Access to Root folder
Posted: Sat Apr 01, 2017 09:33
What is the username /password to gain access via windows explorer.
Australian Beyonwiz Forum
https://www.beyonwiz.com.au/forum/
https://www.beyonwiz.com.au/forum/viewtopic.php?f=45&t=11035
A search for windows or root would've found itWiz HQ wrote:...
ENHANCEMENTS
...
* SMB/CIFS (Windows networking) enhancements to improve security (root directory requires a username "beyonwiz" and password "beyonwiz" now ) and improve network browsing visibility
It's a Windows limitation that won't allow a Windows client to authenticate with a SMB server with more than one username/password at a time. And at the time, your PC had authenticated with the Wiz as your Windows login user name. The workaround is to connect with the IP address rather than the network name. (open Explorer and connect to "\\<ipaddress of your Wiz>\root"). That tricks Windows into thinking the Wiz represents 2 different servers (Windows Explorer can't tell that the IP and the network name are the same server).david1st wrote:I read almost everything in the new firmware update forum when the update first came out, noted it down and used it to try to login into the CIFS root folder after upgrading. It's a shame it didn't work. The change network password option did work, but only on about the 25th attempt. That screen is extremely ambiguous and its operation is clunky to say the least. NOTHING could enable me to login in to the root folder. I needed this in order to replace some carefully handcrafted timers and bouquets. Fortunately I'd backed up the backup folder and kept a copy of the previous firmware. I went back to the last version of the firmware and restored my backup. Time lost: 4 hours. Result: Nil. Happiness: Zero. It might be OK for a linux whiz, but it is not ready for even a pretty savvy consumer. I spent many hours customising the machine in minute detail over the first few months after I bought it and I enjoyed the experience, but the necessity to do it all again is extremely unwelcome.
Windows will ask for credentials, but since it has already connected to the Wiz as your Windows login user, it will not be able to use the new credentials. Believe me, I see the same thing. It asks for a password and will reject it. You will notice that the error will mention something about connecting to the same resource as a different user. Windows XP was a little better behaved in this regard.david1st wrote:In my Windows 10 there is the option to login using different credentials. It didn't work.
It should work ok on your next attempt then.david1st wrote: I got the syntax of your other suggested option wrong, so that didn't work either.
I'm still not sure what you are referring to there. Can you tell me where you are trying to do this?david1st wrote: Change Network Password: Whether to press OK or Exit is not obvious. The fact that going back in doesn't show me the last successfully entered password, but a randomly selected one is just plain confusing.
The idea is that you could use the IP address workaround that I mentioned to make that change.david1st wrote:Oh, I forgot. Editing the /etc/samba/smb.conf file is a good idea - AFTER I've got access to the root folder.
Chicken / Egg???
Actually I just tried it again, and it is giving me a simple bad password error now too. It's the same fault, just a less useful message. (I used to receive a different and more informative message). Must have been a Windows 10 update that changed that behaviour recently.david1st wrote:"You will notice that the error will mention something about connecting to the same resource as a different user. "
Tried it - no banana. Even with the correct login and password.
I don't understand how this has improved security.Grumpy_Geoff wrote:Wiz HQ wrote:...
ENHANCEMENTS
...
* SMB/CIFS (Windows networking) enhancements to improve security (root directory requires a username "beyonwiz" and password "beyonwiz" now ) and improve network browsing visibility
Entirely true. What it helps prevent, is accidental corruption of the Wiz's root file system.dRdoS7 wrote: I don't understand how this has improved security.
The user & pw are freely available.
I'm the same age and equally cranky so the root access password changes really annoyed me too. But once I got access via windows I used Editpad Lite 7 to edit the config file back to the 4.4 settings.david1st wrote:"You will notice that the error will mention something about connecting to the same resource as a different user. "
Tried it - no banana. Even with the correct login and password.
Not interested in learning telnet for one use. I'm 63 next month and too damn cranky.
I'll try loading the update again someday, when my enthusiasm recovers.
Ah - there's the black magic I needed. Before the latest firmware, I could map a PC to my T3 and copy files from the T3 to my other computers - after the 'upgrade' the "MiniDLNA server" network device disappeared and my T3 went dark: nothing could discover it.MrQuade wrote:david1st wrote:IThe workaround is to connect with the IP address rather than the network name. (open Explorer and connect to "\\<ipaddress of your Wiz>\root"). That tricks Windows into thinking the Wiz represents 2 different servers (Windows Explorer can't tell that the IP and the network name are the same server).
Operation of the MiniDLNA server shouldn't have been affected by any of this. That is a separate protocol (and best not used IMHO).nylonnet wrote: Ah - there's the black magic I needed. Before the latest firmware, I could map a PC to my T3 and copy files from the T3 to my other computers - after the 'upgrade' the "MiniDLNA server" network device disappeared and my T3 went dark: nothing could discover it.
CIFS/SMB are essentially the Windows file sharing protocol. The terminology is a bit muddled, but that is what they mean for practical purposes.nylonnet wrote: I spent most of today checking DNS settings on my router, changing T3 hostnames and passwords, turning NFS/CIFS/Samba on and off - all in an increasingly-desperate and dangerous random quest for results.
(What ARE these terms, BTW? I can't find any explanation of Beyonwiz's NFS, Samba, CISF, mountpoints et al anywhere.)
Part of your problem might be a broken SMB master browser on your network. The master browser can be any one of your Windows/SMB devices that has been elected (by all the other devices) as the master. All devices ask the master for lists of other SMB devices on the network. If your master is confused, or doesn't have up to date info, then all the other devices running SMB can have trouble finding each-other. There are ways to prioritise some devices as masters over others when it comes to elections, and it is sometimes worth tweaking some settings to ensure that well behaved devices get the job (I let my NAS do this, as it is always-on and generally well behaved).nylonnet wrote: But - finally thanks to MrQuade - I managed to see my T3 again via its (static) \\IP address\root.
Depends on what you are changing. If you are just setting up mounts, then no. If you are changing the file sharing options on the Wiz, then often the Samba services need to be restarted, and the Wiz will do that for you. Sometimes a reboot is good "just to make sure" though.nylonnet wrote: - Does the Wiz need to be restarted to enable changes?
The root password (for the root "user") is already empty straight out of the box.nylonnet wrote: - If I change the root password to <empty>, why does the Wiz not warn me that it can't be empty?
It does get a bit much sometimes I agree. In some ways it would be nice if all the jagged edges were smoothed off for a simpler end user experience. On the other hand, by exposing its guts, the T series can be used for a lot of diverse purposes if a user wants to dig for it.nylonnet wrote: One enduring drawback of the Wiz family is that - once the user enters the setup menu - the box still assumes its users are geeknerd techies who are au fait with exotic networking terms. It is still quite some distance from being a grandpa-friendly home appliance.
The release notes could have highlighted that a bit better that's for sure. But since this was an offline-only update, then on-screen warnings would be a bit redundant I think.nylonnet wrote: Also, if firmware changes (such as making a password compulsory) will break users' existing setups (e.g. network access), I'd suggest that such events are announced onscreen in comforting LARGE RED TEXT where they cannot be easily overlooked by keen upgraders who assume that business-as-usual will be resumed after the upgrade.
In my travels through the Beta phase on the T4, around the time of the change of OPKG version, I had the DLNA server not install correctly more than once. When accessing the menu for DLNA settings an install popup arose, afterwhich it became available again. Assumed it was a dud usb install and nothing bad happened. PS - I always turn DLNA off which is why I went to that menu.MrQuade wrote:Operation of the MiniDLNA server shouldn't have been affected by any of this. That is a separate protocol (and best not used IMHO).nylonnet wrote: ... after the 'upgrade' the "MiniDLNA server" network device disappeared and my T3 went dark: nothing could discover it.
Me too, but maybe not so cranky. Yet,Paul_oz53 wrote:I'm the same age and equally cranky so the root access password changes really annoyed me too.david1st wrote:"You will notice that the error will mention something about connecting to the same resource as a different user. "
Tried it - no banana. Even with the correct login and password.
Not interested in learning telnet for one use. I'm 63 next month and too damn cranky.
I'll try loading the update again someday, when my enthusiasm recovers.
What did you edit in the config?But once I got access via windows I used Editpad Lite 7 to edit the config file back to the 4.4 settings.
Works perfectly for my internal home network.
Paul
It may have been better to offer: (e) Choose you own option! With (a) as the default.MrQuade wrote:Entirely true. What it helps prevent, is accidental corruption of the Wiz's root file system.dRdoS7 wrote: I don't understand how this has improved security.
The user & pw are freely available.
A user could accidentally change critical files without thinking, or with some automated tool (or malware infection) that was designed for another purpose. This way, someone must consciously enter the password before proceeding. It is a safety step, and it by no means intended as a serious barrier to malicious third party intrusion.
As stated before, the alternatives are:
a) no security, and thus vulnerable to accidental damage as-per 4.4 (and Beyonwiz has decided that this was no longer an option).
b) only share movie and don't share the root at all (that would also not be popular I imagine).
c) make it so that a username and password is required to access both Movie and root (inconvenient)
d) share both movie and root, but allow normal access to movie, and password protect root against accidents (what was done)
d) was chosen. Unfortunately, users of more recent versions of Windows encounter issues with accessing root occasionally due to Microsoft's design decisions surrounding SMB. It was thought that anyone who required access to the root share was a savvy enough user to work around any problems with the right help.
c) may have been an option at the expense of some convenience, for the sake of Windows users.
Most likely just changed "guest ok = yes" like you did.dRdoS7 wrote: What did you edit in the config?
Not a practical thing to implement unfortunately. Though it it were, it would be more likely default to b). The default state would be the more secure one.dRdoS7 wrote: It may have been better to offer: (e) Choose you own option! With (a) as the default.
After all, corruption would be down to the user, and a USB FW would probably fix it.
Yes, that's what I changed.MrQuade wrote:Most likely just changed "guest ok = yes" like you did.dRdoS7 wrote: What did you edit in the config?
I believe it's the same as Windows Credential Manager (Control Panel > User Accounts > Credential Manager)IanSav wrote:Hi David1st,
Thank you for your most informative post.
I will be trying your instructions out as they are a very useful concept for a PC maintenance toolkit.
Regards,
Ian.
That may well be so but I am still very new at Windows 10. Is this new for Windows 10? I still mainly use Windows XP but I am coming to grips with an update shift directly to Windows 10.Grumpy_Geoff wrote:IanSav wrote:I believe it's the same as Windows Credential Manager (Control Panel > User Accounts > Credential Manager)
A Google search shows it's been there since Windows 7.IanSav wrote:Hi Geoff,That may well be so but I am still very new at Windows 10. Is this new for Windows 10? I still mainly use Windows XP but I am coming to grips with an update shift directly to Windows 10.Grumpy_Geoff wrote:IanSav wrote:I believe it's the same as Windows Credential Manager (Control Panel > User Accounts > Credential Manager)
I appreciate seeing handy hints on any topic, and grab a copy, when I note them.
Regards,
Ian.
Unfortunately, this issue is not a problem to do with saved credentials, and doesn't work.david1st wrote: All done. You should be able to login to the Beyonwiz with the login and password (beyonwiz beyonwiz)
I suspect that most current users would prefer option 2 as they get to keep read access to all the files they think they might need. For many users option 1 is likely to be all they need.peteru wrote:Given how many issues the default 16.1 config is causing for Win10 users, I'm considering changing the default config for 17.1 series. Two options spring to mind:Benefit with both options is that there is no need to manage separate Samba passwords, which should simplify things.
- Export [Movie] as read/write to guest users.
[Root] is not exported via Samba at all. Access to the system dirs will need to use alternative methods, such as FTP or ssh.- Export [Movie] as read/write to guest users.
Export [Root] as read-only to guest users. This will allow users to see the of system directories, including logs, but any modifications in the system dirs will need to use alternative methods, such as FTP or ssh.
Feedback?
While your other suggestions have merit I believe that making it easier for users to edit system files is not a particularly good idea. I suspect that PeterU and Jai are trying to reduce the support load and limit the sort of issues that can typically occur. Making it easier for users to access system files and edit them as well is likely to end in tears and / or regrets for many.MrQuade wrote:Could I also suggest that "nano" be installed by default as well. That is a much friendlier text editor that people can use to directly edit files from the command line.
My thinking is that it *should* be easy to edit system files. There are many tinkering-class users on the forums who often need to edit the files, but would find vi's interface daunting. It's just that it shouldn't be easy to accidentally change system files, which is what removing the shares will help to do.IanSav wrote:H
While your other suggestions have merit I believe that making it easier for users to edit system files is not a particularly good idea.
If there is common, significant or appropriate need for editing system files then a UI interface should be created to manage the task.MrQuade wrote:My thinking is that it *should* be easy to edit system files. There are many tinkering-class users on the forums who often need to edit the files, but would find vi's interface daunting. It's just that it shouldn't be easy to accidentally change system files, which is what removing the shares will help to do.
Share "Harddisk" as it was in v4.4, put a link to "Logs" in "Harddisk".peteru wrote:Given how many issues the default 16.1 config is causing for Win10 users, I'm considering changing the default config for 17.1 series.
Feedback?
Totally agreed with that, but that is a MIGHTY ask that not even the big boys like Ubuntu and Red Hat have solved yet.IanSav wrote: If there is common, significant or appropriate need for editing system files then a UI interface should be created to manage the task.
There isn't a unique place where logs are put, and there isn't necessarily a HDD.dRdoS7 wrote:...
Share "Harddisk" as it was in v4.4, put a link to "Logs" in "Harddisk".
...
It's technically *possible*. Starts looking a bit messy, but one trick would be to provide the R/W share as a hidden/invisible share.Grumpy_Geoff wrote:For option #2, is it possible to have 2 different shares for the root path with -
Probably right. Though I would still recommend including the root share in place in smb.conf, but commented out.peteru wrote:So far option 1. seems like the most sensible one. Even more so if you consider that we are trying to provide an out of the box experience that is friendly enough to non-technical users.
It needs qualification for people with routers that don't do DNS for their home network. I couldn't find any facility to do that on the Huawei HG658 that iiNet supplied me with for my iiNet/Transact VDSL2 connection only a year ago.MrQuade wrote:... My earlier suggestion of also allowing access to the logs could easily be replaced with a simple instruction to type ftp://beyonwizt<x>/home/root/logs in their browser address bar. Not exactly rocket surgery.
prl wrote:There isn't a unique place where logs are put,dRdoS7 wrote:...
Share "Harddisk" as it was in v4.4, put a link to "Logs" in "Harddisk".
...
I realise that, and yet it was called "Harddisk" earlier, call it what you like. Just share it.and there isn't necessarily a HDD.
I think prl's point was that there might not be a physical harddisk to share.dRdoS7 wrote: I realise that, and yet it was called "Harddisk" earlier, call it what you like. Just share it.
The logging location is set in the same place where it's enabled. It can be set to any currently mounted file system. It simply defaults to "logs" in /home/root. On my test machines I always set it to /media/hdd, and the log files go into /media/hdd/logs.dRdoS7 wrote:Hi,
prl wrote:There isn't a unique place where logs are put,dRdoS7 wrote:...
Share "Harddisk" as it was in v4.4, put a link to "Logs" in "Harddisk".
...
When we turn on Logging, doesn't it go to: \Root\home\root\logs? That's the one (crash logs) most are interested in. The rest can access via their favourite program.
...
Precisely.MrQuade wrote:I think prl's point was that there might not be a physical harddisk to share.dRdoS7 wrote: I realise that, and yet it was called "Harddisk" earlier, call it what you like. Just share it.