LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Samba - Access denied (https://www.linuxquestions.org/questions/linux-networking-3/samba-access-denied-212794/)

aikempshall 08-03-2004 02:23 AM
Samba - Access denied
 
I have a dual boot linux machine which boots to either slackware 9.1 or slackware 10.0.

When running in 9.1 I can map to it from a separate XP box by using windows explorer. When in slackware 10.0 I get "Access denied", I suspect the drive has been mapped I just can't access the share.

The /etc/samba/smb.conf files are identical as are the /etc/samba/smbpasswd files. The ipaddress is the same 'cause it's the same NIC with my router supplying the address.

In DOS if I do the following -

C:\Documents and Settings\Alex>net use z: \\10.0.0.4\root
The password or user name is invalid for \\10.0.0.4\root.

Enter the user name for '10.0.0.4': root
Enter the password for 10.0.0.4:
The command completed successfully.


C:\Documents and Settings\Alex>dir z:
Access is denied.


The above would suggest that the mapping has occurred but I havn't thje permission to access the share. I got the shares working in 9.1. without any problems, well I can't remember having any and I've not written anything down.

Has anyone any suggestions?

david_ross 08-03-2004 01:44 PM
It does sound like a permissions problem.

Have you checked them?

Is share "shared" between 9.1 and 10? If so, are the owner and group the same on both OSs with the same uid?

aikempshall 08-03-2004 03:00 PM
The permissions, GIDs and UIDs all look good.

I decided to reinstall SAMBA and rebuild the smb.conf file from scratch.

Slackware 9.1 is running on samba 2.0.8a whilst Slackware 10.0 is running on 3.0.4. Perhaps there is a suttle change in the smb.conf between the versions of samba?

Thanks

david_ross 08-03-2004 03:38 PM
There have been a few changes between the configuration files between major versions.

Try checking with the configuration man page and also increase the "log level" parameter.

aikempshall 08-04-2004 04:03 AM
Well. Limited success or complete success depending on your definition of "luck".

The situation thus far.

Reinstalled samba.
Removed the /etc/samba/private/smbpasswd file.
Added the user 'alex' to smbpasswd.

I then got the strange scenario as outlined below where I logged onto the XP box in the following order yvonne > alex > yvonne > alex.

Log in as user yvonne on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Log out of XP user yvonne

Log in as user alex on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Log out of XP user alex.

Log in as user alex on the XP box
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Log out of XP user alex.

Log in as user yvonne on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Log out of XP user yvonne

Log in as user alex on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Log out of XP user alex.

I can map to slackware 10.0 and am ok as long as I don't unmap. Can anyone explain why I can on one particular XP user I can map/unmap/map a linux home directory without problem whereas on another I can only map the once? Once I've mapped on XP user alex the only way to resolve the issue to map with another XP user, restarting the XP machine doesn't clear the "access denied".

I suppose the simplest solution is don't use XP!!

Thanks

XTeam 08-04-2004 05:39 AM
I had similiar problem.
I resolved it by using the webmin. I set all the shares and permissions from there.

aikempshall 08-04-2004 11:52 AM
Still not out of the woods yet.


What I've described above alex > yvonne > alex to clear the "Access denied" only works some of the time. Haven't managed to work out what triggers the "some of the time".

At the moment the home directory /home/alex has a

UID of alex
GID of root
drwxrwxrwx

although I have tried GID of users or alex with no joy!

I've of being clueless.

Regards

aikempshall 08-06-2004 05:24 AM
The mystery, or is it misery, deepens.


Any user, except alex, on the XP box can access any user on the Slack box assuming the correct share and password is supplied. The XP user alex nearly always returns "Access denied" when attempting to access the share - it does map.

On the XP box I set up a new user called 'oik' and could map/unmap at will with no problems. I then copied all the files from the XP user 'alex' to the XP user 'oik' and the "access denied" problem started on user 'oik'.

All seems wierd!

I will now downgrade to samba 2.0.8a and see what happens before trying to identify what the problem is with XP user "alex" and now "oik".


AK

aikempshall 08-07-2004 01:40 AM
Downgraded to 2.2.8a and the problem has gone away!
Upgraded to 3.0.4 and the problem reappears!

Between the downgrade/upgrade didn't change anything. Didn't change usernames, passwords or smb.conf.

Now need to determine what's the difference between 2.2.8a and 3.0.4. I'm of the view that it is username related.

Found on -

http://us2.samba.org/samba/whatsnew/samba-3.0.0rc4.html

1) When operating as a member of a Windows domain, Samba 2.2 would
map any users authenticated by the remote DC to the 'guest account'
if a uid could not be obtained via the getpwnam() call. Samba 3.0
rejects the connection as NT_STATUS_LOGON_FAILURE. There is no
current work around to re-establish the 2.2 behavior.


Don't know what it means!


AK

aikempshall 08-08-2004 02:31 AM
Sorted the problem. The problem was on the XP side namely with the files NTUSER and NTUSER.DAT. They either didn't contain the user name or password that I thought they did or had someother problem.

In a nutshell this is what happened

1
Could map to the alex home directory on my slackware 9.1 box, running samba 2.2.8a, from the user alex on my XP box. Supplying user name alex and password in the XP dialog box.

2
Could NOT map to the alex home directory on my slackware 10.0 box, running samba 3.0.4, from the user alex on my XP box. Supplying user name alex and password in the XP dialog box. Always got "Access denied".

3
Could map to the alex home directory on my slackware 10.0 box, running samba 3.0.4, from the user yvonne on my XP box. Supplying user name alex and password in the XP dialog box.

4
Downgraded slackware 10.0 to samba 2.2.8a. Could map in all the cases above. Supplying user name alex and password in the XP dialog box.

5
Upgaded to samba 3.0.4. Created a new user on the XP box called oik. Could map to the alex home directory. Supplying user name alex and password in the XP dialog box.

6
Copied all the files from the XP alex user to the XP oik user. Could NOT map to the alex home directory. Supplying user name alex and password in the XP dialog box.

7
Found thias statement on the Samba website - see below.

1) When operating as a member of a Windows domain, Samba 2.2 would
map any users authenticated by the remote DC to the 'guest account'
if a uid could not be obtained via the getpwnam() call. Samba 3.0
rejects the connection as NT_STATUS_LOGON_FAILURE. There is no
current work around to re-establish the 2.2 behavior.

8
Deleted the alex user on the XP box and then created a new user on the XP box called alex. Copied all the files across from the old alex user except the files NTUSER and NTUSER.DAT i.e. kept the these files as generated when recreating the XP user alex. Could map to the alex home directory. Supplying user name alex and password in the XP dialog box. Problem resolved.

9
Upgraded to samba 3.0.5. Still in business.

amfoster 08-08-2004 02:40 PM
I think the permission issue depends on the type security you are using. Is the setting in the smb.conf file reading security = user?

If so, you need to create samba users.

smbpasswd -a username password

This will create a file in the /etc/samba directory named smbpasswd

I didn't read all the posts there were back to you, but in glancing, I didn't see anyone mention samba users.

Now if you have security = share then there shouldn't be any issues. Other than that is a very unwise thing to do.

aikempshall 08-09-2004 03:52 PM
The smb.conf file has

security = users

I'd also run -

smbpasswd -a alex

which created /etc/samba/private/smbpasswd

The problem would appear to me that the samba people tightened up on security between 2.2.8a and 3.0.4. It was this "security hole" that I was unintentionally exploiting that threw me. The XP user alex was the only XP user effected - don't know what the XP files NTUSER and NTUSER.DAT contained, persumably user/password information, but their contents were causing me a problem. When I recreated the XP user and copied the files across the problem went away.


Thanks

compassman 08-10-2004 12:13 PM
All these messages seem to be related to my issue with Samba 2.2.7a on my network, but I am unsure how to apply these facts to my situation. My Samba server is working. I can see the server from any Windows machine. I can connect to any Windows share with smbclient. BUT, I cannot connect to any Samba share. It is as if they were invisible. I made sure that the user names on the Windows machines, Linux machine and Samba users are all the same. I assume it is a permissions issue, but I am too new to Linux to know how to check the rights on a folder. Can anyone assist?

Thanks in advance for any assistance.


smb.conf (if this would shed any light):

# Samba config file created using SWAT
# from localhost.localdomain (127.0.0.1)
# Date: 2004/08/10 11:49:08

# Global parameters
[global]
workgroup = MSNETWORK
netbios name = SAMBA1
encrypt passwords = Yes

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
lpq command = lpstat -o %p
lprm command = cancel %p-%j
browseable = No

[altairshare]
path = /home/altair_share
username = larry, moe, curly, @smbusers
valid users = larry, moe, curly, @smbusers
read only = No

amfoster 08-10-2004 12:31 PM
The linux permissions on your directory may indeed be a factor. Try chmod 777 on that share just as a test first. You can always change them back.

Better yet, add this and test if you can mount the /tmp dir

[TEMP]
path = /tmp
browsable = yes
read only = no


Restart the smb daemon and give it a try. We know the perms on /tmp are rwxrwxrwt, so that will be a good test whether it is the Linux pers that are the issue.

compassman 08-10-2004 03:43 PM
I used chmod on the folder. The Samba share is still invisible. What else could be wrong with the permissions?


All times are GMT -5. The time now is 08:39 AM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page