I reinstall Ubuntu 16.04 Desktop 32bit on an old laptop and setup samba as https://tutorials.ubuntu.com/tutorial/install-and-configure-samba#0 mentions. When I try to connect from a Windows 10 or Windows 7 machine I get the following:
Windows can't communicate with the device or resource(192.168.1.50)
The resource is available but is not responding to connection attempts.
any suggestion?
I had a similar problem.
The problem is that Windows did not ask me for the samba user credentials and only generated an error 0x80070035.
So I did the following:
Go to "This PC"
Click on "Map network drive"
As Folder add "\\samba server IP \ share name"
Check the "Connect using different credentials"
Finish
Now windows should ask you the samba user credentials.
I have this problem and able to fix this with Windows 10 and Ubuntu 20.04 Focal Fossa without installing SMB v1 or change the regedit. There are few things need to be changed in /etc/samba/smb.conf
passdb backend = tdbsam
security = user
Change the networking
#### Networking ####
# The specific set of interfaces / networks to bind to
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred
interfaces = 192.168.100.63 wlp1s0
bind interfaces only = yes
And change user
#map to guest = bad user
force user = username
Don't forge to add your username into smb. The detailed step with images documented over here:
https://www.yodiw.com/install-samba-ubuntu-20-04-and-windows-10-sharing/
In /etc/samba/smb.conf should add this
[global]
client min protocol = SMB3
client max protocol = SMB3
In windows 10 should edit this
enter in Local Group Policy Editor (search in windows) Computer Configuration -> Administrative Templates -> Network -> Lanman Workstation -> Enable Insecure Guest Logon - Enabled
After a long battle with accessing samba share located on Debian VM from Windows 10, these steps saved my life:
Open the Local Group Policy Editor (gpedit.msc).
In the console tree, select Computer Configuration/Administrative Templates/Network/Lanman Workstation.
For the setting, right-click Enable insecure guest logons and select Edit.
Select Enabled and select OK.
You can also take a look at the EventViewer to inspect the Microsoft-Windows-SMBClient/Security section. In my case there was an error "Rejected an insecure guest logon." before above steps was applied.
More info can be found here - https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/guest-access-in-smb2-is-disabled-by-default
Samba (SMBv1 protocol) is no longer supported on Windows 10. To temporarily re-enable the SMBv1 protocol on Windows 10 follow these steps:
Open Control Panel.
Click on Programs.
Click on Turn Windows features on or off link.
Expand the SMB 1.0/CIFS File Sharing Support option.
Check the SMB 1.0/CIFS Client option.
Click the OK button.
Click the Restart now button.
I hope that helps. You should only use these steps as a temporary solution.
Reference: https://www.windowscentral.com/how-access-files-network-devices-using-smbv1-windows-10
Related
I had one client who could not connect to a samba share giving the error that the credentials where wrong while I was sure they where not.
This happened suddenly on a laptop with Windows 10 while other clients with Windows 10, Windows 7 and Ubuntu etc. all where able to connect.
At first I was suspecting the problem beeing a change in the hash or key for the share - and maybe it really was because Putty was saying so when I tried to SSH into the server.
But I could not find any saved connection to delete with net use.
The solution was to change a setting in secpol.msc which is accessible as administrator via the search even in Windows 10 Home.
I had to set LAN-Manager-Authenticationlevel to just send NTLMv2.
You will find this setting under Security settings -> local -> Security options -> Network Security: LAN-Manager-Authenticationlevel.
(I translated this from German. Feel free to edit with nativ english wording.)
I'm attempting to configure an SMB file sharing server on a Windows CE 6 device.
My initial attempts have mostly been with the desktop version of NK.exe.
When I start, SMB0: is running as smbserver.dll
I've set (hopefully) suitable registry values, and then re-started the SMBServer process:
services refresh SMB0:
However, I never see the service advertised when I attempt to attach an SMB client (for example, by looking for file shares in desktop windows, or attempting to connect an SMB client to the IP address of the WinCE device.
I wonder if it's necessary for the SMB registry settings to be available at boot time? My devices is NOT using a hive-based registry, so the registry settings aren't available a boot time. I'd hoped that refreshing the SMB server process would be enough to get file sharing going. That way, I can just set the registry values programatically in my application program, restart the SMB service, and not have to rebuild the kiosk NK.exe (the kiosk NK.exe seems to include the smbserver.dll - it was built by a not very competent third party, and the tools to rebuild it go back to Visual Studio 2005. It would be "interesting" to rebuild NK.exe).
Do I need to rebuild the OS to use a hive-based registry?
Any ideas?
My registry settings are all under HKEY_LOCAL_MACHINE:
Ident\Name "aName"
Ident\Desc, "A string"
Ident\OrigName "Another string"
\Services\Smbserver\SMB\Shares\VirtualRoot\Type Dword:0
\Services\Smbserver\SMB\Shares\VirtualRoot\Path "a valid path"
\Services\Smbserver\SMB\Shares\VirtualRoot\UserList "*"
\Services\Smbserver\AdapterList "*"
\Services\Smbserver\Keep DWord:0
\Services\Smbserver\Prefix "SMB"
\Services\Smbserver\Index DWord: 0
\Services\Smbserver\SHARES\UseAuthentication DWord:0L
As you can see, I've temporarily turned authentication off - I'm hoping to start by getting this to work in the CE desktop environment, and then add authentication, and getting it to work in the kiosk environment.
I'd be grateful for any help!
I would say you need to set "Keep"=dword:1 as per the MSDN docs:
Keep Default set to 1. If this is set to zero (0), the DLL will be
unloaded immediately after initialization.
The SMB server does not require a hive-based registry. We've used it on multiple projects with only a RAM-based registy.
For reference, these are the registry settings we use on CE 7 to expose the root folder as \\<IP address>\Root:
[HKEY_LOCAL_MACHINE\Services\SMBServer\Shares\Root]
"Path"=""
"Type"=dword:0
[HKEY_LOCAL_MACHINE\Services\SMBServer]
"AdapterList"="*"
"Keep"=dword:1
"Prefix"="SMB"
"Index"=dword:0
"DLL"="smbserver.dll"
"Order"=dword:12
[HKEY_LOCAL_MACHINE\Services\Smbserver\Shares]
"UseAuthentication"=dword:0
"NoSecurity"=dword:1
There's another issue at play here, which is that the Windows CE 6 SMB server default to using NTLM ver 1. Windows 7 and above, by default, require NTLM version 2.
In order for your Windows 7+ system to see the SMB share, it's necessary to modify the security policy:
On Windows 7, run secpol.msc, find Security Settings -> Local Policies -> Security Options. Look for LAN Manager Authentication Level, and set it to 'Send NTLM response only’
I have an address for the shared folder in network:
\\SOMEUSER\folder
How can I open that folder?
Nodes in a network are mostly grouped.
You can try:
\\<groupOfNode>\<node>\[folder]
If both of you use default group it can be like:
\\workgroup\<node>\[folder]
Following latest update to win10 version 2004, I had a difficulty to re-connect to shared computers that use insecure guest logons.
Initial I tried to enable insecure guest logons through Administrative tools.
Computer Configuration -> Administrative Templates -> Network -> Lanman workstation
and set Enable insecure guest logon to enable
It appears this does not change the registry. You actually have to set this in the registry directly.
regedit
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
and set AllowInsecureGuestAuth to 1.
et voila I got my access to shared computer working again.
I am running SQL Server 2012 Evaluation Edition (64-bit) on windows azure. I can remote login from my laptop. But when I'm tring to login from my desktop it says :-
Remote Desktop can't connect to the remote computer for one of these reasons:
1) Remote access to the server is not enabled
2) The remote computer is turned off
3) The remote computer is not available on the network
Make sure the remote computer is turned on and connected to the network, and that remote access is enabled.
I can't figure out what's the problem .
Thanks guys I found the solution. It was Norton Internet Security which was blocking the port 3389. Then I found a solution here : http://www.symantec.com/connect/forums/issue-windows-7-remote-desktop-2010-internet-security#comment-3515591
Followed these steps :
To get get remote desktop to work with NIS 2010 you need to open NIS then click Settings in the Network part of the GUI.
You then under Smart Firewall you Click on Configure On Advanced Settings.
Then on General Rules Click Configure. Then ADD Select Allow and then next and Select Connections to and From other computers.
Then Click Next under what Computers leave at Any and select Next.
Then Select the Type of port and select Only Communications that match all types and ports listed below: and then Click Add to add the port you need to select Individually specified ports as Remote desktop isn't listed as a port.
And enter the port 3389 you need to add it for both Local and Remote.
Once both Local and Remote are in there click next.
Select Log and or NAT traversal and click next.
Name the Rule you made click next and Finish if it looks correct.
Then Click OK to close all the NIS windows and it will now allow Remote desktop connection throught NIS 2010
Your proxy or firwall might disabled the port 3389 which is used for RDP...
And try to ping the url(http://yourRole.cloudapp.net) of your server from the desktop...
To debug some code, I would like to view the Windows event log of a remote machine (target is Windows2003). With mmc.exe I can add the event log for a remote machine, but only if I have sufficient permissions. For this remote machine, they do not want to give me permissions to log in remotely (or admin privileges for that matter). Is there a specific permission I can be given to view the event log and not much else?
On newer Windows versions (Windows 7, Windows Server 2008...) you can simply add the corresponding account to the built-in group Event Log Readers.
Source: Jane Lewis's Weblog on TechNet, Giving Non Administrators permission to read Event Logs Windows 2003 and Windows 2008
This source also describes an alternative if you need more fine-grained control.
(The OP asked for Windows 2003, where this method doesn't work, but as Windows Server 2003 is no longer supported, people might be interested in this method.)
For the security log, users need the privilege "Manage auditing and security log"
For the system and applciation logs you should be able to read them as just a guest unless they have set the RestrictGuestAZccess value under the following registry keys:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog\System
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog\Application
One Option is to get a local ID that is on the remote local admin group.
Next, from your system, map to a drive on the remote server using the new remote local ID.
Create a new MMC from the Windows Run start menu - by typing in MMC /a
Add the EventView Snap-in
When it prompts you for local or remote server - put in the Host name of the server that you mapped to.
Tip: Windows uses established secure connection - if it can. Hence the map a drive trick work VERY well.
Please Note: I use this trick with WMI query(s) - hence the query never fails do to a timeout issue.
Joshua Flanagan outlined a process to delegate rights through modifying the security descriptor of the event logs.
Please add the domain user (without admin rights) to the "Event Log Readers" group on the target server. Then, from the source server, you can use the standard user credentials to access and read the event logs on the target.
If you could enable web access to the server then you could use an eventlog viewer page that I published a while ago. This would allow the administrators to run the website with just enough permissions to see the eventlog without granting you an account to login...