| View previous topic :: View next topic |
| Author |
Message |
Joe_Sextus
n00b
Joined: 28 Feb 2006
Posts: 45
|
 Posted: Tue Jan 05, 2010 9:25 pm Post subject: Samba users cannot open files |
 |
|
I'm having a weird issue with samba. I have integrated it with Active Directory (loosely following this guide http://www.gentoo-wiki.info/HOWTO_Active_Directory_with_Samba_and_Winbind). The problem I have is that when I connect to the samba server from windows, I can create, rename, delete and save a new document to the share but I can not open it back up (notepad says Access is denied).
Here is the permissions on the file as set by samba
| Code: | | -rwxr--r-- 1 jbyfield domain users 4 Jan 5 15:11 New Text Document.txt |
And here is my smb.conf file (I replace my domain name with DOMAIN)
| Code: |
[global]
workgroup = DOMAIN
realm = DOMAIN.ORG
preferred master = no
netbios name = PLG64FS008
server string = PLG64FS008
security = ads
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = Yes
winbind nested groups = Yes
idmap uid = 10000-20000
idmap gid = 10000-20000
vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
log file = /var/log/samba/log.%m
max log size = 1000
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad uid
socket options = TCP_NODELAY
template shell = /bin/bash
guest account = nobody
[sme]
comment = Successmaker Content
path = /data/sme
Valid Users = @"DOMAIN\domain users"
guest ok = no
# guest only = yes
browseable = yes
writeable = yes
[homes]
comment = Home Directories
valid users = %S
read only = no
browseable = no
[printers]
comment = All Printers
browseable = no
printable = yes
guest ok = yes
|
I know this is a samba problem because is I su to jbyfield I can access the files from console with out any problems. Can somebody point out what I an missing? |
|
| Back to top |
|
 |
honp
Guru
Joined: 25 Sep 2006
Posts: 355
Location: Good old Prague, Czech rep.
|
| Posted: Wed Jan 06, 2010 8:30 am Post subject: |
|
|
| And what rights do you have on upper directory? |
|
| Back to top |
|
|
Joe_Sextus
n00b
Joined: 28 Feb 2006
Posts: 45
|
| Posted: Wed Jan 06, 2010 1:18 pm Post subject: |
|
|
/data
| Code: | drwxrwxrwx 4 jbyfield domain users 4096 Jan 5 08:25 data
|
/data/sme
| Code: | drwxrwxrwx 6 jbyfield domain users 4096 Jan 5 15:11 sme
|
|
|
| Back to top |
|
|
honp
Guru
Joined: 25 Sep 2006
Posts: 355
Location: Good old Prague, Czech rep.
|
| Posted: Wed Jan 06, 2010 4:20 pm Post subject: |
|
|
| Samba has very good log system. Try to look at this logs, maybe you can find something. |
|
| Back to top |
|
|
Joe_Sextus
n00b
Joined: 28 Feb 2006
Posts: 45
|
| Posted: Wed Jan 06, 2010 8:41 pm Post subject: |
|
|
I change the log level to 2 and now I see this in the log for my client when I try to open the file.
| Code: | [2010/01/06 14:39:22, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [JByfield] -> [JByfield] -> [MPSI20\jbyfield] succeeded
[2010/01/06 14:39:22, 2] lib/module.c:do_smb_load_module(64)
Module '/usr/lib64/samba/vfs/vscan-clamav.so' loaded
[2010/01/06 14:39:22, 1] smbd/service.c:make_connection_snum(1042)
best-hlp2k3 (10.100.10.15) connect to service sme initially as user MPSI20\jbyfield (uid=10000, gid=10002) (pid 8192)
[2010/01/06 14:39:25, 2] smbd/open.c:open_file(391)
JByfield opened file New Text Document.txt read=No write=No (numopen=2)
[2010/01/06 14:39:25, 2] smbd/close.c:close_normal_file(406)
MPSI20\jbyfield closed file New Text Document.txt (numopen=1) NT_STATUS_OK
|
|
|
| Back to top |
|
|
honp
Guru
Joined: 25 Sep 2006
Posts: 355
Location: Good old Prague, Czech rep.
|
| Posted: Thu Jan 07, 2010 7:29 am Post subject: |
|
|
| Probably this is not the reason (i think you can have both), but in my smb.conf there is writable instead of writeable... Try (sorry i dont have a time to check it...) |
|
| Back to top |
|
|
Joe_Sextus
n00b
Joined: 28 Feb 2006
Posts: 45
|
| Posted: Thu Jan 07, 2010 2:40 pm Post subject: |
|
|
I tried changing that and it did not make a difference.
I know I have done this before (over a year ago) using this same guide and it worked flawlessly. Unfortunately the previous server does not exist anymore. |
|
| Back to top |
|
|
Joe_Sextus
n00b
Joined: 28 Feb 2006
Posts: 45
|
| Posted: Thu Jan 07, 2010 5:13 pm Post subject: |
|
|
| I found the problem. Clamd was not running and samba was set to deny access if clamd was not running. |
|
| Back to top |
|
|
|
Networking & Security
