- Network Utility: Info
tab
Select the correct active
device Ð en0 (wired connection) or en1 (wireless connection). An all-zero IP
address or an address beginning 169. indicates that your TCP settings may be
incorrect, or if your settings are DHCP, indicate a problem with your DHCP
server settings, or the physical connection to the local network. If you have a
local DHCP server such as a router or wireless airport your settings typically
will be 10.0.2.x (Apple Airport), 192.168.1.1xx (Linksys router), 192.168.0.x
(PC Internet Connection Sharing).
3.2. Basic
physical connection test
- Network Utility: Ping
tab
Use ping to test that the
physical connection from your Mac is working. This command will work to any
network node (computer, router, airport). Also can be used to check the
physical connection of other computers on your local network, as well as the
connections to your ISP or any public network service on the Internet. Ping is
a test also available in the Terminal:
Ping 192.168.1.100
Ping www.apple.com
If Ping to a remote IP
address does not work, then try pinging your serverÕs interface on the Mac
computer itself (ping 127.0.0.1 or ping localhost). If this does not work then
thereÕs a more serious configuration problem. If you have problems pinging to
other computers on your local network, then check you have working cables
(sometimes the connectors, or the cables themselves stop working, especially
cheaper ones), that the cables are of the correct type (patch, or cross-over
sometimes if just connecting two computers directly), and that they are plugged
into the correct ports on switches (not the uplink port, and not the regular
port sharing an uplink connection).
If you think you are
having wireless related problems, then if available, try using cable
connections instead -- until you have eliminated other networking issues.
3.3. Use Terminal
to confirm SambaÕs daemons are running
- Terminal command (as
root): ps Ðcx | grep mbd
This command, which is run
as root (or prefixed with sudo), is useful when you have started Windows
sharing, but you are not convinced Samba is running, even though the System
Preferences Sharing pane might indicate that Windows Sharing is in a started
state.
Typical terminal output
(Samba running)
[whitew-osx:/var/log/samba]
admin# ps -cx | grep mbd
1083 ?? Ss 0:00.01 smbd
1157 ?? Ss 0:00.02 nmbd
Note that if you click
Start on Windows sharing and no network connection active, the daemon is
started, but the Sharing pane states it is in the Stopped state. This is ok as
smbd will fully start as soon as a network path is available and Windows
Sharing is restarted in the sharing control pane..(see 107366).
3.4. Browse a "servername"s shared services
- Terminal command:
smbclient -NL servername
This command, with the ÐL
option, requests the list of browseable shares from the server servername. With the ÐN option, no user name is provided.
NT servers (see 3.5) require a valid username and password to get a browse
list.
Example: smbclient -NL
127.0.0.1
added interface
ip=192.168.1.100 bcast=192.168.1.255 nmask=255.255.255.0
Anonymous login successful
Domain=[KENWHITE]
OS=[Unix] Server=[Samba 2.2.3a]
Sharename Type Comment
--------- ---- -------
* MUSIC Disk mp3 Galleries
* MOVIES Disk
* XD1
Disk
User Directories (extension)
* NuMOVIES Disk DVD Movie Gallery (if available)
IPC$
IPC
IPC Service (samba 2.2.3a on OSX 10.2.4)
ADMIN$ Disk IPC Service
(samba 2.2.3a on OSX 10.2.4)
Server
Comment
---------
-------
KENNEDY-SMB samba 2.2.3a
on OSX 10.2.4
Workgroup
Master
---------
-------
KENWHITE
KENNEDY-MAC
The shares editorially
marked with * above are non-standard shares. These are not configured in the
default Samba distributed with MAC OSX, but can easily be added as described in
Section 8.6 below.
- Terminal: smbclient -L servername -U username%password
To reveal the share names
on an NT system using DOMAINS (including Windows 2000 Pro, XP Pro) you must
provide a valid username and password for the server. If not, and you use the
ÐN option, you will obtain server level information, but you will not receive
the browse list. Instead, the following message will be displayed:
Error
returning browse list: NT_STATUS_ACCESS_DENIED
The forms of the smbclient
command in 3.4 and 3.5 are particularly useful to demonstrate that the Windows
File Sharing Services on the given server, or at the given ipAddress, are
correctly configured, and to display what browseable shares are available. (I
believe the ADMIN$ share is the share that allows browsers to Òpick upÓ a given
userÕs own home folder share). The usefulness arises because the commands are
directed to a specific server and are independent of the MAC OSX browser GUI.
Terminal:smbclient //servername/share -U
username%password
This version of the
smbclient command runs a shell-like utility with the prompt ÒsmbÓ that provides
direct access to the named share
on servername (or substitute IpAddress). You need a valid username and password. If you omit
the password on the command line, you will be prompted for the password in the
command line dialogue.
Type "smbclient //servername/share -U
username%password" to log
into the share. Type ? for a list
of commands. Type command ? for detail. Type q to quit.
This command is useful to
determine ACCESSIBILITY of a share. The available commands include the ability
to list the files in the share and transfer them physically to/from your Mac
client. This is clearly a useful test of server access. If the remote server is
a Mac, this procedure can also test both SambaÕs and MAC OSXÕs read/write
permissions for the given user.
Example: smbclient //192.168.1.100/MUSIC
-U whitew
added interface
ip=192.168.1.100 bcast=192.168.1.255 nmask=255.255.255.0
Password:
Domain=[KENWHITE]
OS=[Unix] Server=[Samba 2.2.3a]
smb: \> ?
?
altname archive
blocksize
cancel
cd
chmod chown del
dir
du exit
get
help
history
lcd
link
lowercase
ls
mask
md
mget mkdir more
mput
newer open
print printmode prompt
put
pwd
q
queue quit
rd
recurse rename
rm
rmdir
setmode
symlink tar
tarmode translate
!
smb: \> ls
. D 0 Sat Dec 7
16:19:17 2002
.. D 0 Sun Dec 8
09:26:57 2002
.DS_Store AH 6148
Sat Dec 7 16:19:17 2002
jason
D
0 Thu Nov 14 16:09:22 2002
jessica D 0 Sun Dec 8 18:11:01 2002
whitew D 0 Mon Sep 2 17:04:51 2002
46976
blocks of size 2097152. 26653 blocks available
smb: \> q
Terminal: nmblookup -M -
Displays Master Browser IP
Address and the line __MSBROWSE__
Example: nmblookup -M -
querying __MSBROWSE__ on
172.31.31.255
172.31.16.99
__MSBROWSE__<01>
172.31.16.254
__MSBROWSE__<01>
This example shows the IP
addresses of two servers found that are Master Browsers for their respective
workgroups/domains.
With the ÐT option
(reverse name lookup) the reply includes the name of the Master Browser server
as well as its IP address. For example:
[whitew-osx:WD/Users/admin]
admin# nmblookup -T -M "-"
querying __MSBROWSE__ on
192.168.1.255
kennedy-osx.local.,
192.168.1.100 __MSBROWSE__<01>
- Terminal: nmblookup ÐU IpAddress -RS workgroup
This form of the nmblookup
command has the exact same functionality as the Ònbtstat Ða serverÓ command on the PC (see 4.4 below)
Example: nmblookup ÐU
kennedy-smb -RS kenwhite
querying KENWHITE on
192.168.1.100
255.255.255.255
WORKGROUP<00>
Looking up status of
255.255.255.255
KENNEDY-SMB <00> -
M <ACTIVE>
KENNEDY-SMB <03> -
M <ACTIVE>
KENNEDY-SMB <20> -
M <ACTIVE>
..__MSBROWSE__.
<01> - <GROUP> M <ACTIVE>
KENWHITE <00> - <GROUP> M
<ACTIVE>
KENWHITE <1b> -
M <ACTIVE>
KENWHITE <1d> - M <ACTIVE>
KENWHITE
<1e> - <GROUP> M <ACTIVE>
Type <20> services
are important Ð this type shows that accessible shares are defined on this
server. If there are no type <20> services, recheck the servers File
Sharing settings and on a PC make sure that a folder is actually defined as a
shared folder.
Note also that the status
option (-S) can also be used to get the status of the master browser in the
broadcast command in 3.7. For
example:
[whitew-osx:WD/Users/admin]
admin# nmblookup -ST -M -
querying __MSBROWSE__ on
192.168.1.255
kennedy-osx.local.,
192.168.1.100 __MSBROWSE__<01>
Looking up status of
192.168.1.100
KENNEDY-SMB <00> -
M <ACTIVE>
KENNEDY-SMB <03> -
M <ACTIVE>
KENNEDY-SMB <20> -
M <ACTIVE>
..__MSBROWSE__.
<01> - <GROUP> M <ACTIVE>
KENWHITE
<00> - <GROUP> M <ACTIVE>
KENWHITE
<1b> - M <ACTIVE>
KENWHITE
<1d> - M <ACTIVE>
KENWHITE <1e> -
<GROUP> M <ACTIVE>
Note interestingly, that
the computer name listed in the lookup is Òkennedy-osx.local.Ó This is the
rendezvous name for the Mac server being targeted here, not the Netbios name,
which is Òkennedy-smbÓ.
- Terminal: smbstatus
Example run on kennedy-osx
(192.168.1.100) which is serving a share, MUSIC, to client whitew-osx
(192.168.1.102) both OSX systems:
[kennedy-osx:~] admin%
smbstatus
Samba version 2.2.3a
Service uid gid pid machine
-------------------------------------
MUSIC admin staff
1403 whitew-osx
(192.168.1.102) Mon Feb 17
No locked files
All these commands are run
from the Command Terminal (Start > Run > Command or cmd)
4.1. Show current IP
settings primary connection >ipconfig
4.2. Show IP settings all
connections >ipconfig /all
4.3. Basic Physical
connection >ping ipAddress
4.4. Browse
"servername"s shared services >nbtstat -a servername
4.5. Browse IpAddress shared services if name in 4.4 isn't resolved
>nbtstat -A IpAddress
If there are no names
resolution services (DNS or WINS), this command will also temporarily cache the
name in Windows 2000 Pro for the
name to appear in the Network Neighborhood long enough to access it. It will
remain in the Network Neighborhood until shares are released and after a short
time.
4.6. Is name resolution
(DNS or WINS) working? >nbtstat -r
Resolved/Registered by
Broadcast may be 0; Resolved/Registered by name server will be non-zero.
4.7. Display computer's
shared network >net view
(Error = -36) Server
access error - server not found (name not resolved); or bad user; or no NetBIOS
found.
(Error = -43) Share error
- share name does not exist.
(Error = -50) - disk
access problems
(Error = -5023)
Authentication error - bad password
6.1. Directory Access >
SMB > setting WINS locks out all smb (Windows Sharing) and afp (Personal
Sharing) browsing. Do not set a WINS address, only set your WORKGROUP name.
6.2. Connect to Server
> Error code (-50) if browser attempts to display sharename > 8
characters.
6.3 SWAT, Samba web administration tool
does not run due to missing files. See the link at 7.2 below.
6.4 Not really a bug, but a clarification: the smbmount
command that is described in the man smbmount pages is a linux-specific
command. The MAC OSX command is instead Òmount-smbfsÓ.
The following articles are
found at the Apple support site. The address for article number nnnnn is given
by:
http://docs.info.apple.com/article.html?artnum=nnnnnn
Setting Up Articles
106658: How to
Create a Small Ethernet Network
107083: 10.2: How
to Set Up Windows File Sharing
106471: 10.1 or
later: How to Connect to Windows File Sharing (SMB)
107137: How to
Change the Windows File Sharing Workgroup in OS 10.2
Problem Solving Articles
107117: (SMB)
Computers [in other subnets] Do Not Appear in Connect to Server Dialog
107086: Windows File Sharing Will Not Start,
Stay On, or Allow Workgroup Name Change
107096: "SMB Connect Error = -36"
Alert When Connecting to a Windows-Compatible Computer
107095: ÒError =
-50" When Connecting to a Windows-Compatible Computer
107032:
"Error -43" When Copying Files to Windows Shared Volume
107407: Interruption of Windows (SMB)
Connection Can Cause Computer to Stop Responding
107366: Windows File Sharing Does Not Start
Without Network Connection
107486: Cannot Connect to Windows (SMB) Server
Using Password Stored in Keychain
Background Information
107127: Windows
File Sharing (SMB) Uses NetBIOS Over TCP
106824: How to
change OSX user short name
Good search words in the
Knowledge base are ÒSMBÓ, and ÒWindows SharingÓ
Joel
Shoemaker's "Mac to PC" file sharing site
Joel
Shoemaker's "PC to Mac" file sharing site
How
to enable SWAT (Samba's Web Administration Tool) in 10.2
Diagnosing Windows by
William White (this document)
Step by
Step set up for XP PC File Sharing
Adding a
Windows XP system to an Existing Network
Samba web site for OSX
10.1, and SSP - GUI to edit smb.conf in 10.x
Samba is a suite of
programs for sharing windows file systems (formerly known as SMB, now CIFS).
This uses the NetBIOS over TCP/IP (NBT) protocol. There are two fundamentally
independent concepts - Browseability and Accessibility. Browseable means
visible from the Windows Network Neighborhood. Accessible means having read or
write access. Problems can arise from issues with either of these concepts or
both. Shared resources can be browseable but not accessible, or accessible but
not browseable, or as you probably like it, both browseable and accessible.
In OSX, the Samba smbd
daemon handles user authentication and sharing, and the nmbd daemon handles
name services and browser elections. The Systems Preferences Sharing pane
"Windows Sharing" option starts and stops the Samba daemons.
The file /etc/smb.conf
contains the Samba configuration and can be modified to provide more
functionality, including share other folders or volumes.
The terminal command
ÒtestparmÓ will test the validity of a Samba configuration file and also
display all the current values, including the defaults. Piping testparm into
grep is a good way to see related samba parameter settings. Eg. ÒTestparm |
grep winsÓ will show the wins related parameters.
HereÕs the default MAC OSX
10.2 configuration file parameters:
[global]
client
code page = 437
coding
system = utf8
guest
account = unknown
encrypt
passwords = yes
[homes]
comment
=
User Home Directories
browseable
= no
read
only =
no
create
mode = 0750
If you define a workgroup,
say MYGROUP, in the Directory Access > SMB > Configure pane, and/or if
you define a WINS address, smb.conf globals will include the following
parameters:
[global]
...
workgroup = MYGROUP
wins address = IP address
...
although as stated
elsewhere, setting a WINS address currently causes a OSX browsing issue and is
not recommended.
A key function for
successful Windows File Sharing by name is the availability of a names
resolution service that maps server names and IP Addresses. Such a service may
be provided by a DNS server or a WINS server.
Samba may be configured as
a WINS server (which does work) and as a Master Browser for your local network,
which together will help browsing and names resolution in a home network.
Other useful changes to
the default configuration, such as adding other shares are discussed below.
Browseability is the
ability to display (ie BROWSE) the names of windows file sharing servers
through the Network Neighborhood (or My Network Places in XP). Shared resources
must be declared as Browseable in the smb.conf file to be seen in the Network
Neighborhood.
One computer in the
Workgroup takes on the role of Master Browser after a Master Browser election.
A Master Browser election takes place from time to time, for instance when a
new server joins the network. A potentially arbitrary server wins the election
(depends on Windows operating system software level Ð lowest rank being an
ordinary computer, up to a Primary Domain Controller, the highest rank) and
maintains a Master Browse List which is then referenced for use by the other
servers.
A Samba server, such as on
OSX 10.2, can be configured to be the Master Browser for your home network. The
following terminal command shows typical Samba Master Browser data (if
configured so).
%cat
/var/spool/lock/browse.dat
"KENWHITE" c0001000 "KENNEDY-MAC" "KENWHITE"
"WHITEW-TI" 40019a03 "Samba 2.2.3a"
"KENWHITE"
Browsing problems can
arise if the Master Browser is disconnected from the Network - until another
server takes over that role (one will automatically after a long wait). Servers
also use broadcasting as a last resort mechanism to discover shared services.
This can take a very long time - up to 10's of minutes, or longer. Having a DNS
or WINS server seems to considerably enhance browsing, ie finding and showing
computers with SMB services in the Network Neighborhood.
SambaÕs own default name
resolution order is found out from the Terminal:
%testparm | grep order
name
resolve order = lmhosts host wins bcast
Something that can cause
browsing confusion because browse lists are only updated every so often is when
a server on the network changes its NetBIOS name, its IP address, or its workgroup/domain
name. Such name changes can take a long time to be reflected in browse lists.
Accessibility is the
ability to ACCESS (mount, read or write) a share.
By default, Samba in OS
10.2 is set up only to share the special so-called [homes] share. In OS 10.2,
this share is the user Homes folders Ð ie the individual homes folders under
/Users.
So shares that are not
shown in the Browser may still be Accessible. For instance in the Connect to
Server browser of OS 10.2 enter the cifs address for a known accessible share
as follows: cifs://servername/sharename or, if names resolution is an issue,
use cifs://IpAddress/sharename.
Similarly, from Windows, access without browsing can typically be
accomplished through the Map Network Drive dialogue or in the Start > Run
> Command window
>net use driveletter: \\servername\sharename.
And to disconnect ..
>net use driveletter:
/delete
SMB can be used for
Windows Printer Sharing. But in OSX 10.2, CUPS printing is available. See the
following Apple Discussion User-submitted FAQÕs:
Printing
to a printer connected to a PC from a MAC.
Printing
to a printer connected to a MAC from a PC.
The following features and
functions may be enabled by editing the Samba configuration file,
/etc/smb.conf.
- add other shares. Any legitimate path,
including non-startup volumes, may be a share.
- become Master Browser for your local
workgroup (take control of elections and stabilize browsing). See log.nmbd for
log information.
- provide WINS services for your local
workgroup and improve name resolution.
- limit access to your Samba server to
local client IP addresses.
- enhanced logging: set log level 2 for
useful details. Monitor log files log.smbd, log.nmbd in /var/log/samba. The
Terminal ÒtailÓ command is useful here. For example: tail Ðf Ðn20
/var/log/samba/log.smbd
- enable a
"guest user". Allows access determined by user "Other"s
permissions for shares with guest access.
Here are four possible
ways to edit the /etc/smb.conf file:
-
use a terminal editor
such as vi or pico from root
-
use TextEdit when logged
into OSX as root
-
use the Samba Web
Administration Tool (SWAT) Ð but see 7.2 re SWAT
-
GUI interface, SSP,
available at the xamba
site
Highly recommended to make
a copy of smb.conf before attempting any changes. SSP does this automatically,
and it will also provide you with the ability to manage multiple configuration
files. You can easily add additional shares with SSP. Using SSP is the quickest
way to go, including the ability to modify whatever parameters you wish using
the ÒtextualsÓ tab and is highly recommended.
HereÕs a complete configuration
file to illustrate each of the above options:
[global]
client
code page = 437
coding
system = utf8
guest
account = unknown
encrypt
passwords = yes
; identify my computer
WindowÕs name and Work Group
server
string = samba %v on
OSX 10.2.4
netbios
name =
kennedy-smb
workgroup
=
KENWHITE
; enable detailed logging
to /var/log/samba files
log
level =
2
; make my computer the
Master Browser for the local workgroup
os
level =
65
preferred
master = yes
domain
master = yes
local
master = yes
; make my computer a WINS
server
wins
support = yes
; define how to
authenticate a guest user
; here, is any
unregistered user
map
to guest = bad
user
; restrict SMB access to
LAN clients
hosts
allow =
192.168.1. 192.0.2. 192.168.0.
; now the shares Ð first
the non-browseable, special homes share
[homes]
comment
=
User Home Directories
browseable = no
read
only =
no
create
mode = 0750
; add a browseable share
on a non-startup volume
; any registered user with
correct password, or any guest
; (un-registered) user can
read this share.
[music]
comment
=
these are our music files
browseable
= yes
read
only = yes
guest
access = yes
path
=
/Volumes/XD1/Music
; add a browseable
writeable share on a non-startup volume
; users must have a logon
id and a read/write accessible share
[firewire]
comment
=
these are more user files
browseable
= yes
read
only =
no
path
=
/Volumes/XD1/Users
- Samba provides share by
share read/write access control over and above standard unix permissions. So
make sure that the user share not only has the correct access defined in the
configuration file (for example, Òread only = noÓ for write access), but also
that the UNIX permissions on the file for user, group, other permissions are
appropriate. SSP has the ability to take care of this.
- browse.dat and wins.dat files in
/var/spool/lock/ if Samba is a master browser and/or WINS server.
- add the IP address of your WINS server
to your DHCP server (router) so WINS address is distributed to clients.
- by default, Samba follows UNIX links
including folders, files, and links into other volumes.
The following programs,
commands and files are used or located as follows:
smbd
Ð samba user authentication and sharing services
nmbd
Ð samba browse list and naming service
smbclient
sharename Ð access shares on remote server
smbclient
ÐNL server Ð get browse list from remote server
nmblookup
ÐM ÒÐÒ Ð display Master Browser
nmblookup
ÐU server ÐRS workgroup Ð lookup names on server
smbstatus
Ð show status of active shares on SMB server
findsmb
Ð list all responding smb servers (see 10 below)
smb.conf
Ð samba configuration file located in /private/etc/
log.smbd
Ð smbd log file located in /var/log/samba/
log.nmbd
Ð nmbd log file located in /var/log/samba/
browse.dat
Ð master browser table located in /var/spool/lock/
wins.dat
Ð WINS table located in /var/spool/lock/
SWAT
Ð Samba Web Administration Tool
Check
for SWAT files in /usr/share/swat
Other
SMB binaries located in /usr/bin Ð ls smb*
Also see extensive man
pages.
MAC OSX 10.2 requires all
short names to be lower case and they may not contain any special characters.
Short names and their passwords are the key to successful Windows File Sharing
Authentication. Passwords may contain upper and lower case. Be aware of
possible CAPS LOCK. Note AppleÕs Samba implementation preserves case, defaults
to lower and is insensitive to case as the following testparm command shows:
testparm
| grep case
default case = lower
case sensitive = No
preserve case = Yes
short preserve case =
Yes
The best recommendation is
that all short names on all shared PCs and Macs are the same for everybody. The
Mac must be configured with a user with the same short name as on client PCs.
The following command
verifies that the MAC is exporting shared resources using the USER security
mode:
testparm
| grep security
security = USER
This means that to access
shares, both a valid user and valid password must be provided. (With the
exception that if so configured, a non-existent user Òbad userÓ may be given
ÒguestÓ access).
In Windows 98 and similar,
an alternative file sharing security policy (= SHARED) doesnÕt require a user
and password for access to the computer. Any user may access the computer.
Access to a share is password protected. The user must supply the correct
password for the share.
It is possible for
different systems to have different users and different security levels, but
that can causes confusion.
Generally it is a good
idea to keep all DOMAIN names, WORKGROUP names, and SHARE names short and
simple Ð I donÕt know the specific Windows requirements. It appears that DOMAIN
and WORKGROUP names are always treated as UPPER case. Use only letters and
numbers for maximum chance of success.
This useful Terminal
command is not included in the Jaguar release, but is part of the standard
Samba distribution and can be added to MAC OSX.
So here's what it can do
by way of example from the Terminal:
[whitew-osx:~] admin% sudo
perl /usr/bin/findsmb
Password:
IP ADDR
NETBIOS NAME
WORKGROUP/OS/VERSION
---------------------------------------------------------------------
192.168.1.100 KENNEDY-SMB *[KENWHITE] [Unix] [Samba 2.2.3a
(build
192.168.1.104 JASON-SMB [KENWHITE]
[Unix] [Samba 2.2.3a (build
As can be seen, the
command will list the IP address and the computer names for all the Windows
servers that respond together with the workgroup, which operating system and
any comment. Windows servers can be any of the Windows variety or any SMB
server including Jaguar systems.
Full documentation is
provided in the standard Òman pageÓ.
The command is actually a
perl script file, "findsmb". However, it's not included in the Jaguar
distribution. It needs to be configured and installed manually. What I did was
copy the CVS source from the Samba site and modify the one parameter line that
tells findsmb where the samba binaries are. In OSX the correct parameter is:
$SAMBABIN =
"/usr/bin";
For people interested,
download findsmb (configured for MAC OSX) from my homepage site at http://homepage.mac.com/william_white
and download from the file sharing area.
findsmb needs to be stored
in /usr/bin along with the other smb programs. It needs to have the correct
ownership and permissions as follows:
[whitew-osx:~] admin% ls
-l /usr/bin/findsmb
-rwxr-xr-x 1 root wheel
3972 Feb 22 17:17 /usr/bin/findsmb
Then to run the command
using perl (must be run as root, so sudo) as follows:
sudo
perl findsmb
and enter password when
prompted.
Note the caviats mentioned
in the documentation and in the man pages
#!/bin/perl
#
# Prints info on all smb
responding machines on a subnet.
# This script needs to be
run on a machine without nmbd running and be
# run as root to get
correct info from WIN95 clients.
#
# syntax:
# findsmb [subnet
broadcast address]
#
# with no argument it will
list machines on the current subnet
#
# There will be a
"+" in front of the workgroup name for machines that are
# local master browsers
for that workgroup. There will be an "*" in front
# of the workgroup name
for machines that are the domain master browser for
# that workgroup.
#
:
Name Ð Diagnosing Microsoft Windows networks and Using SMB in MAC OSX 10.2 (Jaguar) at http://homepage.mac.com/william_white/smbdoc.html
Author Ð William White
Email for feedback, comments, and suggestions only Ð William_white@mac.com
Questions Ð post to Apple Discussions at http://www.apple.com/support
This version dated: 25-Sep-03