Can't read Samba Share on Linux and Windows.
Hello Folks.
I joined my CentOS 7 server into Windows Domain and My Goal is that share My linux Directories and apply permission to them via Windows Active Directory Users. My Samba Config is : [global] workgroup = JASONDOMAIN security = ADS realm = JASONDOMAINI.JJ netbios name = printmah dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab server string = Samba 4 Client %h ## vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes ## username map = /etc/samba/user.map ## winbind enum users = no winbind enum groups = no winbind use default domain = yes winbind expand groups = 4 winbind nss info = rfc2307 winbind refresh tickets = Yes winbind offline logon = yes winbind normalize names = Yes ## map id's outside of domain to tdb files. idmap config *:backend = tdb idmap config *:range = 2000-9999 ## map ids from the domain the ranges may not overlap ! idmap config JASONDOMAIN : backend = rid idmap config JASONDOMAIN : range = 10000-999999 wins server = 172.30.9.1, 172.20.1.2, 172.20.1.48 domain master = no local master = no preferred master = no os level = 20 map to guest = bad user host msdfs = no # user Administrator workaround, without it you are unable to set privileges username map = /etc/samba/user.map # For ACL support on member server vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes # Share Setting Globally unix extensions = no reset on zero vc = yes veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/ hide unreadable = yes template shell = /bin/sh template homedir = /home/%U # name resolve order = lmhosts wins bcast host [test] path = /home/jason/Desktop/photo read only = no browseable = yes I can't browse share in Linux and Windows and it show me an error about permission. I also disable Firewall. How can I solve it? |
What are the directory permissions of the share are they writeable to users?
Code:
# ls -l /home/jason/Desktop Code:
# sestatus |
# sestatus
SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28 and drwxr-xr-x. 2 root root 6 Feb 17 01:14 Desktop Is it because of "root" ? I login to Linux via AD user and create a Directory and Permissions are below : drwxr-xr-x. 2 jason domain_users 6 Feb 17 01:24 test But can't browse!!!! |
Swith to selinux to permissive mode
Code:
setenforce 0 Code:
chcon -tR samba_share_t /path/to/share Code:
setenforce 1 |
Thank you.
The correct Syntax is : chcon -t samba_share_t -R /path/to/share ---------- Post added 02-17-15 at 03:59 AM ---------- Thank you. The correct Syntax is : chcon -t samba_share_t -R /path/to/share |
I have another problem. I can't change or add permissions and it show me I can't access.I use administrator account in Windows too but I has problem.
I used "jason" user for create directory and "jason" and "administrator" on windows can add or remove Folders but can't change permissions. I read "https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs" and did all steps in "Setup share permissions" section but problem not solved :( Any idea? |
Hello.
I changed my "smb.conf" as below : [Demo] path = /srv/samba/demo/ read only = no force user = %U force group = "JASONDOMAIN.JJ+domain users" force create mode = 0666 force directory mode = 2777 force directory security mode = 0777 valid users = @"JASONDOMAIN.JJ+domain users" Then I use below command to change owner : # chgrp -R "domain users" demo/ # chmod -R g+rw demo/ # ls -l total 0 drwxrwxr-x. 2 root domain_users 6 Feb 18 05:38 demo But When I want to open the "demo" directory it ask me my username and password and when I enter my username and password it ask me again :( I also have same problem with change permission too. How can I solve it? It is emergency. Thank you. ---------- Post added 02-18-15 at 07:32 AM ---------- Hello. I changed my "smb.conf" as below : [Demo] path = /srv/samba/demo/ read only = no force user = %U force group = "JASONDOMAIN.JJ+domain users" force create mode = 0666 force directory mode = 2777 force directory security mode = 0777 valid users = @"JASONDOMAIN.JJ+domain users" Then I use below command to change owner : # chgrp -R "domain users" demo/ # chmod -R g+rw demo/ # ls -l total 0 drwxrwxr-x. 2 root domain_users 6 Feb 18 05:38 demo But When I want to open the "demo" directory it ask me my username and password and when I enter my username and password it ask me again :( I also have same problem with change permission too. How can I solve it? It is emergency. Thank you. |
It is very Vital for me, Any idea?
|
"testparm -s" show me below error :
[root@printmah ~]# testparm -s Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) params.c:Parameter() - Ignoring badly formed line in configuration file: privileges Processing section "[test]" Processing section "[Demo]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER How can I fix it? |
I used :
smbclient //localhost/Demo -U JASONDOMAINI\\jason -d 3 and the result is : esolve_lmhosts: Attempting lmhosts lookup for name localhost<0x20> resolve_lmhosts: Attempting lmhosts lookup for name localhost<0x20> Connecting to 127.0.0.1 at port 445 Doing spnego session setup (blob length=96) got OID=1.2.840.48018.1.2.2 got OID=1.2.840.113554.1.2.2 got OID=1.3.6.1.4.1.311.2.2.10 got principal=not_defined_in_RFC4178@please_ignore Got challenge flags: Got NTLMSSP neg_flags=0x60898215 NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60088215 Domain=[JASONDOMAINI] OS=[Unix] Server=[Samba 4.1.1] tree connect failed: NT_STATUS_ACCESS_DENIED |
the name localhost is not resolved by the server.
Code:
cat /etc/hosts Code:
smbclient //127.0.0.1/Demo -o user=JASONDOMAIN\jason |
My "hosts" file was correct and the commands result is :
[root@printmah ~]# cat /etc/hosts 172.30.9.1 printmah.jasondomain.jj printmah 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 [root@printmah ~]# smbclient //127.0.0.1/Demo -o user=JASONDOMAINI\\jason params.c:Parameter() - Ignoring badly formed line in configuration file: privileges Domain=[JASONDOMAINI] OS=[Unix] Server=[Samba 4.1.1] tree connect failed: NT_STATUS_ACCESS_DENIED |
add in smb.conf file in global section
Code:
client ntlmv2 auth = yes try connecting Code:
smbclient //127.0.0.1/Demo -o sec=ntlmv2 username=jason@JASONDOMAINI |
Thanks.
Add it but Got same error: Domain=[JASONDOMAINI] OS=[Unix] Server=[Samba 4.1.1] tree connect failed: NT_STATUS_ACCESS_DENIED In "smb.conf" my share setting is : [Demo] path = /srv/samba/demo/ read only = no valid users = +JASONDOMAINI\linux +JASONDOMAINI\local admins writable = yes #inherrit owner = yes #inherit permissions = yes force group = JASONDOMAINI\linux "linux" is the name of group that I created in AD and "jason" is member of it. |
What are the directory permissions of /srv/samba/demo?
|
All times are GMT -5. The time now is 12:44 AM. |