Chris Hall
2008-May-16 18:15 UTC
[Samba] Access Denied, Roaming Profile -- no apparent reason...
Samba 3.0.28a-0.fc8 & Windows XP. When logging on to machine 'A' one of my users gets an "Access Denied" message for a particular cookie file -- 'statse'. When logging on to another machine ('B'), there is no problem. I have tried, when logged in as administrator (mapped to root on the server), to read the cookie file on both machines. Machine 'A' is OK. Machine 'B' gives "Access Denied". Other cookie files can be read on both machines with no difficulty. I can see no difference in permissions between the 'statse' cookie and all the others (they are all '-rw-------'). I have used Wireshark to see what machine 'A' does when it: a. successfully reads a cookie b. attempts and fails to read the 'statse' cookie having restarted smbd and nmbd immediately before each of the above. Apart from the names and sizes of the cookies, the process is identical up to the point that the cookies are read: a. successful read: -> Read AndX Request, FID: 0x1402, 172 bytes at offset 0 <- Read AndX Response, FID: 0x1402, 172 bytes The data is definitely there in this response packet. -> Trans2 Request, QUERY_FILE_INFO, FID: 0x1402, Query File Network Open Info <- Trans2 Response, FID: 0x1402, QUERY_FILE_INFO -> Read AndX Request, FID: 0x1402, 172 bytes at offset 0 <- Read AndX Response, FID: 0x1402, 172 bytes The data is in this packet as well !! -> Close Request, FID: 0x1402 <- Close Response, FID: 0x1402 b. failed read: -> Read AndX Request, FID: 0x13a2, 227 bytes at offset 0 <- Read AndX Response, FID: 0x13a2, 227 bytes This response is "NT Status: STATUS_SUCCESS" and the data is there in this response packet. -> Session Setup AndX Request, NTLMSSP_NEGOTIATE <- Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED -> Session Setup AndX Request, NTLMSSP_AUTH, User: \ <- Session Setup AndX Response -> Tree Connect AndX Request, Path: \\HESTIA\HESTIAROOT <- Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED .... etc. It's true that User '\' has no access to \\HESTIA\HESTIAROOT. What is obscure is why '\' is involved ! There are a number of questions I have no answer for: 1. the sequence up to and including the first 'Read AndX Response' is exactly the same in both cases -- I can see no difference in the access and other properties reported for the cookies. -- why, then, do the paths diverge ?? -- is there some information that Wireshark is not showing me ? 2. why XP is not satisfied with the first 'Read AndX Response' in any event ? 3. is there some hidden access control information that I should look for ? If so, how ? Stumped :-( -- Chris Hall -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 470 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20080516/7b492329/signature.bin
Maybe Matching Threads
- Poor performance getting lots of small files with WinXP/Win2k vs OS2
- Fw: Poor performance getting lots of small files with WinXP/Win2k vs OS2
- Poor performance when accessing Linux from Windows XP because of too many QUERY_FILE_INFO requests
- File writing strangeness
- Long Delays Displaying Small Folders in Windows Explorer (samba-3.0.10-1 FC2)