On Thu, 17 Jul 2008 20:08:49 -0700, Skunk Worx wrote: > Michael Schwendt wrote: > > On Wed, 16 Jul 2008 19:01:59 -0700, Skunk Worx wrote: > > > >> Example : > >> > >> $ smbclient -A /tmp/foo -N //192.168.200.10/a_share -D / -c ls > >> > >> Where : > >> /tmp/foo contains : > >> > >> username=uname > >> password=pass > >> > >> Under F7 this worked fine. The -N (or --no-pass) option helps deal with > >> broken credentials files (/tmp/foo) so no prompt is requested or shown. > >> For example in scripts, which should not hang. > >> > >> Under F9 this fails with : > >> Anonymous login successful > >> Domain=[FOO] OS=[Windows 5.0] Server=[Windows 2000 Lan Manager] > >> tree connect failed : NT_STATUS_ACCESS_DENIED > >> > >> I don't see anything in bugzilla about this. Should I bz or ask > >> elsewhere about this? > > > > Options -A and -N are unrelated. Both skip the password prompt to > > make smbclient non-interactive. -A because it can read the credentials > > from a file. -N because it is used when no password is needed (login > > as guest/nobody). Either one worked for you, but access to the share > > was denied. What do you think is the bug? > > > > I definitely think -A and -N are related, because : > > 1) Sometimes a credentials file has a username and no password. Why? password= in the credentials file skips the password prompt, too, when no valid password is required. > Without > -N it prompts for the password; with -N it does not, and is suitable for > a script, and should fail without prompting, whereas from the command > line, as a test, it prompts, using the same credentials file either way. > > 2) If the credentials file is mangled, e.g; a sysadmin has misspelled > 'password=', -N prevents the broken -A file from hanging the script. Misspelled or invalid credentials files make a script more difficult to debug anyway. Admin doesn't know whether the login failed or whether smbclient submitted the null password because of -N. When not using a credentials file but entering the password in the command-line, -N even overrides the given password with the null password. So, for debugging a script, this is not helpful. > Today I found removing -N from the above example only improves things. > > On F9 : > Adding the -N option causes 100% failure. Without the -N option, the > example command works about 80% of the time. The other 20% of the calls > give the "anonymous,tree connect,NT_STATUS_ACCESS_DENIED" as described > above. Let me sum up: Even without -N you get access denied at 20%. So, your authentication problems are unrelated to -N. That's impossible to comment on without verifying the Win2000 share setup. Can you confirm F9's smbclient behaviour when accessing a local Samba share? > On F7 : > Same scripts, same subnet, same server : 100% success. > > Since mount -t cifs appears to be 100% reliable on F7 and F9, and > supports credentials files, I plan on abandoning the smb tools and > re-writing the scripts unless something changes very soon. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
