Trying to access Openfiler 2.3 samba shares using older MS DOS LanManager v2.1 Netbind clients (netbootdisk, when ghosting) does not work out of the box, so I made some “hammer style” tweaking in order to login from the netbootdisk MS DOS LanaManager client into the Openfiler 2.3 Samba shares (the filer is AD member and hosts many PC ghost images).

1. Edit /opt/openfiler/var/www/includes/generate.inc and after the lines:

$ac_smb_fp->AddLine( “password server = ” . $ac_aresult[25]);
$ac_smb_fp->AddLine( “realm = ” . $ac_aresult[32]);
$ac_smb_fp->AddLine( “; interfaces = ” . “192.168.12.2/24 192.168.13.2/24″);
$ac_smb_fp->AddLine( “; remote announce = ” . “192.168.1.255 192.168.2.44″);
$ac_smb_fp->AddLine( “; domain logons = ” . “yes”);
$ac_smb_fp->AddLine( “log file = /var/log/samba/%m.log”);
$ac_smb_fp->AddLine( “max log size = 0″);
$ac_smb_fp->AddLine( “; hosts deny = all”);
$ac_smb_fp->AddLine( “map to guest = Bad User”);
$ac_smb_fp->AddLine( “guest account = ofguest”);

insert:

$ac_smb_fp->AddLine( “lanman auth = Yes”);
$ac_smb_fp->AddLine( “client lanman auth = Yes”);
$ac_smb_fp->AddLine( “client NTLMv2 auth = Yes”);

Beware: these 4 extra lines will go away after updating the samba package or the opefiler program (conary etc), but they will be still present after making changes to shares using the filer web interface. (Do not poke the bear! once the openfiler is well setup, I don’t do any updates).

2. Add userfoo into the local /etc/samba/passdb.tdb collection with:

smbpasswd -L userfoo

(more likely the same password as in the AD)

3. Add userfoo into a local UNIX group like nagios, in /etc/group, BTW you did setup nrpe on the filer, isn’t you?

4. Add read/write permission on the SAMBA share for the local UNIX group (nagios) using the filer web interface.

Using netbootdisk userfoo was able to login and map network drive into Openfiler samba share.
In memory of Jason Litka (rumblem etc)

Tags: Openfiler