Hi - I am trying to use smb to access my work server from linux. I can create the share and get read access but am having issues with the write/modify access. I can save or create a new file but I can not modify. I am creating the share using my windows AD credentials (user name, domain and pw) which works fine. Are there parameters within smb mount that allow me to access these network drives and files using the AD user account or will I always be using my linux user for access as this is where the mount is created from. It is a work network server so I really do not want to mess around with permissions on the AD side but would consider possibly if that was the only route.

I did try setting up the smb mount using my linux user gid and uid but that did not seem to work either.

So I guess my question is where is the write/modify security set - in the smb mount command and if so what parameters should I be using or at the AD level in which case what would need to be done there.

Any direction would be appreciated.

Did you try something like this as root:

?

regards Henrik

1 members found this post helpful.

Generally speaking, whenever you try to access a service, you need to use the credentials attached to that service.

On your Linux machine, you would need to use your Windows credentials to mount the Windows share. The capabilities of Linux will be limited to your user's permissions in Windows.

The way I'd do this for an ad-hoc connection is as per the instructions given by Henrik above, but slightly modified (as root):

Note that the options (the part after "-o") are comma separated with no spaces. You could add ",ro" to the options if you want read-only access to the share.

RW access will depend upon your permissions in Windows.

If you wanted to make it happen automatically on boot (provided the machines are on the same LAN), you can add a line like the following to /etc/fstab:

Where the file /root/win_credentials.txt is a simple text file containing your Windows credentials, like this:

You can also do this over the internet if you have VPN access to the office.

Hi - my mount seems to be working ok - it seems to be a file rights issue. When I try to modify from Linux side (even though mounted using my AD creds) it prevents me from making any changes to a file. Even as root - trying to change a file using vi I get error Error: test1: Permission denied; test1: WARNING: FILE TRUNCATED and a {file}.part is created and both the original {file} and {file}.part are corrupt and unreadable. I can create a new file but can not modify once created.

These are all examples of file on the hare after I created the test# file and then try modifying using vi. Both the original and .part file are corrupt/unreadable after I attempt to save changes in vi.

-rwxr-xr-x 1 root root 0 Jun 27 17:53 test1
-rwxr-xr-x 1 root root 373 Jun 26 15:16 test1.part
-rwxr-xr-x 1 root root 0 Jun 26 15:18 test2
-rwxr-xr-x 1 root root 7 Jun 26 15:17 test2.part
-rwxr-xr-x 1 root root 2 Jun 26 15:25 test3
-rwxr-xr-x 1 root root 7 Jun 26 15:30 test3.part

The problem you're having is related to permissions.

See this thread for answers: https://unix.stackexchange.com/quest...ions-and-chown

Thank you for sharing that link. I have tried all the iterations and though I can create the mount and see the mounted drive - I am unable to modify files. If I use my windows machine to access the same thing I type \\server\share into the file browser where it then asks me for my network credentials. Everything I do then on the server is logged as that AD user even though my windows laptop is not on the domain and is not using a domain user. The only domain creds are when I access the server. I am thinking this is the same concept that I am trying to do from my linux machine but the rights issue is still problem.

To add some details the server I am connecting to is windows server 2019; my laptop is Slackware 15 (not current)

Let's try a different approach.

What happens if you open Konqueror and type: smb://192.168.x.x/SHARENAME into the address bar?

krakanut --

What is the exact mount command you're using and 'who' is running the command ?

From the looks of things in post #4, root is running the command and there are no uid= nor gid= options ?

Do you need to add -o '... forceuid,uid=krakanut,forcegid,gid=users, ...' ?

HTH

-- kjh

Have you created a .smbcredentials file in your home directory?

I mount my windows shares (using CIFS) to servers in an AD domain to a directory, home/network. I also have my .smbcredentials file stored in that network directory. The .smbcredentials file is very simple. It contains:

username=yourADusernsame
password=yourADpassword
domain=yourADdomainName

This has worked for me for years.

1 members found this post helpful.

This what rkelsen is referring to when he mentions the win_credentials text file.

1 members found this post helpful.

I have tried all variants of the mount - here is the one I believe should work - I enter the AD password when it tries to connect. I have tried the creds file too. In all cases I can connect and browse but not write. Are the write issues on the server side or my linux user? Could be my naivete in thinking that everything on the server side should be tied to the AD user to which I am creating the share? Perahsp this is the wrong thinking?

sudo mount -t cifs -o username={my login},dom={my domain},uid=$(id -u),gid=$(id -g),forceuid,forcegid //192.168.25.8/shared work-shared/

A bit more to share. I get the same write issues using Dolphin smb mount. Again connects fine, reads fine but no write. I wonder if there is something on the Microsost server side I need to enable? but again, I can connect using a non-AD windows laptop, and r/w just fine using the same smb:\\ mount and AD user creds.

I should also note that even root sudo or full su can not write to the share after mounting. Below is a sample scenario...

Create mount: sudo mount -t cifs -o username={my login},dom={my domain} //192.168.25.8/shared work-shared/ {assuming just root access and usage}

cd into work-shared {I can maneuver all through the share just fine and open files; the issue is when trying to edit existing files}

sudo touch test_file {file gets created}

sudo vi test_file and modify; :wq then get Error: test: Permission denied; test: WARNING: FILE TRUNCATED.

I see you use sudo. What about testing with full root ?

I tried full root (not sudo) and same issues.

However, losing patience with this matter, I pulled out an old workstation that has slack-current on it. That works exactly as expected! Why would Slack 15 not work and current would? How would I go about troubleshooting this - simply try re-installing 15 on the laptop I was having issues with?