I have samba allowing only known users, and on the ubuntu side, I have the folder permission 777. I have the same exact samba smb.conf file(locations of course matching new server), but I can't get it to authenticate with the new server(Old server is up and running too) and I'm lost. I thought I had it figured out when I did my last server, but I seem to be missing something on this one.
View 1 Replies
I had an older fedora box (I think it was Core 3) that acted as my file server in my small network (4). It worked fine when I had all XP clients connecting to it. Recently we decided to get all new computers. So now I have a fedora 10 box acting as my file/print server and all Vista Home premium computers as the clients. For the life of me I can not get samba to work. When I try to map the network drives on windows it will not let me authenticate. I install swat and try it that way, still no luck. Here is a copy of my smb.conf file:
Code:
# Samba config file created using SWAT
# from UNKNOWN
# Date: 2009/05/19 21:47:31
[global]
workgroup = AIVILANET
server string = Bighat Samba Server
interfaces = eth0
null passwords = Yes
smb passwd file = /etc/samba/smbpasswd
passdb backend = tdbsam
username map = /etc/samba/smbusers
syslog only = Yes
announce version = 5.0
name resolve order = hosts wins bcast
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = CUPS
wins support = Yes
[HP-LaserJet-1200]
comment = HP LaserJet 1200
path = /var/spool/samba
read only = No
printable = Yes
printer name = HP-LaserJet-1200
oplocks = No
share modes = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[home]
path = /home/savona/
username = savona
valid users = @Users
admin users = savona
write list = savona
force user = savona
force group = savona
read only = No
hosts allow = 10.0.0.2
Intent is to use samba+winbind to authenticate Ubuntu desktop against a Windows 2008 R2 domain (seems like I was able to get it working temporarily but it stopped working after some time). Quick overview of the issue: winbind is failing to lookup group ID's for a domain user causing the domain user to receive group errors on login and an inability to use domain groups in other configuration (sudoers, etc)
- Very basic install, boot to Ubuntu Desktop 10.04 LTS 64bit install, basic install options, perform software updates
- Following an Ubuntu AD HowTo [URL]
- Install kerberos, samba, winbind packages
- Make changes to krb5.conf, smb.conf, files in pam.d/ (to make the home directory and restrict login based on group membership, which works even in the half-working state but requires SID instead of text name)
After a reboot I can login as a domain account but I get the following error(s):
groups: cannot find name for group ID #####
##### is usually a number that ranges from 10000 to 10020, based on the smb.conf line regarding idmap I will get multiple group errors (one for each group that the user belongs to that winbind can't lookup for whatever reason, some groups can be resolved - see below) If I log-out and then log-in as a local user I can run the following command: id username The output returns something similar to the following:
uid=10002(username) gid=10003(domain users) groups=10003(domain users),10033,10032,10031,10030,10029,10028,10027,1 0026,10025,10024,10023,10022,10021(some group),10020,10019,10018(some other group),10017,10016,10015,10014,10013,10012,10011(s ome other other group),10010,10009,10008,10007
On a working system (Ubuntu 10.10 and when 10.04 decides to work) each group is followed by parenthesis' and the name of the group, this result clearly shows that some groups can be looked up but for some reason other groups are failing An output of /var/log/samba/log.winbind produces the following entries (that are logged when you run the id command)
[2011/08/03 19:04:39, 1] winbindd/winbindd_ads.c:1137(lookup_groupmem)
lsa_lookupsids call failed with NT_STATUS_PIPE_BROKEN - retrying...
[2011/08/03 19:04:39, 1] winbindd/winbindd_ads.c:1137(lookup_groupmem)
lsa_lookupsids call failed with NT_STATUS_PIPE_BROKEN - retrying...
The above repeats for what looks to be each group that fails (based on count of entries)If I use wbinfo I can resolve text group name to SID and SID to GID
wbinfo -n groupname (returns proper SID)
wbinfo -s SID (returns proper text group name)
wbinfo -Y SID (returns proper linux mapped group ID)
Following that process for a group that my user belongs to that is not resolving (via the id username command) will return the group ID (GID) properly (even though id username fails to lookup info for that same GID) Version Information:
uname -a
Linux hostname 2.6.32-33-generic #71-Ubuntu SMP Wed Jul 20 17:27:30 UTC 2011 x86_64 GNU/Linux
lsb_release -a
No LSB modules are available.
[code]....
i have the one help. i will creata one samba server.access this samba file windows system. also domain user access this samba folder. but problem is how can set permissions AD User( Windows 2008 Server).
View 2 Replies View RelatedI have a Linux Box running Fedora 13, it has Samba installed, and I have configured it, I also have a Windoze 7 PC, I want to be able to access the Windoze PC's files from my Linux Box, and vice versa, but when I try to open the Windoze PC in the network on my Linux Box, it asks for my Username and Password, I enter them, the box goes away then pops back up asking for them again... and on the Windoze PC, I find my Linux on the network, open it, it asks for my username and password, I enter them, and it lets me in, but then when I try opening my shared folder, it gives me: "You do not have permission to access \LINUX Shared Folder. Contact your network administrator to request access".
View 1 Replies View RelatedI'm using ubuntu server 9.10 for a home build NAS. Everything is working great just have one more thing to figure out. I have Samba set up to access my files and I set up a recycle feature so anything deleted will get moved to a Recycled folder. (I learned this the hard way after hitting delete key by accident while browsing the shares in windows. Lost 100 GB of data)
Now it is for the most part working but the permissions on folders isn't getting set right. If I delete a file in a share I can go to Recycle bin folder and delete the file for good. But if I delete a folder I can not access that folder to delete or restore from the Recycle bin folder. I have to chmod the folder before I can do anything with it. Anything I can change to get folders deleted via windows to have the right permissions when it is moved to the Recycle bin folder?
[Code]///
I would like to know how can I share a folder in samba with no need of user and password with write permission, with no need of using guest user.
View 3 Replies View RelatedI Have Configure Samba server in Centos, I need give permission like for some user(5User) can able to read and write the particular folder, and again i need give some another user(6user) can only read permission for same folder.
View 1 Replies View RelatedThe company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
I installed samba server in my external HDD. But it is not shown in system ----> Administration. Is there any problem. Then How to give permission to access home folder.
View 3 Replies View RelatedI just have installed Fedora 15 to use it for multimedia server. I have installed also samba. Now I'm trying to access it from another PC (Windows 7) and I have no write access.
Code:
[root@echo mnt]# ls -l
total 12
drwxr-xr-x. 2 root root 4096 Jan 1 2006 boot
[Code]....
i just read whole internet (i have spend over 6h for reading and testing a lot of options and nothing...)
I've set up smbd 3.4.7 on 10.04x64 LTS server. I've set up a couple shares and I'm having problems blocking access to certain directories using native file permissions. There is one directory that has folders for each sales rep to store their current list of quoted clients, I only want sales people to be able to browse the directories owned by themselves. Everything seems to be set up correctly in terms of user groups and permissions on the filesystem.
Below is marina, a sales rep, and brian, a super user of sorts.
id marina:
Code:
uid=1011(marina) gid=1006(office) groups=1006(office),1005(sales)
id nick:
Code:
uid=1000(brian) gid=1006(office) groups=1006(office),118(admin),1001(full),1002(processing),1003(management),1004(it),1005(sales)
Below is the directory with all the sales reps folders.
ls -la:
Code:
total 60
drwxrwxr-x 15 root it 4096 2011-02-10 20:06 .
drwxr-x--- 9 root office 4096 2010-11-19 12:40 ..
drwxrwx--- 13 katya full 4096 2010-12-07 12:36 Katya
drwxrwx--- 18 lana full 4096 2011-02-08 17:09 Lana
drwxrwx--- 23 marina full 4096 2011-02-10 18:09 Marina
drwxrwx--- 4 mike full 4096 2011-02-01 12:42 Mike
With this setup marina only be able to browse her folder, but she can browse all folders and has full write access to all folders. This leads me to believe something is up with the smbd.conf file, which is below.
Code:
[global]
workgroup = COMTREAD
null passwords = no
server string = Root Server
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0 .....
In this case the valid users directive would not work cause I am not making a share for each user. I had this on other shares like the db2 share. My windows box lagged heavily when I tried to access that share with an invalid user. How to deny users the ability to modify permissions I would also like to do that.
I got ssh passwordless login to work. If /var/www permissions are set to 750 it works, but when trying to access the server from a browser it shows permission denied. When I set /var/www to 777, users can access the files through a browser but then ssh passwordless login doesn't work. Anyway around this, so both will work?
View 1 Replies View RelatedI cannot browse the samba printers from windows xp professional clients.
I get the following message when trying to access the workgroup:
Code: Example is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
The list of servers for this workgroup is not currently available
Another strange thing is that if I set the workgroup to EXAMPLE in smb.conf, the workgroup shows up as Example on my windows clients.
I setup a Samba share and I cannot connect. I can mount in on local host but when I CD to the folder I mounted the share on I get access denied when I run ls.
cat /etc/samba/smb.conf
[W$]
path = /Files/
valid users = admin
[Code]....
I am trying to set up a windows file server using fedora 14 with samba. when I go to the a windows machine I can log in the the samba server. When I try to go to the folder I need access to I get and error saying "you might not have permission to use this network resource" I am trying to access my home directory. Directory /home/mike, username mike. As far as I can tell it is not a permission of the directory. I have a user set up in samba that uses the mike user account.
View 6 Replies View Relatedi use virtual hosts to develop several web applications. These are located in my home folder under /home/user/projects/project After a fresh installation, i always get a 403 forbidden error. After googling and reading on this forum, several solutions are mentioned for this problem. But i can hardly believe putting using a chmod 755 on my home folder is a correct solution. What is the correct way of doing things in this situation?
View 5 Replies View RelatedNot sure if this is the correct forum for this but I run ubuntu 10.04 server in virtualbox, and have samba running. I can see the files and read them in win7, but I want write access aswell!
I need to do this in terminal only, and Im not that well versed in Linux or the terminal. Anyways here is my smb.conf:
[global]
security = share
workgroup = myworkgroupname
load printers = no
[Code]...
Since "read only = no" I think i should have write permissions... and since I can read the files Im guessing the smb.conf is the problem?
I got ubuntu samba server on server 10.04 username:user1 , Home folder: /home/user1 This user connects from a macbook pro no problem. I followed the same steps to set up user2 username:user2 , Home folder: /home/user2 This user does not connect from windows vista. I have the correct ports open, 137-139 & 445, and can connect from the macintosh, but not vista. The error says that the username or password is in correct. If you need some log files or config files, just let me know where to go and they're all yours!
View 9 Replies View RelatedI've been trying to share a folder with samba. This folder is the decrypted version of an encfs encrypted folder. Mounting the decrypted folder on the server is done automatically on login using gnome-encfs. Exposing the folder locally works like a charm. Now where I get stuck is trying to access the samba share from a client (even with smbclient on the server itself). I can see the share with smbclient -L:
tijm64@tijm64-HTPC:~$ smbclient -L 192.168.1.100
Enter tijm64's password:
Domain=[TIJM64] OS=[Unix] Server=[Samba 3.4.7]
[Code].....
I've installed Ubuntu Server 7.10 Gutsy and Webmin 1.500 on it. The thing that I want to do is: I want to share a folder an sub folders for windows users ( guest user) I should modify those folders from my ubuntu desktop 9.10 karmic they are all same folders. Is it possible? if yes how can i make it. you can tell from webmin or samba configuration file.
View 8 Replies View RelatedWe have 10.x ubuntu server with XP clients. We have samba share folders at LAN. Is there any possibility that we can disable copy and paste option for some specific folders, while other data folders remain as usual in our shared data?
View 4 Replies View RelatedTrue or False: If you have a user on your Linux/Samba machine with a password, example:
User = Bob
Password = Password0
And Bob is on an XP computer, where his username is also Bob and his password is also Password0, is it normal for Bob to go to:
\SambaServer, double click on Bob's share (valid users = Bob only) and Bob get RIGHT in without being prompted?
On my prior setup, the user HAD to log in. If they wanted auto login next time with their credentials, they had to check "remember password." But now it's as if Samba knows who they are. It's very strange. What's the normal behavior? Must EVERYBODY authenticate with passwords, or if the Windows credentials are the same as Samba does it just somehow auto-detect it and allow them through?
First, like a dummy I did not backup the Samba config file before making changes. Using openSUSE as ftp and http server, was following tutorial to share between openSUSE and windows. I was using VNC to access machine to edit Samba config file, after altering the the file VNC authenication fails. I can still authenicate locally and through the ftp.
View 1 Replies View RelatedWe're still using an NT Domain Server, and Samba is already configured properly. But the problem is if the shared folder is configured in samba to be accessed by group and not the domain username, authentication fails even if the user is member of the group.
Example#1: (authentication successful)
[sharedfolder]
valid users = domain+username
Example#2:
[sharedfolder] (authentication fails)
valid users = @domaingroup
Samba version is samba-3.0.33
Set up a new cluster service for a cifs share. Has these properties:
Service name = cifs_cases
Autostart is checked
name=cases type=GFS Scope=shared
[code]....
I'm trying to set up a Samba share that's available over the network to a group of users in our institution. Our infrastructure is based on Novell Netware (slowly migrating to OES), and thus our authentication is managed by eDirectory. All our other shares are managed by Netware, but this one lives on a standalone Ubuntu server.
I've succeeded in setting up the share, and users can access it without a problem. The trouble is that currently it only works by treating all users as guest users and giving them the same privileges over the share. Is it possible to get Samba to authenticate users against eDirectory via LDAP? Would I have to get Ubuntu to authenticate against eDirectory, then Samba against Ubuntu, or can Samba do it directly? I've not really worked with LDAP before so I'm unsure where to start.
how can i give Writable permission to a folder and sub folder of it.
View 5 Replies View RelatedI would like to configure an access to folder
/fileserver
for two services : Samba and VSFTPD
How to do it ? How to create folder rights that samba and ftp user will have an access (read/write/delete) to all directories in /fileserver.
My system is CentOS. I`m starting samba and vsftpd like a root (/etc/init.d/vsftpd start etc.)
Ldapscripts seems to be authenticating oddly but I am not sure why. Running 'ldapadd' works without issue:
<code>root@domainator:~# ldapadd -D cn=root,dc=example,dc=home -W
Enter LDAP Password:
<CTRL-D>
root@domainator:~#
</code>
However:
<code>
root@domainator:~# ldapaddgroup test
>> 01/03/11 - 22:16 : Command : /usr/sbin/ldapaddgroup test
ldap_bind: Invalid credentials (49)
ldap_bind: Invalid credentials (49)
Error adding group test to LDAP
Error adding group test to LDAP
</code>
Here's various parts of my /etc/ldapscripts/ldapscripts.conf:
<code>
SERVER="domainator"
BINDDN="cn=root,dc=example,dc=home"
BINDPWDFILE="/etc/ldapscripts/ldapscripts.passwd"
SUFFIX="dc=example,dc=home" # Global suffix
GSUFFIX="ou=Groups" # Groups ou (just under $SUFFIX)
USUFFIX="ou=Users" # Users ou (just under $SUFFIX)
MSUFFIX="ou=Computers" # Machines ou (just under $SUFFIX)
GIDSTART="10000" # Group ID
UIDSTART="10000" # User ID
MIDSTART="20000" # Machine ID
</code>
/etc/ldapscripts/ldapscripts.passwd permissions are root:root, 0400 a
And I have quadruple checked my password is correct. Is there a way to print out debugging from ldapscripts so I know what commands it is generating?
