Home > Linux > New Linux Distros, Old Problems New Linux Distros, Old Problems Submitted by TTF 2004-11-23 Linux 36 Comments Several new distributions make communicating with a Windows network more difficult than it should be. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 36 Comments 2004-11-23 10:56 pm Personally I think its a joke that they even attempt to support SMB in gnome seeing how flakey it is.. it certainly shouldn’t even been enabled by default. 2004-11-23 11:12 pm Oh no, bad support for a badly designed buggy file sharing system; you’ll live. If you’re so set into windows that windows file sharing is critical to your operation; well good luck getting anything but Windows (Maybe OS X’s nice implementation of smb will work well) to work without being very good with your OS of choice. You had a working version before, why are you upgrading? Seriously, you can’t be bleeding edge and expect everything to work; just because they offer a new version doesn’t mean you should migrate. If windows had a 6 month release cycle….. 2004-11-23 11:12 pm This is so true. I actually made this work in SUSE, on two different PCs, but I dread th eday when I’ll try to install 9.2. No other distro ever made this work out of the box. 2004-11-23 11:31 pm Am I missing something here? With KDE on mdk10.1OE, I simply open konqueror, and enter: smb://ipaddressofserver up pops a dialog for authentication, and I’m on the server. Am I just lucky? Am I doing something wrong? Is there some feature I’m missing out on because it’s so easy? I don’t get it. Matt 2004-11-23 11:40 pm That’s odd. I was specifically impressed by Ubuntu’s ability to handle SMB out of the box. Now that i think about it though, i think the shares were on a Fat32 partition, maybe NTFS is his problem. Dunno. 2004-11-23 11:51 pm Well… I am happy to know that I am not alone in this stupid situation … Used samba with Mandrake 9, SuSE 9.1 and gentoo, but … I was trying to imagine myself supporting a migration from Windows XP to Linux at one small customer I have, and, I am really scared of all the trouble I will have on that small 20 PCs and 1 server network. Will try the XSMBrowser… Maybe I try Xandros… 2004-11-23 11:55 pm …is all you need to fix this problem with no headache. Perfect SMB support. Albeit, it’s a little old and does cost a pretty penny. Worth it IMHO though. 2004-11-24 12:00 am I’ve never really had any honest trouble with SMB for the most part. Also I have NTFS shares on my Windows boxes which happen to function perfectly. I’m not so sure why this wouldn’t work so easily. I guess it’s a poor situation when coming from a Windows arena. SMB could be made to work a lot more easily though it seems like from a few distros though. As for the bleeding edge part: That’s true, it could very well be the case that 9.1 works fine, you never know. I just don’t see SMB changing its code so much to cripple it, but it could very well happen. Yast may have something to do with it also. 2004-11-24 12:20 am You can download an open circulation edition free, although its little a bit slower than Windows98 Network neihgbourhood in terms of clicking “windows network”…Plus you get he added benefit of no Konqueror, which is a big relief IMO. WHy is it the only distro that connects with Windows? What’s wrong with Suse and Fedora, etc. Oh yeah, completely unexpectadly, http://www.xpde.com/ XPde connected to Windows as well. WTF si wrong iwht Gnome and KDe though?? 2004-11-24 12:24 am smb4k. Try it. 2004-11-24 12:27 am THat’s included on SimplyMepis. I can’t see any use for it though, it annoys me that it’s not integrated into Konqeuror. WHy can’t it jsut work without a separate tool? 2004-11-24 12:38 am Exactly this is the problem: you have to know that you have to type this dumb “smb://”! I can’t understand why, they don’t add a simple silly icon to the sidebar! One of the biggest KDE usability issues would be gone. 2004-11-24 12:40 am > Maybe OS X’s nice implementation of smb will work well Hmm, OSX just uses Samba. The current intergration with Finder is quite good, a few release back it used to hang in certain situations. I have no problem filesharing with Samba on my gentoo box, or even my Win2k box. But when I want to do file sharing adhoc with a mates WinXP i’ve always ended up resorting to FTP! Not sure what the problem is, always been in a hurry to just get the file. Also investigating Samba issues isn’t that easy. 2004-11-24 12:47 am while SMB works okay much of the time, there are definite problems when trying to connect to a Windows network that has domain authentication–at least in Gnome. SMB4K work *okay* but even it has problems. xSMBrowser is not bad either–but personally I’ve had the best luck with SMBC. Yes, it’s text based and ugly, but it actually does the job and is the only tool I’ve found that consistently allows me to browse a Windows network that has domain authentication, not just directly access a share. Nautilus has big problems with this, but fortunately, work is currently underway to fix some of the bugs in the gnome-vfs that are part of the problem. Once that is done, Nautilus should work much better with a Windows network. In the meantime, I recommend smbc. 2004-11-24 12:47 am It usually works well for me too, but I do have some trouble setting up smb shares; but that’s partially because of my distrust for the mechanism as a whole. 2004-11-24 1:18 am He tries Suse 9.2, finds all the stuff works in KDE – that obviously really disappoints, him so he tries Gnome, discovers it doesn’t work and then says Suse can’t browse Windows shares. Fabulous! He blames Mandrake on the same basis. In KDE I simply put in my local network details, Lisa takes care of the browsing (which works far better than Windows browsing and all with DNS), I point to a machine name, click on SMB, click on a share, input any username and password and voila – perfect browsing! KDE, and any KDE using distro, has these options and there is also the Samba set up component and extensions to Konqueror. They need to be simplified a great deal, but hey – they work. I’ve had problems getting Samba to work with Gnome. Either I just can’t get it to work or I get it to work and I can’t get into the shares, or I try and view a file and it then decides to download the whole bloody file to my local machine. Then after a while, it decides not to work again. I’ve no idea why. Anyway, I think someone wants tell this guy that not even XP works completely out of the box in a Windows network. You have to do some setting up, setting a workgroup or you may have to join a domain. He doesn’t mention any of that. 2004-11-24 1:32 am I spent about 3 weeks trying to get a PC running Mandrake 10 to work properly on my home Windows network. Despite reading numerous tutorials and guides I never got it working reliably. This is one of the main things that made me give up on Linux, it just isn’t worth the hassle when Windows networking is so easy. 2004-11-24 1:42 am You guys think that is bad! Try setting up Samba Server/Client via SuSEFirewall2 to play with an existing Windows network. It will drive you INSANE!!!!!!!!!!!!!!!!! I da#n near read every single howto and user forums to figure it out. I’ve had this problem since 9.1 and 9.2. To this day. No LUCK; Unless of course I disable the firewall. Then it works flawless. GO FIGURE!!! I will try SMBC & xSMBrowser tomorrow. 2004-11-24 1:49 am …. I surely missed the line where you said you did look into the 1500 pages of SuSE documentation before you ruined the system, didn’t I…? Jesus, SuSE is a KDE distro, if you want Gnome so badly, get something else. 2004-11-24 2:44 am I just set samba up to be a primary domain controller for my network. it really wasnt that hard. the best tool for seting up samba IMHO is webmin with the samba plugin. setup shares, users, and the like. Now for browsing samba shares iv always either used smbclient via the command line or LinNeighborHood. also if it is a share you use everyday you could add it to fstab. i havnt tried out gnomes smb browsing in nautilus in a while because i use xfce4 which has a built in smb browser in the file manager which does a great job for workgroup browsing. 2004-11-24 3:33 am I resorted to smbmount (even put entries in the fstab) for my windows networking woes. I’m not even sure smbmount even exists anymore (needed an extra package on Ubuntu?) The problems I usually get problems with authentication or listing of remote shares. Generally if you get past all of that it can work. It’s nowhere near reliable enough though. My plan is actually to get rid of the windows server altogether and build a replacement using Samba. I blame Windows for my linux problems. (What? No one else questions that kind of logic) 2004-11-24 7:29 am I dont even bother. I haven’t escaped windows to be dragged down by trying to move files using its filesharing protocol. If you have a home network, and you want to move files between *nix and windows computers, then just use ssh/ftp. I’d be willing to bet its more secure and it’ll work for any os. Is it really that hard to set up? Not as hard as samba by my guesses. apt-get install vsftp; add a user. add a bookmark on the windows machine in IE that goes along the lines of user:firstname.lastname@example.org and your good to go. IE supports drag and drop to ftp sites. If your part of a business and you cant do that, then yeah, I suppose samba has a place. Though I still think home users should try to avoid it. 2004-11-24 8:26 am Ubuntu had no problems authenticating and read/write files on windows 2000/xp file shares of fat32 or ntfs. Though i had some problems with printer sharing, but after some fiddling even that works. I have some links on my desktop from gnome-vfs and with the keychain it automaticaly login after the first time, works like a charm… 2004-11-24 8:32 am I see various applications here, but does anyone know: do these use a general authentication library? I mean, why reinvent the wheel? Combine the powers to get a library which works well and use that. 2004-11-24 2:20 pm The real issue can be summed up thusly: Samba is broken. The whole reason for Samba to exist is to interface with Windows fileshares. And to its credit, it kinda works. I have worked with several different distros, from Slackware, Red Hat, Ubuntu, Mandrake, Suse, and some others…and they all have issues with user level security. For instance: I set up a Samba server, share level security, and it works; change to user level and nobody can access the share. Nobody. Not the person who is supposed to, not root. It’s locked out. I followed the Samba documentation (version 3.0) exactly. I set up a share the same way they show you, the only difference is the IP address of the machines. Samba is broken. Blaming Windows is not the case since I’m trying to connect via Samba to Samba as well as from Windows to Samba and Samba to Windows. It all fails at User level security. It’s broken. Short answer: you want a Windows fileshare? Install a spare copy of NT/2000/XP and off you go. Samba wil make you want to kill people. It’s just not worth it. 2004-11-24 2:44 pm Samba isn’t broken. You just don’t know what you’re doing. I bet that you forgot to set user passwords with smbpasswd. Samba can’t use the Unix password file. Or if it wasn’t that, then it was something else, but it wasn’t Samba. I have 5 Linux machines running Samba and user authorized shares work on all of them. 2004-11-24 4:40 pm As soon as I opened the Network place I could see all my shares. I’m running the samba server on another Ubuntu box as well, everything works fine. 2004-11-24 5:09 pm Zan, nope I did those things. Didn’t you read what I said? I told you that I copied the examples exactly–and I knew about smbpasswd already. The issue is that Samba is a POS. 2004-11-24 5:35 pm For Windows network integration try Ignalum Linux (it’s free!)… http://www.ignalum.com/ Here’s a walkthrough tutorial (with screenshots) on how to setup Windows Domain authentication ‘securely’ using Ignalum… Xandros is actually very insecure as account info (+passwords) are transmitted through the network in cleartext form when authenticating users. Use tcpdump and see for yourself! Windows/Linux Network integration walkthrough tutorial + screenshots ================================================== ================== To test the Domain authentication features, you’ll need to setup a network of 3 computers and install Ignalum Linux on two of these and Windows (95/98/NT,XP,2000,2003) on the other. There are many tests you’ll need to perform to fully appreciate the true power of Ignalum Linux… Test #1 ======= ======= MACHINE #1 (Server with IP: 192.168.1.1 *any IP will do*) ================================================== ======= Install Ignalum Linux to function as a PDC/WINS/LDAP server (for a more complicated setup, you can easily run each of these services on separate machines). During the installation, you’ll need to write down several pieces of info which you’ll need later when setting up the other 2 machines (write down the following parameters under the setup screens they appear in): Network Identification setup screen ———————————– http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0004.png http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0005.png Note: This is the window you will use to setup MACHINE #1 as PDC by clicking on the appropriate radio button. – Computer Name: [use any name] eg. MYPDC – Primary DNS Suffix: [use any DNS suffix] eg. domain.com – Workgroup or Domain: [use any Workgroup name] eg. WORKGROUP Network Configuration setup screen ———————————- http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0006.png Note: This is the window you will use to setup the IP for MACHINE #1. Make sure to leave the Primary, Secondary and Tertiary WINS field blank (this will force MACHINE #1 to function as a WINS Server for the other two machines which we’ll configure later). Firewall Configuration setup screen ———————————– http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0007.png Choose ‘No Firewall’ (enabling a firewall may cause problems!) Set Root Password setup screen —————————— http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0008.png Remember this password because this will also be the password for the LDAP admin/manager. Note: when setting up the root password for the other machines, use something different (you could use the same one if you wish, but you’ll end up forgetting which account your actually authenticating to!) Authentication Configuration setup screen (LDAP) ———————————————— http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0010.png Don’t mess with these settings for this test only! Make sure to write down all of these parameters because you’ll need them later… Note: By entering the LDAP server as localhost, 127.0.0.1 or even mypdc.domain.com will mean that an LDAP Directory will be created on MACHINE #1. Your other machines including MACs, Windows, Linux can be setup later to authenticate user/group accounts to this LDAP Directory Server through IP # 192.168.1.1. … Once installation is complete, reboot your system and if things work as they should you’ll be brought into the Firstboot graphical utility. This will allow you to create a regular user account with an option to add to the LDAP Directory database server. You’ll need to provide some info before the account is added to LDAP. Firstboot setup ————— http://www.ignalum.com/downloads/pub/screenshots/s creen2.png http://www.ignalum.com/downloads/pub/screenshots/s creen22.png http://www.ignalum.com/downloads/pub/screenshots/s creen23.png – Base DN: [dc=domain,dc=com] – User Branch: [ou=Users] – Group Branch: [ou=Groups] – Bind/Root DN: [cn=root,dc=domain,dc=com] – credentials: [your root password on MACHINE #1] After you have logged in, you can use the graphical tools available to manage your LDAP Directory server. From the start menu click on System Settings -> LDAP Directory Manager or System Tools -> LDAP Directory Browser. 2004-11-24 5:37 pm MACHINE #2 (Workstation with dynamic IP: 192.168.1.X *must have a DHCP server already set up*) ================================================== ==================== Install Ignalum Linux to function as a Domain member server. Network Identification setup screen ———————————– http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0002.png http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0003.png Note: This is the window you will use to setup MACHINE #2 as Domain member by clicking on the appropriate radio button. – Computer Name: [use any name] eg. OBELIX – Primary DNS Suffix: [use any DNS suffix] eg. domain.com – Workgroup or Domain: [use any Workgroup name] eg. WORKGROUP Network Configuration setup screen ———————————- http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0006.png – IP/Netmask: DHCP – Set hostname automatically via DHCP – Primary WINS: 192.168.1.1 Firewall Configuration setup screen ———————————– http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0007.png Choose ‘No Firewall’ (enabling a firewall may cause problems!) Set Root Password setup screen —————————— http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0008.png This root account is only necessary for logging into MACHINE #2 (this machine). Choose a unique password. Authentication Configuration setup screen (LDAP) ———————————————— http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0011.png – LDAP Server: 192.168.1.1 Don’t mess with the other parameters! Make sure the LDAP server points to the PDC (MACHINE #1). Authentication Configuration setup screen (Winbind) ————————————————– – http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0012.png No need to modify these settings! Authentication Configuration setup screen (Kerberos 5) ————————————————– —- http://www.ignalum.com/downloads/pub/screenshots/a naconda-screenshots/screenshot-0013.png Setting these parameters are only necessary if we plan to join MACHINE #2 to a Windows XP/200x Active Directory domain. … Once installation is complete, reboot your system and if things work as they should you’ll be brought into the Firstboot graphical utility: Firstboot setup (MACHINE #2 requires more configuration here) ————————————————– ———– From the User Account module, select ‘Finalize Domain Login…”. This will load the Samba Configuration Tool which you’ll need to join the PDC Domain. http://www.ignalum.com/downloads/pub/screenshots/j oin_domain/screen1.png To join the domain, simply select Preferences -> Join Domain, as shown by the following screenshot: http://www.ignalum.com/downloads/pub/screenshots/j oin_domain/screen20.png A dialog window will appear which would allow you to enter your credentials (use your root account from MACHINE #1 – PDC). http://www.ignalum.com/downloads/pub/screenshots/j oin_domain/screen2.png – Select ‘join with username and password’ – Username: root – Password: [use root password from MACHINE #1] Note: The ‘Computer OU’ field is only available as an option when joining a Windows XP/200x Active Directory domain. If the join is successful, you’ll see the following message… http://www.ignalum.com/downloads/pub/screenshots/j oin_domain/screen3.png Now you’ll need to set the Winbind Auth User by clicking on Preferences -> Winbind Credentials: http://www.ignalum.com/downloads/pub/screenshots/j oin_domain/screen21.png A dialog window will be brought up, allowing you to enter your credentials (use your root account from MACHINE #1 – PDC): http://www.ignalum.com/downloads/pub/screenshots/j oin_domain/screen4.png – Username: WORKGROUP+root – Password: [use root password from MACHINE #1] After this is finished, you can create a regular user account with an option to add to the LDAP Directory database server (remotely). You’ll need to provide some info before the account is added to LDAP. http://www.ignalum.com/downloads/pub/screenshots/s creen2.png http://www.ignalum.com/downloads/pub/screenshots/s creen22.png http://www.ignalum.com/downloads/pub/screenshots/s creen23.png – Base DN: [dc=domain,dc=com] – User Branch: [ou=Users] – Group Branch: [ou=Groups] – Bind/Root DN: [cn=root,dc=domain,dc=com] – credentials: [your root password on MACHINE #1] After you have logged in, you can use the graphical tools available to manage your LDAP Directory server. From the start menu click on System Settings -> LDAP Directory Manager or System Tools -> LDAP Directory Browser. Note: These tools will allow you to manage the LDAP Directory server remotely! Anyway, here’s the BIG Test… From MACHINE #2 login as user WORKGROUP+root or WORKGROUP+[user added to LDAP from MACHINE #1 or MACHINE #2] and verify that domain authentication actually works! The following are screenshots of the Graphical Login… http://www.ignalum.com/downloads/pub/screenshots/g raphical_login/screen13.png http://www.ignalum.com/downloads/pub/screenshots/g raphical_login/screen15.png http://www.ignalum.com/downloads/pub/screenshots/g raphical_login/screen16.png http://www.ignalum.com/downloads/pub/screenshots/g raphical_login/screen17.png http://www.ignalum.com/downloads/pub/screenshots/g raphical_login/screen18.png http://www.ignalum.com/downloads/pub/screenshots/g raphical_login/screen19.png MACHINE #3 (Workstation with dynamic IP: 192.168.1.X *must have a DHCP server already set up*) ================================================== ==================== Test #2: Install Windows 95/98/NT/2000 to function as a Domain member server and join to the PDC domain (MACHINE #1) Test #3: Install Windows XP/200x to function as an Active Directory Server and use MACHINE #2 to join the Active Directory Domain. Test #4: Be creative! Ignalum Linux also provides TLS/SSL as well as LDAP IdMap support for Domain Authentication. 2004-11-24 5:45 pm Click here for the correct links to our screenshots… http://linuxtoday.com/news_story.php3?ltsn=2004-11-24-003-26-RV-SW-… 2004-11-24 8:20 pm Years pass, distros come and go, igorance remains. The fact that some people can’t solve linux configuration problems by clicking around doesn’t by any possible way mean that the distro in question (that is, any of them) makes hard to configure itself to cooperate on a windows network, share resources, files, printers, etc. Thing is, the majority of people (who are no way experts in anything, let alone linux configuration) believe what such guys tell, and save a note “linux means sweating for config” in their long term memories. Thing is, new faces (meaning: not yet windows addicts) make themselves very much more quicker comfortable in linux and find the provided tools and features compelling and easy to use. Unfortunately, these days most everyday people who try a linux variant, sit down and want to see windows. But hey, where do I click to make that wind turbine spin ? Oh, I have to type “spin turbine” ? How lame. 2004-11-24 9:13 pm Works for me on MDK / GNOME – smb:// brings up the Windows machine on my local network. I don’t use domains, though, admittedly. Maybe that’s the difference. 2004-11-24 9:33 pm To this day. No LUCK; Unless of course I disable the firewall. Then it works flawless. GO FIGURE!!! Of course it won’t work with the firewall on on the internal network you’re going to use. You’re an absolute idiot. 2004-11-25 1:55 am “To this day. No LUCK; Unless of course I disable the firewall. Then it works flawless. GO FIGURE!!! Of course it won’t work with the firewall on on the internal network you’re going to use. You’re an absolute idiot.” David, Seems how you like to ASSume! I never specified whether it was INT,EXT, or DMZ. This whole article has been about a guy, whom like me tries to communicate on a Windows enviroment via Samba Client. We are not talking about setting up a dual nic samba server/client. This has to do with one network interface, Such as my laptop! With the current setup like this: EXT: TCP:139 UDP:137,138 I even tried to open up 445 and 901 as well with no luck. If you ever played around with a sigle Samba client setup network you would also know that it will not work with just using the EXTERNAL interface with the above mentioned ports on SuSE 9.1 & 9.2. Yes, I tried smb4k, SMBC & xSMBrowser with no luck with the firewall turned on! I’m out of ideas on what to do. JD 2004-11-25 2:19 pm “The issue is that Samba is a POS.” Haha right you just don’t know what you’re doing. There are so many of these machines out there running Samba -including Unices- that its just more likely you don’t know what you’re doing (or a Microsoftie advertising for Windows fileservers). Well, get this: Samba on Linux runs about 3 times as better as Windows 2003 in terms of reliability. Note, that this is Microsoft’s original implementation. Duh?