Hello,

I'm setting up an SMB server for my company for the first time in Linux using ldap as a passwd back end. I can log into the samba share using root, but I cannot log in as a normal user nor anonymous.

When I type in: smbclient //servername/in-depth -U gilligan. It asks me for my password and then replies with: Domain=[INDEPTH] OS=[Unix] Server=[Samba 3.5.4-0.70.el5_6.1]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

I'm not sure where to go from here since I have the firewall and SElinux turned off and the documentation on the error is minimal outside of those parameters.

/samba/log.gilligan shows:


[2011/06/03 10:24:13.353093, 0] smbd/service.c:988(make_connection_snum)
canonicalize_connect_path failed for service in-depth, path /storage/in-depth

My smb.conf file is:

# Global parameters
[global]
ldap ssl = off
passwd chat = "Changing *\nNew password*" %n\n "*Retype new password*" %n\n"
preserve case = yes
enable privileges = yes
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
show add printer wizard = yes
time server = Yes
passwd program = /usr/sbin/smbldap-passwd -u "%u"
nt acl support = Yes
netbios name = SAMBATEST
printing = cups
ldap passwd sync = yes
logon script = logon.bat
dos charset = 850
workgroup = indepth
os level = 65
ldap admin dn = cn=root,dc=indepth,dc=com
printcap name = cups
security = user
short preserve case = yes
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
max log size = 100000
log level = 0
log file = /var/log/samba/log.%U
guest account = nobody
load printers = Yes
ldap user suffix = ou=Users
add group script = /usr/sbin/smbldap-groupadd -p "%g"
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
mangling method = hash2
logon drive = H:
deadtime = 10
create mask = 0640
map to guest = Bad User
# domain master = Yes
encrypt passwords = Yes
# logon home =
passdb backend = ldapsam:ldap://10.10.11.101:389
case sensitive = no
ldap machine suffix = ou=Computers
ldap group suffix = ou=Group
server string = Samba Server %v
ldap suffix = dc=indepth,dc=com
unix password sync = no
logon path =
directory mask = 0750
add user script = /usr/sbin/smbldap-useradd -m "%u"
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
syslog = 0
unix charset = ISO8859-1
domain logons = Yes
#interfaces = 192.168.5.11
username map = /etc/samba/smbusers
#security = ads
# min passwd length = 3
#pam password change = no
#obey pam restrictions = NO

# method 1:
#unix password sync = no
#ldap passwd sync = yes

# method 2:



# passdb backend = ldapsam:"ldap://ldap1.company.com ldap://ldap2.company.com"
#ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com
ldap idmap suffix = ou=Idmap
ldap delete dn = Yes
delete group script = /usr/sbin/smbldap-groupdel "%g"

# printers configuration
#printer admin = @"Print Operators"
#force create mode = 0640
#force directory mode = 0750
; to maintain capital letters in shortcuts in any of the profile folders:

[netlogon]
path = /home/netlogon/
browseable = No
read only = yes

[profiles]
path = /home/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
force user = %U
# next line allows administrator to access all profiles
#valid users = %U "Domain Admins"

[printers]
comment = Network Printers
#printer admin = @"Print Operators"
guest ok = yes
printable = yes
path = /home/spool/
browseable = No
read only = Yes
printable = Yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
# print command = /usr/bin/lpr -U%U@%M -P%p -r %s
# lpq command = /usr/bin/lpq -U%U@%M -P%p
# lprm command = /usr/bin/lprm -U%U@%M -P%p %j
# lppause command = /usr/sbin/lpc -U%U@%M hold %p %j
# lpresume command = /usr/sbin/lpc -U%U@%M release %p %j
# queuepause command = /usr/sbin/lpc -U%U@%M stop %p
# queueresume command = /usr/sbin/lpc -U%U@%M start %p

[print$]
path = /home/printers
guest ok = No
browseable = Yes
read only = Yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775

[public]
path = /tmp
guest ok = yes
browseable = Yes
writable = yes
[in-depth]
inherit owner = yes
writeable = yes
path = /storage/in-depth
force directory mode = 770
create mask = 0777
comment = Top-Level Fulton SMB Share
valid users = @Shared
directory mode = 3770
guest ok = no

My user in ldap is apart of the Shared group as is root. Any suggestions on where I should be looking to resolve this issue?

Thanks in advance.

Issue resolved. The problem was permissions on a higher up directory. The /storage directory did not have the correct permissions even though the in-depth directory was correct.