Hello,
I'm trying to setup a domain member server. I've followed the
directions from
http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#id2536544
but I'm having a problem accessing the user home directories. I have
been able to setup a another share and read and write from it. Any help
is greatly appreciated. Is it possible the space in the username is
causing problems (I didn't setup the domain)?
Thanks,
Jason
Here's what I'm getting in my log.
[2005/10/05 15:29:07, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [jason smith] -> [jason
smith] -
> [FIRSTCELL\jason smith] succeeded
[2005/10/05 15:29:07, 2] smbd/service.c:make_connection_snum(321)
user 'FIRSTCELL\jason smith' (from session setup) not permitted to
access this
share (jason smith)
Here's getent output
noflsrvtest:/var/log/samba# getent passwd "jason smith"
jason smith:x:15000:15000::/home/FIRSTCELL/jason smith:/bin/bash
Here's what happens when I try to use smbclient
noflsrvtest:/var/log/samba# smbclient //noflsrvtest/"jason smith"
-U"jason smith"
added interface ip=172.31.x.x bcast=172.31.x.x nmask=255.255.255.0
Password:
Domain=[FIRSTCELL] OS=[Unix] Server=[Samba 3.0.14a-Debian]
tree connect failed: NT_STATUS_ACCESS_DENIED
Here's what the directory permissions look like.
noflsrvtest:/home/FIRSTCELL# ls -al
total 0
drwxrwxrwx 3 root staff 80 Oct 5 12:58 .
drwxrwsr-x 6 root staff 128 Oct 4 23:05 ..
drwx------ 2 jason smith staff 48 Oct 5 12:58 jason smith
Here's some output from testparm.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = FIRSTCELL
server string = %h server
security = DOMAIN
passdb backend = tdbsam, guest
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
unix password sync = Yes
log level = 2
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = wins bcast host
printcap name = cups
disable spoolss = Yes
show add printer wizard = No
preferred master = No
dns proxy = No
wins server = 172.30.82.11
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
idmap uid = 15000-20000
idmap gid = 15000-20000
template primary group template shell = /bin/bash
winbind use default domain = Yes
invalid users = root
printer admin = root
printing = cups
print command lpq command = %p
lprm command
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
browseable = No
My problem was related to the %S in the valid users parameter for the [homes] share. Remove the %S and it worked. Jason Jason Smith wrote:> Hello, > > I'm trying to setup a domain member server. I've followed the > directions from > http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#id2536544 > but I'm having a problem accessing the user home directories. I have > been able to setup a another share and read and write from it. Any help > is greatly appreciated. Is it possible the space in the username is > causing problems (I didn't setup the domain)? > > Thanks, > Jason > > > Here's what I'm getting in my log. > > [2005/10/05 15:29:07, 2] auth/auth.c:check_ntlm_password(305) > check_ntlm_password: authentication for user [jason smith] -> [jason > smith] - > > [FIRSTCELL\jason smith] succeeded > [2005/10/05 15:29:07, 2] smbd/service.c:make_connection_snum(321) > user 'FIRSTCELL\jason smith' (from session setup) not permitted to > access this > share (jason smith) > > Here's getent output > noflsrvtest:/var/log/samba# getent passwd "jason smith" > jason smith:x:15000:15000::/home/FIRSTCELL/jason smith:/bin/bash > > Here's what happens when I try to use smbclient > noflsrvtest:/var/log/samba# smbclient //noflsrvtest/"jason smith" > -U"jason smith" > added interface ip=172.31.x.x bcast=172.31.x.x nmask=255.255.255.0 > Password: > Domain=[FIRSTCELL] OS=[Unix] Server=[Samba 3.0.14a-Debian] > tree connect failed: NT_STATUS_ACCESS_DENIED > > Here's what the directory permissions look like. > noflsrvtest:/home/FIRSTCELL# ls -al > total 0 > drwxrwxrwx 3 root staff 80 Oct 5 12:58 . > drwxrwsr-x 6 root staff 128 Oct 4 23:05 .. > drwx------ 2 jason smith staff 48 Oct 5 12:58 jason smith > > > Here's some output from testparm. > > Server role: ROLE_DOMAIN_MEMBER > Press enter to see a dump of your service definitions > > # Global parameters > [global] > workgroup = FIRSTCELL > server string = %h server > security = DOMAIN > passdb backend = tdbsam, guest > pam password change = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *Enter\snew\sUNIX\spassword:* %n\n > *Retype\snew\sUNIX\spassword:* %n\n . > unix password sync = Yes > log level = 2 > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > name resolve order = wins bcast host > printcap name = cups > disable spoolss = Yes > show add printer wizard = No > preferred master = No > dns proxy = No > wins server = 172.30.82.11 > ldap ssl = no > panic action = /usr/share/samba/panic-action %d > idmap uid = 15000-20000 > idmap gid = 15000-20000 > template primary group > template shell = /bin/bash > winbind use default domain = Yes > invalid users = root > printer admin = root > printing = cups > print command > lpq command = %p > lprm command > > [homes] > comment = Home Directories > valid users = %S > read only = No > create mask = 0700 > directory mask = 0700 > browseable = No > > >