Samba login/user permisssion problems with fresh install.
Hello all,
I'm trying to configure a new server running Debian Etch - it's a fileserver that I'm having a bit of a hard time configuring. Here's my smb.conf: Quote:
\share - no auth required \public - same \vault - requires auth \maps - no auth, read only The problem I'm running into right now is that if I create a fresh user, add them to the samba group and db, I'm getting prompted for a login if I just hit the root \\server.domain.com. In previous setups, hitting just the root of the server would always show me the available shares, and only prompt me to login if I tried to access any of the password protected areas. If anyone could take a peek and perhaps tell me why I'm being prompted for a login when trying to get at anything, I'd really appreciate it. :) Thanks! |
obey pam restrictions (G)
When Samba 3.0 is configured to enable PAM support (i.e. --with- pam), this parameter will control whether or not Samba should obey PAM's account and session management directives. The default behavior is to use PAM for clear text authentication only and to ignore any account or session management. Note that Samba always ignores PAM for authentication in the case of encrypt passwords = yes. The reason is that PAM modules cannot support the chal‐ lenge/response authentication mechanism needed in the presence of SMB password encryption. This snippet from man smb.conf should make clear why "obey pam restrictions" is not a good idea here. |
Thanks for the reply. :)
I turned pam restrictions off, but it didn't seem to really do anything. I also removed "invalid users = root" which made my public share work. The biggest problem (of my many, hah) that I have right now is that this share: Quote:
|
Here's the log error that I get when trying to access the maps share.
Quote:
|
1. you did do the "smbpasswd -a $USER" for your users wanting to connect?
2. you may need to do the same for "nobody" with a empty password 3. what are the filesystem permissions for the /knox/vault/maps directory, in particular does the group it belongs to, match one of the groups the users are in? (you may simply change group to nogroup for "nobody" access ...) 4. "read only = yes" and "create mask" won't stick together, but that shouldn't matter ... 5. from the log, and the multiple wins servers you specified, I wonder is the samba server (trying to be) member of a domain? 6. even when the smb.conf looks perfectly valid, do run testparm. In particular, is "Server role" standalone or anything else? |
All times are GMT -5. The time now is 12:48 AM. |