LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-24-2015, 11:26 PM   #1
SalemGB
LQ Newbie
 
Registered: Aug 2015
Posts: 1

Rep: Reputation: Disabled
Cannot access samba shares from any computer; access is denied.


Please help, I have done everything correctly. I have tried to connect to the share from both a Mac and a Windows PC with no luck. In addition, sudo testparm doesn't show anything wrong.

My smb.conf file:




Code:
#======================= Global Settings =======================

[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = WORKGROUP
   netbios name = 'Salem's File Server'

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
#   wins support = no

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
;   wins server = w.x.y.z

# This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

#### Networking ####

# The specific set of interfaces / networks to bind to
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred
;   interfaces = 127.0.0.0/8 eth0

# Only bind to the named interfaces and/or networks; you must use the
# 'interfaces' option above to use this.
# It is recommended that you enable this feature if your Samba machine is
# not protected by a firewall or is a firewall itself.  However, this
# option cannot handle dynamic or non-broadcast interfaces correctly.
;   bind interfaces only = yes



####### Authentication #######

# Server role. Defines in which mode Samba will operate. Possible
# values are "standalone server", "member server", "classic primary
# domain controller", "classic backup domain controller", "active
# directory domain controller".
#
# Most people will want "standalone sever" or "member server".
# Running as "active directory domain controller" will require first
# running "samba-tool domain provision" to wipe databases and create a
# new domain.
   server role = standalone server

# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
   passdb backend = tdbsam

   obey pam restrictions = yes

# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
   unix password sync = yes

# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan <<kahan@informatik.tu-muenchen.de> for
# sending the correct chat script for the passwd program in Debian Sarge).
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
   pam password change = yes

# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
   map to guest = bad user



# The following settings only takes effect if 'server role = primary
# classic domain controller', 'server role = backup domain controller'
# or 'domain logons' is set
#

# It specifies the location of the user's
# profile directory from the client point of view) The following
# required a [profiles] share to be setup on the samba server (see
# below)
;   logon path = \\%N\profiles\%U
# Another common choice is storing the profile in the user's home directory
# (this is Samba's default)
#   logon path = \\%N\%U\profile



# The following setting only takes effect if 'domain logons' is set
# It specifies the location of a user's home directory (from the client
# point of view)
;   logon drive = H:
#   logon home = \\%N\%U

# The following setting only takes effect if 'domain logons' is set
# It specifies the script to run during logon. The script must be stored
# in the [netlogon] share
# NOTE: Must be store in 'DOS' file format convention
;   logon script = logon.cmd

# This allows Unix users to be created on the domain controller via the SAMR
# RPC pipe.  The example command creates a user account with a disabled Unix
# password; please adapt to your needs
; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u

# This allows machine accounts to be created on the domain controller via the
# SAMR RPC pipe.
# The following assumes a "machines" group exists on the system
; add machine script  = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u

# This allows Unix groups to be created on the domain controller via the SAMR
# RPC pipe.
; add group script = /usr/sbin/addgroup --force-badname %g


############ Misc ############

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
;   include = /home/samba/etc/smb.conf.%m

# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
;   idmap uid = 10000-20000
;   idmap gid = 10000-20000
;   template shell = /bin/bash

# Setup usershare options to enable non-root users to share folders
# with the net usershare command.

# Maximum number of usershare. 0 (default) means that usershare is disabled.
;   usershare max shares = 100

# Allow users who've been granted usershare privileges to create
# public shares, not just authenticated ones
   usershare allow guests = yes


#======================= Share Definitions =======================

[homes]
   comment = Home Directories
   browseable = no

# By default, the home directories are exported read-only. Change the
# next parameter to 'no' if you want to be able to write to them.
   read only = yes

[My Storage]
   comment = This is the property of Salem
   path = /media/salem/'Seagate Expansion Drive'
   public = yes
   writable = yes
   printable = no
   write list = +staff
   browseable = yes
   valid user = salem
   available = yes

[test]
   comment = this is a test
   path = /etc
   public = yes
   writable = yes
   printable = no
   browseable = yes
   valid user = salem
   available = yes

# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
   create mask = 0700

# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
   directory mask = 0700

# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.
# The following parameter makes sure that only "username" can connect
# to \\server\username
# This might need tweaking when using external authentication schemes
   valid users = %S

# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
;[netlogon]
;   comment = Network Logon Service
;   path = /home/samba/netlogon
;   guest ok = yes
;   read only = yes
 
Old 08-25-2015, 09:03 PM   #2
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 17,808
Blog Entries: 28

Rep: Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543Reputation: 5543
Are the shares marked as "shared" in the directory configuration.

That is separate piece from the samba configuration.
 
Old 08-26-2015, 09:32 AM   #3
linom
Member
 
Registered: May 2015
Location: India
Distribution: Debian, CentOS,Redhat, Fedora, Ubuntu
Posts: 91

Rep: Reputation: 13
Thumbs up

What is the error when you try to connect?
The cause could be that the user "salem" has no permission to access the shared path folder /etc.
1) Create a separate folder, eg /tmp/salem
2) give permission/ownership to salem to access /tmp/salem
3) in smb.conf, change /etc to /tmp/salem and save the conf and restart the samba service

Last edited by linom; 08-26-2015 at 09:34 AM.
 
Old 08-26-2015, 10:02 AM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 22,081

Rep: Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441Reputation: 4441
Welcome to LinuxQuestions.

What distribution/version are you running?
What happens when you try to connecting?

The netbios name must be unique, can not be longer then 15 characters and can not contain "\ / : * ? " < > |". You can set the server string as
server string = Salem's File Server

I would use /tmp and not /etc. In a nutshell /etc contains all of your system configuration files and not something you want share.

Code:
	[test]
	comment = This is a test
	path = /tmp
	public = yes
	writable = yes
	printable = no
        browseable = yes
        guest ok = yes
I would guess the usb drive is automatically being mounted and with permissions that do not allow world access by a "guest". If you add a samba password for salem that would allow you to connect as a user.

Last edited by michaelk; 08-26-2015 at 10:05 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to see shares on samba server - no authentication access desired (open access) neoelf Linux - Networking 1 06-14-2009 04:18 PM
Access denied when attempting access samba share warlockvix Linux - Software 1 05-11-2007 03:36 PM
Mounting W2K Shares failed: Access denied xunil321 Linux - Networking 8 11-02-2004 11:10 AM
Winbind Samba - Access Denied Shares Wylz Linux - Software 3 10-06-2004 05:30 AM
Access denied XP samba shares djtsa Linux - Software 0 10-02-2003 07:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration