samba - Dec 2016 - Why I can not login my shared folder under samba + CentOS 7

The result of accessing from windows is same as accessing from Linux, after I
input correct username and password and click connect button, the login dialog
re-popup.


Thanks
On 12/02/2016 22:22, Gaiseric Vandal via samba wrote:
Can you access from windows?




I also notice that samba 4.2.10 is no longer a supported version.


On 12/01/16 15:39, truename via samba wrote:
> Following is output of smbclient -L \\127.0.0.1  -U test1:
>
>
>
>      Sharename       Type      Comment
>      ---------       ----      -------
>      data            Disk      data
>      IPC$            IPC       IPC Service (Samba Server Version 4.2.10)
>      test1           Disk      Home Directories
>      hp5550-1:7      Printer   hp5550-1
>      e-STUDIO283:2   Printer   e-STUDIO283
>      FX3D490A:3      Printer   FX3D490A
>      HPCP2025:9      Printer   HPCP2025
>      HPM2727:10      Printer   HPM2727
>      hp5550-2:8      Printer   hp5550-2
>      hp-color-LaserJet-5550-172-16-10-214:4 Printer  
hp-color-LaserJet-5550-172-16-10-214
>      ML-1660-Series:1 Printer   ML-1660-Series
>      ML-1660-Series:11 Printer   ML-1660-Series
>      topdf:12        Printer   topdf
>      HP5100:6        Printer   HP5100
>      hp5000-1:5      Printer   hp5000-1
>
>      Server               Comment
>      ---------            -------
>      LOCALHOST            Samba Server Version 4.2.10
>
>      Workgroup            Master
>      ---------            -------
>      MYGROUP              LOCALHOST
>
>
> And following is content of my smb.conf under /etc/samba:
>
>
> # This is the main Samba configuration file. For detailed information about
the
> # options listed here, refer to the smb.conf(5) manual page. Samba has a
huge
> # number of configurable options, most of which are not shown in this
example.
> #
> # The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
> # guides for installing, configuring, and using Samba:
> # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
> #
> # The Samba-3 by Example guide has working examples for smb.conf. This
guide is
> # generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
> #
> # In this file, lines starting with a semicolon (;) or a hash (#) are
> # comments and are ignored. This file uses hashes to denote commentary and
> # semicolons for parts of the file you may wish to configure.
> #
> # Note: Run the "testparm" command after modifying this file to
check for basic
> # syntax errors.
> #
> #---------------
> # Security-Enhanced Linux (SELinux) Notes:
> #
> # Turn the samba_domain_controller Boolean on to allow Samba to use the
useradd
> # and groupadd family of binaries. Run the following command as the root
user to
> # turn this Boolean on:
> # setsebool -P samba_domain_controller on
> #
> # Turn the samba_enable_home_dirs Boolean on if you want to share home
> # directories via Samba. Run the following command as the root user to turn
this
> # Boolean on:
> # setsebool -P samba_enable_home_dirs on
> #
> # If you create a new directory, such as a new top-level directory, label
it
> # with samba_share_t so that SELinux allows Samba to read and write to it.
Do
> # not label system directories, such as /etc/ and /home/, with
samba_share_t, as
> # such directories should already have an SELinux label.
> #
> # Run the "ls -ldZ /path/to/directory" command to view the
current SELinux
> # label for a given directory.
> #
> # Set SELinux labels only on files and directories you have created. Use
the
> # chcon command to temporarily change a label:
> # chcon -t samba_share_t /path/to/directory
> #
> # Changes made via chcon are lost when the file system is relabeled or
commands
> # such as restorecon are run.
> #
> # Use the samba_export_all_ro or samba_export_all_rw Boolean to share
system
> # directories. To share such directories and only allow read-only
permissions:
> # setsebool -P samba_export_all_ro on
> # To share such directories and allow read and write permissions:
> # setsebool -P samba_export_all_rw on
> #
> # To run scripts (preexec/root prexec/print command/...), copy them to the
> # /var/lib/samba/scripts/ directory so that SELinux will allow smbd to run
them.
> # Note that if you move the scripts to /var/lib/samba/scripts/, they retain
> # their existing SELinux labels, which may be labels that SELinux does not
allow
> # smbd to run. Copying the scripts will result in the correct SELinux
labels.
> # Run the "restorecon -R -v /var/lib/samba/scripts" command as
the root user to
> # apply the correct SELinux labels to these files.
> #
> #--------------
> #
> #======================= Global Settings
====================================>
> [global]
>
> # ----------------------- Network-Related Options -------------------------
> #
> # workgroup = the Windows NT domain name or workgroup name, for example,
MYGROUP.
> #
> # server string = the equivalent of the Windows NT Description field.
> #
> # netbios name = used to specify a server name that is not tied to the
hostname.
> #
> # interfaces = used to configure Samba to listen on multiple network
interfaces.
> # If you have multiple interfaces, you can use the "interfaces ="
option to
> # configure which of those interfaces Samba listens on. Never omit the
localhost
> # interface (lo).
> #
> # hosts allow = the hosts allowed to connect. This option can also be used
on a
> # per-share basis.
> #
> # hosts deny = the hosts not allowed to connect. This option can also be
used on
> # a per-share basis.
> #
> # max protocol = used to define the supported protocol. The default is NT1.
You
> # can set it to SMB2 if you want experimental SMB2 support.
> #
>      workgroup = MYGROUP
>      server string = Samba Server Version %v
>
> ;    netbios name = MYSERVER
>
> ;    interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
> ;    hosts allow = 127. 192.168.12. 192.168.13.
>
> ;    max protocol = SMB2
>
> # --------------------------- Logging Options -----------------------------
> #
> # log file = specify where log files are written to and how they are split.
> #
> # max log size = specify the maximum size log files are allowed to reach.
Log
> # files are rotated when they reach the size specified with "max log
size".
> #
>
>      # log files split per-machine:
>      log file = /var/log/samba/log.%m
>      # maximum size of 50KB per log file, then rotate:
>      max log size = 50
>
> # ----------------------- Standalone Server Options
------------------------
> #
> # security = the mode Samba runs in. This can be set to user, share
> # (deprecated), or server (deprecated).
> #
> # passdb backend = the backend used to store user information in. New
> # installations should use either tdbsam or ldapsam. No additional
configuration
> # is required for tdbsam. The "smbpasswd" utility is available
for backwards
> # compatibility.
> #
>
>      security = user
>      passdb backend = tdbsam
>
>
> # ----------------------- Domain Members Options ------------------------
> #
> # security = must be set to domain or ads.
> #
> # passdb backend = the backend used to store user information in. New
> # installations should use either tdbsam or ldapsam. No additional
configuration
> # is required for tdbsam. The "smbpasswd" utility is available
for backwards
> # compatibility.
> #
> # realm = only use the realm option when the "security = ads"
option is set.
> # The realm option specifies the Active Directory realm the host is a part
of.
> #
> # password server = only use this option when the "security =
server"
> # option is set, or if you cannot use DNS to locate a Domain Controller.
The
> # argument list can include My_PDC_Name, [My_BDC_Name], and
[My_Next_BDC_Name]:
> #
> # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
> #
> # Use "password server = *" to automatically locate Domain
Controllers.
>
> ;    security = domain
> ;    passdb backend = tdbsam
> ;    realm = MY_REALM
>
> ;    password server = <NT-Server-Name>
>
> # ----------------------- Domain Controller Options
------------------------
> #
> # security = must be set to user for domain controllers.
> #
> # passdb backend = the backend used to store user information in. New
> # installations should use either tdbsam or ldapsam. No additional
configuration
> # is required for tdbsam. The "smbpasswd" utility is available
for backwards
> # compatibility.
> #
> # domain master = specifies Samba to be the Domain Master Browser, allowing
> # Samba to collate browse lists between subnets. Do not use the
"domain master"
> # option if you already have a Windows NT domain controller performing this
task.
> #
> # domain logons = allows Samba to provide a network logon service for
Windows
> # workstations.
> #
> # logon script = specifies a script to run at login time on the client.
These
> # scripts must be provided in a share named NETLOGON.
> #
> # logon path = specifies (with a UNC path) where user profiles are stored.
> #
> #
> ;    security = user
> ;    passdb backend = tdbsam
>
> ;    domain master = yes
> ;    domain logons = yes
>
>      # the following login script name is determined by the machine name
>      # (%m):
> ;    logon script = %m.bat
>      # the following login script name is determined by the UNIX user used:
> ;    logon script = %u.bat
> ;    logon path = \\%L\Profiles\%u
>      # use an empty path to disable profile support:
> ;    logon path >
>      # various scripts can be used on a domain controller or a stand-alone
>      # machine to add or delete corresponding UNIX accounts:
>
> ;    add user script = /usr/sbin/useradd "%u" -n -g users
> ;    add group script = /usr/sbin/groupadd "%g"
> ;    add machine script = /usr/sbin/useradd -n -c "Workstation
(%u)" -M -d /nohome -s /bin/false "%u"
> ;    delete user script = /usr/sbin/userdel "%u"
> ;    delete user from group script = /usr/sbin/userdel "%u"
"%g"
> ;    delete group script = /usr/sbin/groupdel "%g"
>
>
> # ----------------------- Browser Control Options
----------------------------
> #
> # local master = when set to no, Samba does not become the master browser
on
> # your network. When set to yes, normal election rules apply.
> #
> # os level = determines the precedence the server has in master browser
> # elections. The default value should be reasonable.
> #
> # preferred master = when set to yes, Samba forces a local browser election
at
> # start up (and gives itself a slightly higher chance of winning the
election).
> #
> ;    local master = no
> ;    os level = 33
> ;    preferred master = yes
>
> #----------------------------- Name Resolution
-------------------------------
> #
> # This section details the support for the Windows Internet Name Service
(WINS).
> #
> # Note: Samba can be either a WINS server or a WINS client, but not both.
> #
> # wins support = when set to yes, the NMBD component of Samba enables its
WINS
> # server.
> #
> # wins server = tells the NMBD component of Samba to be a WINS client.
> #
> # wins proxy = when set to yes, Samba answers name resolution queries on
behalf
> # of a non WINS capable client. For this to work, there must be at least
one
> # WINS server on the network. The default is no.
> #
> # dns proxy = when set to yes, Samba attempts to resolve NetBIOS names via
DNS
> # nslookups.
>
> ;    wins support = yes
> ;    wins server = w.x.y.z
> ;    wins proxy = yes
>
> ;    dns proxy = yes
>
> # --------------------------- Printing Options
-----------------------------
> #
> # The options in this section allow you to configure a non-default printing
> # system.
> #
> # load printers = when set you yes, the list of printers is automatically
> # loaded, rather than setting them up individually.
> #
> # cups options = allows you to pass options to the CUPS library. Setting
this
> # option to raw, for example, allows you to use drivers on your Windows
clients.
> #
> # printcap name = used to specify an alternative printcap file.
> #
>
>      load printers = yes
>      cups options = raw
>
> ;    printcap name = /etc/printcap
>      # obtain a list of printers automatically on UNIX System V systems:
> ;    printcap name = lpstat
> ;    printing = cups
>
> # --------------------------- File System Options
---------------------------
> #
> # The options in this section can be un-commented if the file system
supports
> # extended attributes, and those attributes are enabled (usually via the
> # "user_xattr" mount option). These options allow the
administrator to specify
> # that DOS attributes are stored in extended attributes and also make sure
that
> # Samba does not change the permission bits.
> #
> # Note: These options can be used on a per-share basis. Setting them
globally
> # (in the [global] section) makes them the default for all shares.
>
> ;    map archive = no
> ;    map hidden = no
> ;    map read only = no
> ;    map system = no
> ;    store dos attributes = yes
>
>
> #============================ Share Definitions
=============================>
> [homes]
>      comment = Home Directories
>      browseable = no
>      writable = yes
> ;    valid users = %S
> ;    valid users = MYDOMAIN\%S
>
> [printers]
>      comment = All Printers
>      path = /var/spool/samba
>      browseable = no
>      guest ok = no
>      writable = no
>      printable = yes
>
> # Un-comment the following and create the netlogon directory for Domain
Logons:
> ;    [netlogon]
> ;    comment = Network Logon Service
> ;    path = /var/lib/samba/netlogon
> ;    guest ok = yes
> ;    writable = no
> ;    share modes = no
>
> # Un-comment the following to provide a specific roving profile share.
> # The default is to use the user's home directory:
> ;    [Profiles]
> ;    path = /var/lib/samba/profiles
> ;    browseable = no
> ;    guest ok = yes
>
> # A publicly accessible directory that is read only, except for users in
the
> # "staff" group (which have write permissions):
> ;    [public]
> ;    comment = Public Stuff
> ;    path = /home/samba
> ;    public = yes
> ;    writable = yes
> ;    printable = no
> ;    write list = +staff
>
> [data]
>      comment = data
>      path = /home/myname/data
>      valid users = test1
>      write list = test1
>      create mask = 0754
>      sync always = Yes
> ;    hide dot files = yes
> ;    writeable = no
> ;    browseable = yes
>
>
> Thanks
>
>
>
>
>
>
>
>
> 在 2016-12-02 00:02:41，"Gaiseric Vandal via samba" <samba at
lists.samba.org> 写道：
>> Did you configure this as a domain controller or a domain member ?  Or
>> this just a standalone machine.
>>
>>  From the command line  can you try the following
>>
>>      smbclient -L \\127.0.0.1  -U test1
>>
>> or maybe
>>
>>      smbclient -d3 -L \\127.0.0.1  -U test1
>>
>>
>> You may also want to try 'MACHINENAME\test1' as the user name.
>>
>>
>>
>>
>>
>> On 12/01/16 10:17, truename via samba wrote:
>>> Hi,
>>>
>>> I install samba by:
>>>
>>> sudo yum install samba.x86_64
>>>
>>> I edit /etc/samba/smb.conf by adding follows：
>>>
>>> [data]
>>>       comment = data
>>>       path = /home/myname/data
>>>       valid users = test1
>>>       write list = test1
>>>       create mask = 0754
>>>       sync always = Yes
>>> ;    hide dot files = yes
>>> ;    writeable = no
>>> ;    browseable = yes
>>>
>>> Then take effect my config:
>>>
>>> service smb restart
>>>
>>> I create shared folder:
>>>
>>> cd ~
>>> mkdir data
>>>
>>> I create user:
>>>
>>> useradd test1
>>> smbpasswd -a test1
>>> <then password>
>>>
>>>
>>> Then I open my file manager and input:
>>>
>>> smb://127.0.0.1
>>>
>>> A login form popup, I enter username: test1 and the password, the
login form returns again, I found I can not enter the shared folder by that
account.
>>>
>>> Thanks
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

I found that if I create a folder under / as my shared folder(for example:
/data), the samba work. If the shared folder is /home/myname/data, it
doesn't work.





At 2016-12-03 12:31:31, "truename via samba" <samba at
lists.samba.org> wrote:
>The result of accessing from windows is same as accessing from Linux, after
I input correct username and password and click connect button, the login dialog
re-popup.
>
>
>Thanks
>On 12/02/2016 22:22, Gaiseric Vandal via samba wrote:
>Can you access from windows?
>
>
>
>
>I also notice that samba 4.2.10 is no longer a supported version.
>
>
>On 12/01/16 15:39, truename via samba wrote:
>> Following is output of smbclient -L \\127.0.0.1  -U test1:
>>
>>
>>
>>      Sharename       Type      Comment
>>      ---------       ----      -------
>>      data            Disk      data
>>      IPC$            IPC       IPC Service (Samba Server Version
4.2.10)
>>      test1           Disk      Home Directories
>>      hp5550-1:7      Printer   hp5550-1
>>      e-STUDIO283:2   Printer   e-STUDIO283
>>      FX3D490A:3      Printer   FX3D490A
>>      HPCP2025:9      Printer   HPCP2025
>>      HPM2727:10      Printer   HPM2727
>>      hp5550-2:8      Printer   hp5550-2
>>      hp-color-LaserJet-5550-172-16-10-214:4 Printer  
hp-color-LaserJet-5550-172-16-10-214
>>      ML-1660-Series:1 Printer   ML-1660-Series
>>      ML-1660-Series:11 Printer   ML-1660-Series
>>      topdf:12        Printer   topdf
>>      HP5100:6        Printer   HP5100
>>      hp5000-1:5      Printer   hp5000-1
>>
>>      Server               Comment
>>      ---------            -------
>>      LOCALHOST            Samba Server Version 4.2.10
>>
>>      Workgroup            Master
>>      ---------            -------
>>      MYGROUP              LOCALHOST
>>
>>
>> And following is content of my smb.conf under /etc/samba:
>>
>>
>> # This is the main Samba configuration file. For detailed information
about the
>> # options listed here, refer to the smb.conf(5) manual page. Samba has
a huge
>> # number of configurable options, most of which are not shown in this
example.
>> #
>> # The Official Samba 3.2.x HOWTO and Reference Guide contains
step-by-step
>> # guides for installing, configuring, and using Samba:
>> # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
>> #
>> # The Samba-3 by Example guide has working examples for smb.conf. This
guide is
>> # generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
>> #
>> # In this file, lines starting with a semicolon (;) or a hash (#) are
>> # comments and are ignored. This file uses hashes to denote commentary
and
>> # semicolons for parts of the file you may wish to configure.
>> #
>> # Note: Run the "testparm" command after modifying this file
to check for basic
>> # syntax errors.
>> #
>> #---------------
>> # Security-Enhanced Linux (SELinux) Notes:
>> #
>> # Turn the samba_domain_controller Boolean on to allow Samba to use the
useradd
>> # and groupadd family of binaries. Run the following command as the
root user to
>> # turn this Boolean on:
>> # setsebool -P samba_domain_controller on
>> #
>> # Turn the samba_enable_home_dirs Boolean on if you want to share home
>> # directories via Samba. Run the following command as the root user to
turn this
>> # Boolean on:
>> # setsebool -P samba_enable_home_dirs on
>> #
>> # If you create a new directory, such as a new top-level directory,
label it
>> # with samba_share_t so that SELinux allows Samba to read and write to
it. Do
>> # not label system directories, such as /etc/ and /home/, with
samba_share_t, as
>> # such directories should already have an SELinux label.
>> #
>> # Run the "ls -ldZ /path/to/directory" command to view the
current SELinux
>> # label for a given directory.
>> #
>> # Set SELinux labels only on files and directories you have created.
Use the
>> # chcon command to temporarily change a label:
>> # chcon -t samba_share_t /path/to/directory
>> #
>> # Changes made via chcon are lost when the file system is relabeled or
commands
>> # such as restorecon are run.
>> #
>> # Use the samba_export_all_ro or samba_export_all_rw Boolean to share
system
>> # directories. To share such directories and only allow read-only
permissions:
>> # setsebool -P samba_export_all_ro on
>> # To share such directories and allow read and write permissions:
>> # setsebool -P samba_export_all_rw on
>> #
>> # To run scripts (preexec/root prexec/print command/...), copy them to
the
>> # /var/lib/samba/scripts/ directory so that SELinux will allow smbd to
run them.
>> # Note that if you move the scripts to /var/lib/samba/scripts/, they
retain
>> # their existing SELinux labels, which may be labels that SELinux does
not allow
>> # smbd to run. Copying the scripts will result in the correct SELinux
labels.
>> # Run the "restorecon -R -v /var/lib/samba/scripts" command
as the root user to
>> # apply the correct SELinux labels to these files.
>> #
>> #--------------
>> #
>> #======================= Global Settings
====================================>>
>> [global]
>>
>> # ----------------------- Network-Related Options
-------------------------
>> #
>> # workgroup = the Windows NT domain name or workgroup name, for
example, MYGROUP.
>> #
>> # server string = the equivalent of the Windows NT Description field.
>> #
>> # netbios name = used to specify a server name that is not tied to the
hostname.
>> #
>> # interfaces = used to configure Samba to listen on multiple network
interfaces.
>> # If you have multiple interfaces, you can use the "interfaces
=" option to
>> # configure which of those interfaces Samba listens on. Never omit the
localhost
>> # interface (lo).
>> #
>> # hosts allow = the hosts allowed to connect. This option can also be
used on a
>> # per-share basis.
>> #
>> # hosts deny = the hosts not allowed to connect. This option can also
be used on
>> # a per-share basis.
>> #
>> # max protocol = used to define the supported protocol. The default is
NT1. You
>> # can set it to SMB2 if you want experimental SMB2 support.
>> #
>>      workgroup = MYGROUP
>>      server string = Samba Server Version %v
>>
>> ;    netbios name = MYSERVER
>>
>> ;    interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
>> ;    hosts allow = 127. 192.168.12. 192.168.13.
>>
>> ;    max protocol = SMB2
>>
>> # --------------------------- Logging Options
-----------------------------
>> #
>> # log file = specify where log files are written to and how they are
split.
>> #
>> # max log size = specify the maximum size log files are allowed to
reach. Log
>> # files are rotated when they reach the size specified with "max
log size".
>> #
>>
>>      # log files split per-machine:
>>      log file = /var/log/samba/log.%m
>>      # maximum size of 50KB per log file, then rotate:
>>      max log size = 50
>>
>> # ----------------------- Standalone Server Options
------------------------
>> #
>> # security = the mode Samba runs in. This can be set to user, share
>> # (deprecated), or server (deprecated).
>> #
>> # passdb backend = the backend used to store user information in. New
>> # installations should use either tdbsam or ldapsam. No additional
configuration
>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>> # compatibility.
>> #
>>
>>      security = user
>>      passdb backend = tdbsam
>>
>>
>> # ----------------------- Domain Members Options
------------------------
>> #
>> # security = must be set to domain or ads.
>> #
>> # passdb backend = the backend used to store user information in. New
>> # installations should use either tdbsam or ldapsam. No additional
configuration
>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>> # compatibility.
>> #
>> # realm = only use the realm option when the "security = ads"
option is set.
>> # The realm option specifies the Active Directory realm the host is a
part of.
>> #
>> # password server = only use this option when the "security =
server"
>> # option is set, or if you cannot use DNS to locate a Domain
Controller. The
>> # argument list can include My_PDC_Name, [My_BDC_Name], and
[My_Next_BDC_Name]:
>> #
>> # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
>> #
>> # Use "password server = *" to automatically locate Domain
Controllers.
>>
>> ;    security = domain
>> ;    passdb backend = tdbsam
>> ;    realm = MY_REALM
>>
>> ;    password server = <NT-Server-Name>
>>
>> # ----------------------- Domain Controller Options
------------------------
>> #
>> # security = must be set to user for domain controllers.
>> #
>> # passdb backend = the backend used to store user information in. New
>> # installations should use either tdbsam or ldapsam. No additional
configuration
>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>> # compatibility.
>> #
>> # domain master = specifies Samba to be the Domain Master Browser,
allowing
>> # Samba to collate browse lists between subnets. Do not use the
"domain master"
>> # option if you already have a Windows NT domain controller performing
this task.
>> #
>> # domain logons = allows Samba to provide a network logon service for
Windows
>> # workstations.
>> #
>> # logon script = specifies a script to run at login time on the client.
These
>> # scripts must be provided in a share named NETLOGON.
>> #
>> # logon path = specifies (with a UNC path) where user profiles are
stored.
>> #
>> #
>> ;    security = user
>> ;    passdb backend = tdbsam
>>
>> ;    domain master = yes
>> ;    domain logons = yes
>>
>>      # the following login script name is determined by the machine
name
>>      # (%m):
>> ;    logon script = %m.bat
>>      # the following login script name is determined by the UNIX user
used:
>> ;    logon script = %u.bat
>> ;    logon path = \\%L\Profiles\%u
>>      # use an empty path to disable profile support:
>> ;    logon path >>
>>      # various scripts can be used on a domain controller or a
stand-alone
>>      # machine to add or delete corresponding UNIX accounts:
>>
>> ;    add user script = /usr/sbin/useradd "%u" -n -g users
>> ;    add group script = /usr/sbin/groupadd "%g"
>> ;    add machine script = /usr/sbin/useradd -n -c "Workstation
(%u)" -M -d /nohome -s /bin/false "%u"
>> ;    delete user script = /usr/sbin/userdel "%u"
>> ;    delete user from group script = /usr/sbin/userdel "%u"
"%g"
>> ;    delete group script = /usr/sbin/groupdel "%g"
>>
>>
>> # ----------------------- Browser Control Options
----------------------------
>> #
>> # local master = when set to no, Samba does not become the master
browser on
>> # your network. When set to yes, normal election rules apply.
>> #
>> # os level = determines the precedence the server has in master browser
>> # elections. The default value should be reasonable.
>> #
>> # preferred master = when set to yes, Samba forces a local browser
election at
>> # start up (and gives itself a slightly higher chance of winning the
election).
>> #
>> ;    local master = no
>> ;    os level = 33
>> ;    preferred master = yes
>>
>> #----------------------------- Name Resolution
-------------------------------
>> #
>> # This section details the support for the Windows Internet Name
Service (WINS).
>> #
>> # Note: Samba can be either a WINS server or a WINS client, but not
both.
>> #
>> # wins support = when set to yes, the NMBD component of Samba enables
its WINS
>> # server.
>> #
>> # wins server = tells the NMBD component of Samba to be a WINS client.
>> #
>> # wins proxy = when set to yes, Samba answers name resolution queries
on behalf
>> # of a non WINS capable client. For this to work, there must be at
least one
>> # WINS server on the network. The default is no.
>> #
>> # dns proxy = when set to yes, Samba attempts to resolve NetBIOS names
via DNS
>> # nslookups.
>>
>> ;    wins support = yes
>> ;    wins server = w.x.y.z
>> ;    wins proxy = yes
>>
>> ;    dns proxy = yes
>>
>> # --------------------------- Printing Options
-----------------------------
>> #
>> # The options in this section allow you to configure a non-default
printing
>> # system.
>> #
>> # load printers = when set you yes, the list of printers is
automatically
>> # loaded, rather than setting them up individually.
>> #
>> # cups options = allows you to pass options to the CUPS library.
Setting this
>> # option to raw, for example, allows you to use drivers on your Windows
clients.
>> #
>> # printcap name = used to specify an alternative printcap file.
>> #
>>
>>      load printers = yes
>>      cups options = raw
>>
>> ;    printcap name = /etc/printcap
>>      # obtain a list of printers automatically on UNIX System V
systems:
>> ;    printcap name = lpstat
>> ;    printing = cups
>>
>> # --------------------------- File System Options
---------------------------
>> #
>> # The options in this section can be un-commented if the file system
supports
>> # extended attributes, and those attributes are enabled (usually via
the
>> # "user_xattr" mount option). These options allow the
administrator to specify
>> # that DOS attributes are stored in extended attributes and also make
sure that
>> # Samba does not change the permission bits.
>> #
>> # Note: These options can be used on a per-share basis. Setting them
globally
>> # (in the [global] section) makes them the default for all shares.
>>
>> ;    map archive = no
>> ;    map hidden = no
>> ;    map read only = no
>> ;    map system = no
>> ;    store dos attributes = yes
>>
>>
>> #============================ Share Definitions
=============================>>
>> [homes]
>>      comment = Home Directories
>>      browseable = no
>>      writable = yes
>> ;    valid users = %S
>> ;    valid users = MYDOMAIN\%S
>>
>> [printers]
>>      comment = All Printers
>>      path = /var/spool/samba
>>      browseable = no
>>      guest ok = no
>>      writable = no
>>      printable = yes
>>
>> # Un-comment the following and create the netlogon directory for Domain
Logons:
>> ;    [netlogon]
>> ;    comment = Network Logon Service
>> ;    path = /var/lib/samba/netlogon
>> ;    guest ok = yes
>> ;    writable = no
>> ;    share modes = no
>>
>> # Un-comment the following to provide a specific roving profile share.
>> # The default is to use the user's home directory:
>> ;    [Profiles]
>> ;    path = /var/lib/samba/profiles
>> ;    browseable = no
>> ;    guest ok = yes
>>
>> # A publicly accessible directory that is read only, except for users
in the
>> # "staff" group (which have write permissions):
>> ;    [public]
>> ;    comment = Public Stuff
>> ;    path = /home/samba
>> ;    public = yes
>> ;    writable = yes
>> ;    printable = no
>> ;    write list = +staff
>>
>> [data]
>>      comment = data
>>      path = /home/myname/data
>>      valid users = test1
>>      write list = test1
>>      create mask = 0754
>>      sync always = Yes
>> ;    hide dot files = yes
>> ;    writeable = no
>> ;    browseable = yes
>>
>>
>> Thanks
>>
>>
>>
>>
>>
>>
>>
>>
>> 在 2016-12-02 00:02:41，"Gaiseric Vandal via samba" <samba
at lists.samba.org> 写道：
>>> Did you configure this as a domain controller or a domain member ? 
Or
>>> this just a standalone machine.
>>>
>>>  From the command line  can you try the following
>>>
>>>      smbclient -L \\127.0.0.1  -U test1
>>>
>>> or maybe
>>>
>>>      smbclient -d3 -L \\127.0.0.1  -U test1
>>>
>>>
>>> You may also want to try 'MACHINENAME\test1' as the user
name.
>>>
>>>
>>>
>>>
>>>
>>> On 12/01/16 10:17, truename via samba wrote:
>>>> Hi,
>>>>
>>>> I install samba by:
>>>>
>>>> sudo yum install samba.x86_64
>>>>
>>>> I edit /etc/samba/smb.conf by adding follows：
>>>>
>>>> [data]
>>>>       comment = data
>>>>       path = /home/myname/data
>>>>       valid users = test1
>>>>       write list = test1
>>>>       create mask = 0754
>>>>       sync always = Yes
>>>> ;    hide dot files = yes
>>>> ;    writeable = no
>>>> ;    browseable = yes
>>>>
>>>> Then take effect my config:
>>>>
>>>> service smb restart
>>>>
>>>> I create shared folder:
>>>>
>>>> cd ~
>>>> mkdir data
>>>>
>>>> I create user:
>>>>
>>>> useradd test1
>>>> smbpasswd -a test1
>>>> <then password>
>>>>
>>>>
>>>> Then I open my file manager and input:
>>>>
>>>> smb://127.0.0.1
>>>>
>>>> A login form popup, I enter username: test1 and the password,
the login form returns again, I found I can not enter the shared folder by that
account.
>>>>
>>>> Thanks
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba

Is /home an autofs mount point ?  Is it a on  separate file system from 
the root file system?  Is selinux enabled ?

I found that having selinux enabled would cause problems with apache web 
server  if I was trying to publish files from a directory on a separate 
file system.  Maybe something similar with samba.   If this is the case, 
you would see it in some of the non-samba OS system logs.






On 12/03/16 03:31, truename via samba wrote:
> I found that if I create a folder under / as my shared folder(for example:
/data), the samba work. If the shared folder is /home/myname/data, it
doesn't work.
>
>
>
>
>
> At 2016-12-03 12:31:31, "truename via samba" <samba at
lists.samba.org> wrote:
>> The result of accessing from windows is same as accessing from Linux,
after I input correct username and password and click connect button, the login
dialog re-popup.
>>
>>
>> Thanks
>> On 12/02/2016 22:22, Gaiseric Vandal via samba wrote:
>> Can you access from windows?
>>
>>
>>
>>
>> I also notice that samba 4.2.10 is no longer a supported version.
>>
>>
>> On 12/01/16 15:39, truename via samba wrote:
>>> Following is output of smbclient -L \\127.0.0.1  -U test1:
>>>
>>>
>>>
>>>       Sharename       Type      Comment
>>>       ---------       ----      -------
>>>       data            Disk      data
>>>       IPC$            IPC       IPC Service (Samba Server Version
4.2.10)
>>>       test1           Disk      Home Directories
>>>       hp5550-1:7      Printer   hp5550-1
>>>       e-STUDIO283:2   Printer   e-STUDIO283
>>>       FX3D490A:3      Printer   FX3D490A
>>>       HPCP2025:9      Printer   HPCP2025
>>>       HPM2727:10      Printer   HPM2727
>>>       hp5550-2:8      Printer   hp5550-2
>>>       hp-color-LaserJet-5550-172-16-10-214:4 Printer  
hp-color-LaserJet-5550-172-16-10-214
>>>       ML-1660-Series:1 Printer   ML-1660-Series
>>>       ML-1660-Series:11 Printer   ML-1660-Series
>>>       topdf:12        Printer   topdf
>>>       HP5100:6        Printer   HP5100
>>>       hp5000-1:5      Printer   hp5000-1
>>>
>>>       Server               Comment
>>>       ---------            -------
>>>       LOCALHOST            Samba Server Version 4.2.10
>>>
>>>       Workgroup            Master
>>>       ---------            -------
>>>       MYGROUP              LOCALHOST
>>>
>>>
>>> And following is content of my smb.conf under /etc/samba:
>>>
>>>
>>> # This is the main Samba configuration file. For detailed
information about the
>>> # options listed here, refer to the smb.conf(5) manual page. Samba
has a huge
>>> # number of configurable options, most of which are not shown in
this example.
>>> #
>>> # The Official Samba 3.2.x HOWTO and Reference Guide contains
step-by-step
>>> # guides for installing, configuring, and using Samba:
>>> # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
>>> #
>>> # The Samba-3 by Example guide has working examples for smb.conf.
This guide is
>>> # generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
>>> #
>>> # In this file, lines starting with a semicolon (;) or a hash (#)
are
>>> # comments and are ignored. This file uses hashes to denote
commentary and
>>> # semicolons for parts of the file you may wish to configure.
>>> #
>>> # Note: Run the "testparm" command after modifying this
file to check for basic
>>> # syntax errors.
>>> #
>>> #---------------
>>> # Security-Enhanced Linux (SELinux) Notes:
>>> #
>>> # Turn the samba_domain_controller Boolean on to allow Samba to use
the useradd
>>> # and groupadd family of binaries. Run the following command as the
root user to
>>> # turn this Boolean on:
>>> # setsebool -P samba_domain_controller on
>>> #
>>> # Turn the samba_enable_home_dirs Boolean on if you want to share
home
>>> # directories via Samba. Run the following command as the root user
to turn this
>>> # Boolean on:
>>> # setsebool -P samba_enable_home_dirs on
>>> #
>>> # If you create a new directory, such as a new top-level directory,
label it
>>> # with samba_share_t so that SELinux allows Samba to read and write
to it. Do
>>> # not label system directories, such as /etc/ and /home/, with
samba_share_t, as
>>> # such directories should already have an SELinux label.
>>> #
>>> # Run the "ls -ldZ /path/to/directory" command to view
the current SELinux
>>> # label for a given directory.
>>> #
>>> # Set SELinux labels only on files and directories you have
created. Use the
>>> # chcon command to temporarily change a label:
>>> # chcon -t samba_share_t /path/to/directory
>>> #
>>> # Changes made via chcon are lost when the file system is relabeled
or commands
>>> # such as restorecon are run.
>>> #
>>> # Use the samba_export_all_ro or samba_export_all_rw Boolean to
share system
>>> # directories. To share such directories and only allow read-only
permissions:
>>> # setsebool -P samba_export_all_ro on
>>> # To share such directories and allow read and write permissions:
>>> # setsebool -P samba_export_all_rw on
>>> #
>>> # To run scripts (preexec/root prexec/print command/...), copy them
to the
>>> # /var/lib/samba/scripts/ directory so that SELinux will allow smbd
to run them.
>>> # Note that if you move the scripts to /var/lib/samba/scripts/,
they retain
>>> # their existing SELinux labels, which may be labels that SELinux
does not allow
>>> # smbd to run. Copying the scripts will result in the correct
SELinux labels.
>>> # Run the "restorecon -R -v /var/lib/samba/scripts"
command as the root user to
>>> # apply the correct SELinux labels to these files.
>>> #
>>> #--------------
>>> #
>>> #======================= Global Settings
====================================>>>
>>> [global]
>>>
>>> # ----------------------- Network-Related Options
-------------------------
>>> #
>>> # workgroup = the Windows NT domain name or workgroup name, for
example, MYGROUP.
>>> #
>>> # server string = the equivalent of the Windows NT Description
field.
>>> #
>>> # netbios name = used to specify a server name that is not tied to
the hostname.
>>> #
>>> # interfaces = used to configure Samba to listen on multiple
network interfaces.
>>> # If you have multiple interfaces, you can use the "interfaces
=" option to
>>> # configure which of those interfaces Samba listens on. Never omit
the localhost
>>> # interface (lo).
>>> #
>>> # hosts allow = the hosts allowed to connect. This option can also
be used on a
>>> # per-share basis.
>>> #
>>> # hosts deny = the hosts not allowed to connect. This option can
also be used on
>>> # a per-share basis.
>>> #
>>> # max protocol = used to define the supported protocol. The default
is NT1. You
>>> # can set it to SMB2 if you want experimental SMB2 support.
>>> #
>>>       workgroup = MYGROUP
>>>       server string = Samba Server Version %v
>>>
>>> ;    netbios name = MYSERVER
>>>
>>> ;    interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
>>> ;    hosts allow = 127. 192.168.12. 192.168.13.
>>>
>>> ;    max protocol = SMB2
>>>
>>> # --------------------------- Logging Options
-----------------------------
>>> #
>>> # log file = specify where log files are written to and how they
are split.
>>> #
>>> # max log size = specify the maximum size log files are allowed to
reach. Log
>>> # files are rotated when they reach the size specified with
"max log size".
>>> #
>>>
>>>       # log files split per-machine:
>>>       log file = /var/log/samba/log.%m
>>>       # maximum size of 50KB per log file, then rotate:
>>>       max log size = 50
>>>
>>> # ----------------------- Standalone Server Options
------------------------
>>> #
>>> # security = the mode Samba runs in. This can be set to user, share
>>> # (deprecated), or server (deprecated).
>>> #
>>> # passdb backend = the backend used to store user information in.
New
>>> # installations should use either tdbsam or ldapsam. No additional
configuration
>>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>>> # compatibility.
>>> #
>>>
>>>       security = user
>>>       passdb backend = tdbsam
>>>
>>>
>>> # ----------------------- Domain Members Options
------------------------
>>> #
>>> # security = must be set to domain or ads.
>>> #
>>> # passdb backend = the backend used to store user information in.
New
>>> # installations should use either tdbsam or ldapsam. No additional
configuration
>>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>>> # compatibility.
>>> #
>>> # realm = only use the realm option when the "security =
ads" option is set.
>>> # The realm option specifies the Active Directory realm the host is
a part of.
>>> #
>>> # password server = only use this option when the "security =
server"
>>> # option is set, or if you cannot use DNS to locate a Domain
Controller. The
>>> # argument list can include My_PDC_Name, [My_BDC_Name], and
[My_Next_BDC_Name]:
>>> #
>>> # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
>>> #
>>> # Use "password server = *" to automatically locate
Domain Controllers.
>>>
>>> ;    security = domain
>>> ;    passdb backend = tdbsam
>>> ;    realm = MY_REALM
>>>
>>> ;    password server = <NT-Server-Name>
>>>
>>> # ----------------------- Domain Controller Options
------------------------
>>> #
>>> # security = must be set to user for domain controllers.
>>> #
>>> # passdb backend = the backend used to store user information in.
New
>>> # installations should use either tdbsam or ldapsam. No additional
configuration
>>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>>> # compatibility.
>>> #
>>> # domain master = specifies Samba to be the Domain Master Browser,
allowing
>>> # Samba to collate browse lists between subnets. Do not use the
"domain master"
>>> # option if you already have a Windows NT domain controller
performing this task.
>>> #
>>> # domain logons = allows Samba to provide a network logon service
for Windows
>>> # workstations.
>>> #
>>> # logon script = specifies a script to run at login time on the
client. These
>>> # scripts must be provided in a share named NETLOGON.
>>> #
>>> # logon path = specifies (with a UNC path) where user profiles are
stored.
>>> #
>>> #
>>> ;    security = user
>>> ;    passdb backend = tdbsam
>>>
>>> ;    domain master = yes
>>> ;    domain logons = yes
>>>
>>>       # the following login script name is determined by the
machine name
>>>       # (%m):
>>> ;    logon script = %m.bat
>>>       # the following login script name is determined by the UNIX
user used:
>>> ;    logon script = %u.bat
>>> ;    logon path = \\%L\Profiles\%u
>>>       # use an empty path to disable profile support:
>>> ;    logon path >>>
>>>       # various scripts can be used on a domain controller or a
stand-alone
>>>       # machine to add or delete corresponding UNIX accounts:
>>>
>>> ;    add user script = /usr/sbin/useradd "%u" -n -g users
>>> ;    add group script = /usr/sbin/groupadd "%g"
>>> ;    add machine script = /usr/sbin/useradd -n -c "Workstation
(%u)" -M -d /nohome -s /bin/false "%u"
>>> ;    delete user script = /usr/sbin/userdel "%u"
>>> ;    delete user from group script = /usr/sbin/userdel
"%u" "%g"
>>> ;    delete group script = /usr/sbin/groupdel "%g"
>>>
>>>
>>> # ----------------------- Browser Control Options
----------------------------
>>> #
>>> # local master = when set to no, Samba does not become the master
browser on
>>> # your network. When set to yes, normal election rules apply.
>>> #
>>> # os level = determines the precedence the server has in master
browser
>>> # elections. The default value should be reasonable.
>>> #
>>> # preferred master = when set to yes, Samba forces a local browser
election at
>>> # start up (and gives itself a slightly higher chance of winning
the election).
>>> #
>>> ;    local master = no
>>> ;    os level = 33
>>> ;    preferred master = yes
>>>
>>> #----------------------------- Name Resolution
-------------------------------
>>> #
>>> # This section details the support for the Windows Internet Name
Service (WINS).
>>> #
>>> # Note: Samba can be either a WINS server or a WINS client, but not
both.
>>> #
>>> # wins support = when set to yes, the NMBD component of Samba
enables its WINS
>>> # server.
>>> #
>>> # wins server = tells the NMBD component of Samba to be a WINS
client.
>>> #
>>> # wins proxy = when set to yes, Samba answers name resolution
queries on behalf
>>> # of a non WINS capable client. For this to work, there must be at
least one
>>> # WINS server on the network. The default is no.
>>> #
>>> # dns proxy = when set to yes, Samba attempts to resolve NetBIOS
names via DNS
>>> # nslookups.
>>>
>>> ;    wins support = yes
>>> ;    wins server = w.x.y.z
>>> ;    wins proxy = yes
>>>
>>> ;    dns proxy = yes
>>>
>>> # --------------------------- Printing Options
-----------------------------
>>> #
>>> # The options in this section allow you to configure a non-default
printing
>>> # system.
>>> #
>>> # load printers = when set you yes, the list of printers is
automatically
>>> # loaded, rather than setting them up individually.
>>> #
>>> # cups options = allows you to pass options to the CUPS library.
Setting this
>>> # option to raw, for example, allows you to use drivers on your
Windows clients.
>>> #
>>> # printcap name = used to specify an alternative printcap file.
>>> #
>>>
>>>       load printers = yes
>>>       cups options = raw
>>>
>>> ;    printcap name = /etc/printcap
>>>       # obtain a list of printers automatically on UNIX System V
systems:
>>> ;    printcap name = lpstat
>>> ;    printing = cups
>>>
>>> # --------------------------- File System Options
---------------------------
>>> #
>>> # The options in this section can be un-commented if the file
system supports
>>> # extended attributes, and those attributes are enabled (usually
via the
>>> # "user_xattr" mount option). These options allow the
administrator to specify
>>> # that DOS attributes are stored in extended attributes and also
make sure that
>>> # Samba does not change the permission bits.
>>> #
>>> # Note: These options can be used on a per-share basis. Setting
them globally
>>> # (in the [global] section) makes them the default for all shares.
>>>
>>> ;    map archive = no
>>> ;    map hidden = no
>>> ;    map read only = no
>>> ;    map system = no
>>> ;    store dos attributes = yes
>>>
>>>
>>> #============================ Share Definitions
=============================>>>
>>> [homes]
>>>       comment = Home Directories
>>>       browseable = no
>>>       writable = yes
>>> ;    valid users = %S
>>> ;    valid users = MYDOMAIN\%S
>>>
>>> [printers]
>>>       comment = All Printers
>>>       path = /var/spool/samba
>>>       browseable = no
>>>       guest ok = no
>>>       writable = no
>>>       printable = yes
>>>
>>> # Un-comment the following and create the netlogon directory for
Domain Logons:
>>> ;    [netlogon]
>>> ;    comment = Network Logon Service
>>> ;    path = /var/lib/samba/netlogon
>>> ;    guest ok = yes
>>> ;    writable = no
>>> ;    share modes = no
>>>
>>> # Un-comment the following to provide a specific roving profile
share.
>>> # The default is to use the user's home directory:
>>> ;    [Profiles]
>>> ;    path = /var/lib/samba/profiles
>>> ;    browseable = no
>>> ;    guest ok = yes
>>>
>>> # A publicly accessible directory that is read only, except for
users in the
>>> # "staff" group (which have write permissions):
>>> ;    [public]
>>> ;    comment = Public Stuff
>>> ;    path = /home/samba
>>> ;    public = yes
>>> ;    writable = yes
>>> ;    printable = no
>>> ;    write list = +staff
>>>
>>> [data]
>>>       comment = data
>>>       path = /home/myname/data
>>>       valid users = test1
>>>       write list = test1
>>>       create mask = 0754
>>>       sync always = Yes
>>> ;    hide dot files = yes
>>> ;    writeable = no
>>> ;    browseable = yes
>>>
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> 在 2016-12-02 00:02:41，"Gaiseric Vandal via samba"
<samba at lists.samba.org> 写道：
>>>> Did you configure this as a domain controller or a domain
member ?  Or
>>>> this just a standalone machine.
>>>>
>>>>   From the command line  can you try the following
>>>>
>>>>       smbclient -L \\127.0.0.1  -U test1
>>>>
>>>> or maybe
>>>>
>>>>       smbclient -d3 -L \\127.0.0.1  -U test1
>>>>
>>>>
>>>> You may also want to try 'MACHINENAME\test1' as the
user name.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 12/01/16 10:17, truename via samba wrote:
>>>>> Hi,
>>>>>
>>>>> I install samba by:
>>>>>
>>>>> sudo yum install samba.x86_64
>>>>>
>>>>> I edit /etc/samba/smb.conf by adding follows：
>>>>>
>>>>> [data]
>>>>>        comment = data
>>>>>        path = /home/myname/data
>>>>>        valid users = test1
>>>>>        write list = test1
>>>>>        create mask = 0754
>>>>>        sync always = Yes
>>>>> ;    hide dot files = yes
>>>>> ;    writeable = no
>>>>> ;    browseable = yes
>>>>>
>>>>> Then take effect my config:
>>>>>
>>>>> service smb restart
>>>>>
>>>>> I create shared folder:
>>>>>
>>>>> cd ~
>>>>> mkdir data
>>>>>
>>>>> I create user:
>>>>>
>>>>> useradd test1
>>>>> smbpasswd -a test1
>>>>> <then password>
>>>>>
>>>>>
>>>>> Then I open my file manager and input:
>>>>>
>>>>> smb://127.0.0.1
>>>>>
>>>>> A login form popup, I enter username: test1 and the
password, the login form returns again, I found I can not enter the shared
folder by that account.
>>>>>
>>>>> Thanks
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read
the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

On Sat, 3 Dec 2016, truename via samba wrote:
> I found that if I create a folder under / as my shared folder(for example:
/data), the samba work. If the shared folder is /home/myname/data, it
doesn't work.
Did you follow the directions in your smb.conf?

# Turn the samba_enable_home_dirs Boolean on if you want to share home 
# directories via Samba. Run the following command as the root user to turn this
# Boolean on:
# setsebool -P samba_enable_home_dirs on

>
>
>
>
>
> At 2016-12-03 12:31:31, "truename via samba" <samba at
lists.samba.org> wrote:
>> The result of accessing from windows is same as accessing from Linux,
after I input correct username and password and click connect button, the login
dialog re-popup.
>>
>>
>> Thanks
>> On 12/02/2016 22:22, Gaiseric Vandal via samba wrote:
>> Can you access from windows?
>>
>>
>>
>>
>> I also notice that samba 4.2.10 is no longer a supported version.
>>
>>
>> On 12/01/16 15:39, truename via samba wrote:
>>> Following is output of smbclient -L \\127.0.0.1  -U test1:
>>>
>>>
>>>
>>>      Sharename       Type      Comment
>>>      ---------       ----      -------
>>>      data            Disk      data
>>>      IPC$            IPC       IPC Service (Samba Server Version
4.2.10)
>>>      test1           Disk      Home Directories
>>>      hp5550-1:7      Printer   hp5550-1
>>>      e-STUDIO283:2   Printer   e-STUDIO283
>>>      FX3D490A:3      Printer   FX3D490A
>>>      HPCP2025:9      Printer   HPCP2025
>>>      HPM2727:10      Printer   HPM2727
>>>      hp5550-2:8      Printer   hp5550-2
>>>      hp-color-LaserJet-5550-172-16-10-214:4 Printer  
hp-color-LaserJet-5550-172-16-10-214
>>>      ML-1660-Series:1 Printer   ML-1660-Series
>>>      ML-1660-Series:11 Printer   ML-1660-Series
>>>      topdf:12        Printer   topdf
>>>      HP5100:6        Printer   HP5100
>>>      hp5000-1:5      Printer   hp5000-1
>>>
>>>      Server               Comment
>>>      ---------            -------
>>>      LOCALHOST            Samba Server Version 4.2.10
>>>
>>>      Workgroup            Master
>>>      ---------            -------
>>>      MYGROUP              LOCALHOST
>>>
>>>
>>> And following is content of my smb.conf under /etc/samba:
>>>
>>>
>>> # This is the main Samba configuration file. For detailed
information about the
>>> # options listed here, refer to the smb.conf(5) manual page. Samba
has a huge
>>> # number of configurable options, most of which are not shown in
this example.
>>> #
>>> # The Official Samba 3.2.x HOWTO and Reference Guide contains
step-by-step
>>> # guides for installing, configuring, and using Samba:
>>> # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
>>> #
>>> # The Samba-3 by Example guide has working examples for smb.conf.
This guide is
>>> # generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
>>> #
>>> # In this file, lines starting with a semicolon (;) or a hash (#)
are
>>> # comments and are ignored. This file uses hashes to denote
commentary and
>>> # semicolons for parts of the file you may wish to configure.
>>> #
>>> # Note: Run the "testparm" command after modifying this
file to check for basic
>>> # syntax errors.
>>> #
>>> #---------------
>>> # Security-Enhanced Linux (SELinux) Notes:
>>> #
>>> # Turn the samba_domain_controller Boolean on to allow Samba to use
the useradd
>>> # and groupadd family of binaries. Run the following command as the
root user to
>>> # turn this Boolean on:
>>> # setsebool -P samba_domain_controller on
>>> #
>>> # Turn the samba_enable_home_dirs Boolean on if you want to share
home
>>> # directories via Samba. Run the following command as the root user
to turn this
>>> # Boolean on:
>>> # setsebool -P samba_enable_home_dirs on
>>> #
>>> # If you create a new directory, such as a new top-level directory,
label it
>>> # with samba_share_t so that SELinux allows Samba to read and write
to it. Do
>>> # not label system directories, such as /etc/ and /home/, with
samba_share_t, as
>>> # such directories should already have an SELinux label.
>>> #
>>> # Run the "ls -ldZ /path/to/directory" command to view
the current SELinux
>>> # label for a given directory.
>>> #
>>> # Set SELinux labels only on files and directories you have
created. Use the
>>> # chcon command to temporarily change a label:
>>> # chcon -t samba_share_t /path/to/directory
>>> #
>>> # Changes made via chcon are lost when the file system is relabeled
or commands
>>> # such as restorecon are run.
>>> #
>>> # Use the samba_export_all_ro or samba_export_all_rw Boolean to
share system
>>> # directories. To share such directories and only allow read-only
permissions:
>>> # setsebool -P samba_export_all_ro on
>>> # To share such directories and allow read and write permissions:
>>> # setsebool -P samba_export_all_rw on
>>> #
>>> # To run scripts (preexec/root prexec/print command/...), copy them
to the
>>> # /var/lib/samba/scripts/ directory so that SELinux will allow smbd
to run them.
>>> # Note that if you move the scripts to /var/lib/samba/scripts/,
they retain
>>> # their existing SELinux labels, which may be labels that SELinux
does not allow
>>> # smbd to run. Copying the scripts will result in the correct
SELinux labels.
>>> # Run the "restorecon -R -v /var/lib/samba/scripts"
command as the root user to
>>> # apply the correct SELinux labels to these files.
>>> #
>>> #--------------
>>> #
>>> #======================= Global Settings
====================================>>>
>>> [global]
>>>
>>> # ----------------------- Network-Related Options
-------------------------
>>> #
>>> # workgroup = the Windows NT domain name or workgroup name, for
example, MYGROUP.
>>> #
>>> # server string = the equivalent of the Windows NT Description
field.
>>> #
>>> # netbios name = used to specify a server name that is not tied to
the hostname.
>>> #
>>> # interfaces = used to configure Samba to listen on multiple
network interfaces.
>>> # If you have multiple interfaces, you can use the "interfaces
=" option to
>>> # configure which of those interfaces Samba listens on. Never omit
the localhost
>>> # interface (lo).
>>> #
>>> # hosts allow = the hosts allowed to connect. This option can also
be used on a
>>> # per-share basis.
>>> #
>>> # hosts deny = the hosts not allowed to connect. This option can
also be used on
>>> # a per-share basis.
>>> #
>>> # max protocol = used to define the supported protocol. The default
is NT1. You
>>> # can set it to SMB2 if you want experimental SMB2 support.
>>> #
>>>      workgroup = MYGROUP
>>>      server string = Samba Server Version %v
>>>
>>> ;    netbios name = MYSERVER
>>>
>>> ;    interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
>>> ;    hosts allow = 127. 192.168.12. 192.168.13.
>>>
>>> ;    max protocol = SMB2
>>>
>>> # --------------------------- Logging Options
-----------------------------
>>> #
>>> # log file = specify where log files are written to and how they
are split.
>>> #
>>> # max log size = specify the maximum size log files are allowed to
reach. Log
>>> # files are rotated when they reach the size specified with
"max log size".
>>> #
>>>
>>>      # log files split per-machine:
>>>      log file = /var/log/samba/log.%m
>>>      # maximum size of 50KB per log file, then rotate:
>>>      max log size = 50
>>>
>>> # ----------------------- Standalone Server Options
------------------------
>>> #
>>> # security = the mode Samba runs in. This can be set to user, share
>>> # (deprecated), or server (deprecated).
>>> #
>>> # passdb backend = the backend used to store user information in.
New
>>> # installations should use either tdbsam or ldapsam. No additional
configuration
>>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>>> # compatibility.
>>> #
>>>
>>>      security = user
>>>      passdb backend = tdbsam
>>>
>>>
>>> # ----------------------- Domain Members Options
------------------------
>>> #
>>> # security = must be set to domain or ads.
>>> #
>>> # passdb backend = the backend used to store user information in.
New
>>> # installations should use either tdbsam or ldapsam. No additional
configuration
>>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>>> # compatibility.
>>> #
>>> # realm = only use the realm option when the "security =
ads" option is set.
>>> # The realm option specifies the Active Directory realm the host is
a part of.
>>> #
>>> # password server = only use this option when the "security =
server"
>>> # option is set, or if you cannot use DNS to locate a Domain
Controller. The
>>> # argument list can include My_PDC_Name, [My_BDC_Name], and
[My_Next_BDC_Name]:
>>> #
>>> # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
>>> #
>>> # Use "password server = *" to automatically locate
Domain Controllers.
>>>
>>> ;    security = domain
>>> ;    passdb backend = tdbsam
>>> ;    realm = MY_REALM
>>>
>>> ;    password server = <NT-Server-Name>
>>>
>>> # ----------------------- Domain Controller Options
------------------------
>>> #
>>> # security = must be set to user for domain controllers.
>>> #
>>> # passdb backend = the backend used to store user information in.
New
>>> # installations should use either tdbsam or ldapsam. No additional
configuration
>>> # is required for tdbsam. The "smbpasswd" utility is
available for backwards
>>> # compatibility.
>>> #
>>> # domain master = specifies Samba to be the Domain Master Browser,
allowing
>>> # Samba to collate browse lists between subnets. Do not use the
"domain master"
>>> # option if you already have a Windows NT domain controller
performing this task.
>>> #
>>> # domain logons = allows Samba to provide a network logon service
for Windows
>>> # workstations.
>>> #
>>> # logon script = specifies a script to run at login time on the
client. These
>>> # scripts must be provided in a share named NETLOGON.
>>> #
>>> # logon path = specifies (with a UNC path) where user profiles are
stored.
>>> #
>>> #
>>> ;    security = user
>>> ;    passdb backend = tdbsam
>>>
>>> ;    domain master = yes
>>> ;    domain logons = yes
>>>
>>>      # the following login script name is determined by the machine
name
>>>      # (%m):
>>> ;    logon script = %m.bat
>>>      # the following login script name is determined by the UNIX
user used:
>>> ;    logon script = %u.bat
>>> ;    logon path = \\%L\Profiles\%u
>>>      # use an empty path to disable profile support:
>>> ;    logon path >>>
>>>      # various scripts can be used on a domain controller or a
stand-alone
>>>      # machine to add or delete corresponding UNIX accounts:
>>>
>>> ;    add user script = /usr/sbin/useradd "%u" -n -g users
>>> ;    add group script = /usr/sbin/groupadd "%g"
>>> ;    add machine script = /usr/sbin/useradd -n -c "Workstation
(%u)" -M -d /nohome -s /bin/false "%u"
>>> ;    delete user script = /usr/sbin/userdel "%u"
>>> ;    delete user from group script = /usr/sbin/userdel
"%u" "%g"
>>> ;    delete group script = /usr/sbin/groupdel "%g"
>>>
>>>
>>> # ----------------------- Browser Control Options
----------------------------
>>> #
>>> # local master = when set to no, Samba does not become the master
browser on
>>> # your network. When set to yes, normal election rules apply.
>>> #
>>> # os level = determines the precedence the server has in master
browser
>>> # elections. The default value should be reasonable.
>>> #
>>> # preferred master = when set to yes, Samba forces a local browser
election at
>>> # start up (and gives itself a slightly higher chance of winning
the election).
>>> #
>>> ;    local master = no
>>> ;    os level = 33
>>> ;    preferred master = yes
>>>
>>> #----------------------------- Name Resolution
-------------------------------
>>> #
>>> # This section details the support for the Windows Internet Name
Service (WINS).
>>> #
>>> # Note: Samba can be either a WINS server or a WINS client, but not
both.
>>> #
>>> # wins support = when set to yes, the NMBD component of Samba
enables its WINS
>>> # server.
>>> #
>>> # wins server = tells the NMBD component of Samba to be a WINS
client.
>>> #
>>> # wins proxy = when set to yes, Samba answers name resolution
queries on behalf
>>> # of a non WINS capable client. For this to work, there must be at
least one
>>> # WINS server on the network. The default is no.
>>> #
>>> # dns proxy = when set to yes, Samba attempts to resolve NetBIOS
names via DNS
>>> # nslookups.
>>>
>>> ;    wins support = yes
>>> ;    wins server = w.x.y.z
>>> ;    wins proxy = yes
>>>
>>> ;    dns proxy = yes
>>>
>>> # --------------------------- Printing Options
-----------------------------
>>> #
>>> # The options in this section allow you to configure a non-default
printing
>>> # system.
>>> #
>>> # load printers = when set you yes, the list of printers is
automatically
>>> # loaded, rather than setting them up individually.
>>> #
>>> # cups options = allows you to pass options to the CUPS library.
Setting this
>>> # option to raw, for example, allows you to use drivers on your
Windows clients.
>>> #
>>> # printcap name = used to specify an alternative printcap file.
>>> #
>>>
>>>      load printers = yes
>>>      cups options = raw
>>>
>>> ;    printcap name = /etc/printcap
>>>      # obtain a list of printers automatically on UNIX System V
systems:
>>> ;    printcap name = lpstat
>>> ;    printing = cups
>>>
>>> # --------------------------- File System Options
---------------------------
>>> #
>>> # The options in this section can be un-commented if the file
system supports
>>> # extended attributes, and those attributes are enabled (usually
via the
>>> # "user_xattr" mount option). These options allow the
administrator to specify
>>> # that DOS attributes are stored in extended attributes and also
make sure that
>>> # Samba does not change the permission bits.
>>> #
>>> # Note: These options can be used on a per-share basis. Setting
them globally
>>> # (in the [global] section) makes them the default for all shares.
>>>
>>> ;    map archive = no
>>> ;    map hidden = no
>>> ;    map read only = no
>>> ;    map system = no
>>> ;    store dos attributes = yes
>>>
>>>
>>> #============================ Share Definitions
=============================>>>
>>> [homes]
>>>      comment = Home Directories
>>>      browseable = no
>>>      writable = yes
>>> ;    valid users = %S
>>> ;    valid users = MYDOMAIN\%S
>>>
>>> [printers]
>>>      comment = All Printers
>>>      path = /var/spool/samba
>>>      browseable = no
>>>      guest ok = no
>>>      writable = no
>>>      printable = yes
>>>
>>> # Un-comment the following and create the netlogon directory for
Domain Logons:
>>> ;    [netlogon]
>>> ;    comment = Network Logon Service
>>> ;    path = /var/lib/samba/netlogon
>>> ;    guest ok = yes
>>> ;    writable = no
>>> ;    share modes = no
>>>
>>> # Un-comment the following to provide a specific roving profile
share.
>>> # The default is to use the user's home directory:
>>> ;    [Profiles]
>>> ;    path = /var/lib/samba/profiles
>>> ;    browseable = no
>>> ;    guest ok = yes
>>>
>>> # A publicly accessible directory that is read only, except for
users in the
>>> # "staff" group (which have write permissions):
>>> ;    [public]
>>> ;    comment = Public Stuff
>>> ;    path = /home/samba
>>> ;    public = yes
>>> ;    writable = yes
>>> ;    printable = no
>>> ;    write list = +staff
>>>
>>> [data]
>>>      comment = data
>>>      path = /home/myname/data
>>>      valid users = test1
>>>      write list = test1
>>>      create mask = 0754
>>>      sync always = Yes
>>> ;    hide dot files = yes
>>> ;    writeable = no
>>> ;    browseable = yes
>>>
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> 在 2016-12-02 00:02:41，"Gaiseric Vandal via samba"
<samba at lists.samba.org> 写道：
>>>> Did you configure this as a domain controller or a domain
member ?  Or
>>>> this just a standalone machine.
>>>>
>>>>  From the command line  can you try the following
>>>>
>>>>      smbclient -L \\127.0.0.1  -U test1
>>>>
>>>> or maybe
>>>>
>>>>      smbclient -d3 -L \\127.0.0.1  -U test1
>>>>
>>>>
>>>> You may also want to try 'MACHINENAME\test1' as the
user name.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 12/01/16 10:17, truename via samba wrote:
>>>>> Hi,
>>>>>
>>>>> I install samba by:
>>>>>
>>>>> sudo yum install samba.x86_64
>>>>>
>>>>> I edit /etc/samba/smb.conf by adding follows：
>>>>>
>>>>> [data]
>>>>>       comment = data
>>>>>       path = /home/myname/data
>>>>>       valid users = test1
>>>>>       write list = test1
>>>>>       create mask = 0754
>>>>>       sync always = Yes
>>>>> ;    hide dot files = yes
>>>>> ;    writeable = no
>>>>> ;    browseable = yes
>>>>>
>>>>> Then take effect my config:
>>>>>
>>>>> service smb restart
>>>>>
>>>>> I create shared folder:
>>>>>
>>>>> cd ~
>>>>> mkdir data
>>>>>
>>>>> I create user:
>>>>>
>>>>> useradd test1
>>>>> smbpasswd -a test1
>>>>> <then password>
>>>>>
>>>>>
>>>>> Then I open my file manager and input:
>>>>>
>>>>> smb://127.0.0.1
>>>>>
>>>>> A login form popup, I enter username: test1 and the
password, the login form returns again, I found I can not enter the shared
folder by that account.
>>>>>
>>>>> Thanks
>>>>
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read
the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba