LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-03-2004, 02:23 AM   #1
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Rep: Reputation: 37
Samba - Access denied


I have a dual boot linux machine which boots to either slackware 9.1 or slackware 10.0.

When running in 9.1 I can map to it from a separate XP box by using windows explorer. When in slackware 10.0 I get "Access denied", I suspect the drive has been mapped I just can't access the share.

The /etc/samba/smb.conf files are identical as are the /etc/samba/smbpasswd files. The ipaddress is the same 'cause it's the same NIC with my router supplying the address.

In DOS if I do the following -

C:\Documents and Settings\Alex>net use z: \\10.0.0.4\root
The password or user name is invalid for \\10.0.0.4\root.

Enter the user name for '10.0.0.4': root
Enter the password for 10.0.0.4:
The command completed successfully.


C:\Documents and Settings\Alex>dir z:
Access is denied.


The above would suggest that the mapping has occurred but I havn't thje permission to access the share. I got the shares working in 9.1. without any problems, well I can't remember having any and I've not written anything down.

Has anyone any suggestions?
 
Old 08-03-2004, 01:44 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
It does sound like a permissions problem.

Have you checked them?

Is share "shared" between 9.1 and 10? If so, are the owner and group the same on both OSs with the same uid?
 
Old 08-03-2004, 03:00 PM   #3
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
The permissions, GIDs and UIDs all look good.

I decided to reinstall SAMBA and rebuild the smb.conf file from scratch.

Slackware 9.1 is running on samba 2.0.8a whilst Slackware 10.0 is running on 3.0.4. Perhaps there is a suttle change in the smb.conf between the versions of samba?

Thanks
 
Old 08-03-2004, 03:38 PM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
There have been a few changes between the configuration files between major versions.

Try checking with the configuration man page and also increase the "log level" parameter.
 
Old 08-04-2004, 04:03 AM   #5
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
Well. Limited success or complete success depending on your definition of "luck".

The situation thus far.

Reinstalled samba.
Removed the /etc/samba/private/smbpasswd file.
Added the user 'alex' to smbpasswd.

I then got the strange scenario as outlined below where I logged onto the XP box in the following order yvonne > alex > yvonne > alex.

Log in as user yvonne on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Log out of XP user yvonne

Log in as user alex on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Log out of XP user alex.

Log in as user alex on the XP box
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Log out of XP user alex.

Log in as user yvonne on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Log out of XP user yvonne

Log in as user alex on the XP box
Map to the user alex on the linux box. Maps successfully.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Map to the user alex on the linux box. Fails "Access denied". Maps anyway. Can't see any of the files.
Disconnect mapping to alex. Successful.
Log out of XP user alex.

I can map to slackware 10.0 and am ok as long as I don't unmap. Can anyone explain why I can on one particular XP user I can map/unmap/map a linux home directory without problem whereas on another I can only map the once? Once I've mapped on XP user alex the only way to resolve the issue to map with another XP user, restarting the XP machine doesn't clear the "access denied".

I suppose the simplest solution is don't use XP!!

Thanks

Last edited by aikempshall; 08-04-2004 at 04:20 AM.
 
Old 08-04-2004, 05:39 AM   #6
XTeam
LQ Newbie
 
Registered: Nov 2003
Location: Novi Sad, Yugoslavia
Distribution: Fedora Core 3 & 4; Mandrake 9.2; 10.0; Knoppix
Posts: 13

Rep: Reputation: 0
I had similiar problem.
I resolved it by using the webmin. I set all the shares and permissions from there.
 
Old 08-04-2004, 11:52 AM   #7
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
Still not out of the woods yet.


What I've described above alex > yvonne > alex to clear the "Access denied" only works some of the time. Haven't managed to work out what triggers the "some of the time".

At the moment the home directory /home/alex has a

UID of alex
GID of root
drwxrwxrwx

although I have tried GID of users or alex with no joy!

I've of being clueless.

Regards
 
Old 08-06-2004, 05:24 AM   #8
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
The mystery, or is it misery, deepens.


Any user, except alex, on the XP box can access any user on the Slack box assuming the correct share and password is supplied. The XP user alex nearly always returns "Access denied" when attempting to access the share - it does map.

On the XP box I set up a new user called 'oik' and could map/unmap at will with no problems. I then copied all the files from the XP user 'alex' to the XP user 'oik' and the "access denied" problem started on user 'oik'.

All seems wierd!

I will now downgrade to samba 2.0.8a and see what happens before trying to identify what the problem is with XP user "alex" and now "oik".


AK
 
Old 08-07-2004, 01:40 AM   #9
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
Downgraded to 2.2.8a and the problem has gone away!
Upgraded to 3.0.4 and the problem reappears!

Between the downgrade/upgrade didn't change anything. Didn't change usernames, passwords or smb.conf.

Now need to determine what's the difference between 2.2.8a and 3.0.4. I'm of the view that it is username related.

Found on -

http://us2.samba.org/samba/whatsnew/samba-3.0.0rc4.html

1) When operating as a member of a Windows domain, Samba 2.2 would
map any users authenticated by the remote DC to the 'guest account'
if a uid could not be obtained via the getpwnam() call. Samba 3.0
rejects the connection as NT_STATUS_LOGON_FAILURE. There is no
current work around to re-establish the 2.2 behavior.


Don't know what it means!


AK

Last edited by aikempshall; 08-07-2004 at 02:07 AM.
 
Old 08-08-2004, 02:31 AM   #10
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
Sorted the problem. The problem was on the XP side namely with the files NTUSER and NTUSER.DAT. They either didn't contain the user name or password that I thought they did or had someother problem.

In a nutshell this is what happened

1
Could map to the alex home directory on my slackware 9.1 box, running samba 2.2.8a, from the user alex on my XP box. Supplying user name alex and password in the XP dialog box.

2
Could NOT map to the alex home directory on my slackware 10.0 box, running samba 3.0.4, from the user alex on my XP box. Supplying user name alex and password in the XP dialog box. Always got "Access denied".

3
Could map to the alex home directory on my slackware 10.0 box, running samba 3.0.4, from the user yvonne on my XP box. Supplying user name alex and password in the XP dialog box.

4
Downgraded slackware 10.0 to samba 2.2.8a. Could map in all the cases above. Supplying user name alex and password in the XP dialog box.

5
Upgaded to samba 3.0.4. Created a new user on the XP box called oik. Could map to the alex home directory. Supplying user name alex and password in the XP dialog box.

6
Copied all the files from the XP alex user to the XP oik user. Could NOT map to the alex home directory. Supplying user name alex and password in the XP dialog box.

7
Found thias statement on the Samba website - see below.

1) When operating as a member of a Windows domain, Samba 2.2 would
map any users authenticated by the remote DC to the 'guest account'
if a uid could not be obtained via the getpwnam() call. Samba 3.0
rejects the connection as NT_STATUS_LOGON_FAILURE. There is no
current work around to re-establish the 2.2 behavior.

8
Deleted the alex user on the XP box and then created a new user on the XP box called alex. Copied all the files across from the old alex user except the files NTUSER and NTUSER.DAT i.e. kept the these files as generated when recreating the XP user alex. Could map to the alex home directory. Supplying user name alex and password in the XP dialog box. Problem resolved.

9
Upgraded to samba 3.0.5. Still in business.
 
Old 08-08-2004, 02:40 PM   #11
amfoster
Member
 
Registered: Aug 2004
Distribution: debian, SuSE
Posts: 365

Rep: Reputation: 34
I think the permission issue depends on the type security you are using. Is the setting in the smb.conf file reading security = user?

If so, you need to create samba users.

smbpasswd -a username password

This will create a file in the /etc/samba directory named smbpasswd

I didn't read all the posts there were back to you, but in glancing, I didn't see anyone mention samba users.

Now if you have security = share then there shouldn't be any issues. Other than that is a very unwise thing to do.
 
Old 08-09-2004, 03:52 PM   #12
aikempshall
Member
 
Registered: Nov 2003
Location: Bristol, Britain
Distribution: Slackware
Posts: 379

Original Poster
Rep: Reputation: 37
The smb.conf file has

security = users

I'd also run -

smbpasswd -a alex

which created /etc/samba/private/smbpasswd

The problem would appear to me that the samba people tightened up on security between 2.2.8a and 3.0.4. It was this "security hole" that I was unintentionally exploiting that threw me. The XP user alex was the only XP user effected - don't know what the XP files NTUSER and NTUSER.DAT contained, persumably user/password information, but their contents were causing me a problem. When I recreated the XP user and copied the files across the problem went away.


Thanks
 
Old 08-10-2004, 12:13 PM   #13
compassman
LQ Newbie
 
Registered: Apr 2004
Posts: 9

Rep: Reputation: 0
All these messages seem to be related to my issue with Samba 2.2.7a on my network, but I am unsure how to apply these facts to my situation. My Samba server is working. I can see the server from any Windows machine. I can connect to any Windows share with smbclient. BUT, I cannot connect to any Samba share. It is as if they were invisible. I made sure that the user names on the Windows machines, Linux machine and Samba users are all the same. I assume it is a permissions issue, but I am too new to Linux to know how to check the rights on a folder. Can anyone assist?

Thanks in advance for any assistance.


smb.conf (if this would shed any light):

# Samba config file created using SWAT
# from localhost.localdomain (127.0.0.1)
# Date: 2004/08/10 11:49:08

# Global parameters
[global]
workgroup = MSNETWORK
netbios name = SAMBA1
encrypt passwords = Yes

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
lpq command = lpstat -o %p
lprm command = cancel %p-%j
browseable = No

[altairshare]
path = /home/altair_share
username = larry, moe, curly, @smbusers
valid users = larry, moe, curly, @smbusers
read only = No
 
Old 08-10-2004, 12:31 PM   #14
amfoster
Member
 
Registered: Aug 2004
Distribution: debian, SuSE
Posts: 365

Rep: Reputation: 34
The linux permissions on your directory may indeed be a factor. Try chmod 777 on that share just as a test first. You can always change them back.

Better yet, add this and test if you can mount the /tmp dir

[TEMP]
path = /tmp
browsable = yes
read only = no


Restart the smb daemon and give it a try. We know the perms on /tmp are rwxrwxrwt, so that will be a good test whether it is the Linux pers that are the issue.
 
Old 08-10-2004, 03:43 PM   #15
compassman
LQ Newbie
 
Registered: Apr 2004
Posts: 9

Rep: Reputation: 0
I used chmod on the folder. The Samba share is still invisible. What else could be wrong with the permissions?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba - access denied on windows time112852 Linux - Software 11 06-04-2010 10:08 AM
samba/swat access denied bob_man_uk Linux - Software 2 10-19-2005 03:12 AM
Samba - access denied on windows suco Linux - Software 6 09-26-2005 10:30 PM
Access denied XP samba shares djtsa Linux - Software 0 10-02-2003 06:26 AM
windows xp and samba access denied eradiate Linux - Networking 4 06-01-2003 09:58 PM


All times are GMT -5. The time now is 02:49 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration