On Thu, 24 May 2018 10:48:30 +0200
André Harms via samba <samba at lists.samba.org> wrote:
> Dear mailing list members,
>
> our Samba server provides several shares, one of them is sometimes
> (about one time a week) not accessible. The log (level 2) does not
> provide any hint where the problem could be located, quite contrary
> to the error message on the mac OS and Windows 10 client side (you
> have not the required rights), it tells that the authentication is
> succeeded. Increasing the log level generates more output but from my
> point of view it does not contain details about the existing problem.
>
> The configuration difference between the affected share and all other
> shares is that it contains subfolder with different owner and group
> permissions; the shares that are not affected contains only subfolder
> with the same owner and group permissions (same like the shares
> itself).
>
> When the problem comes up, restarting samba/winbind does not change
> anything - access from client side is furthermore not given. But if I
> then connect to a share that is not affected and afterwards again to
> the affected one, the problem is gone (for a week) and access is
> given.
>
> Any help would be appreciated! Thank you, kind regards
> André Harms
>
>
> --- Extract from log file ---
>
> [2018/05/23 09:05:03.968886,
> 2] ../source3/auth/auth.c:305(auth_check_ntlm_password)
> check_ntlm_password: authentication for user
> [lfcnjlndjfgglngietlvkdtkjkrcetvudikfnbgulriubilrthirgnihlndcnhff] ->
> [lfcnjlndjfgglngietlvkdtkjkrcetvudikfnbgulriubilrthirgnihlndcnhff] ->
> [LOPRODUCTS\aharms] succeeded [2018/05/23 09:05:04.090820,
> 2] ../lib/util/modules.c:196(do_smb_load_module) Module 'acl_xattr'
> loaded [2018/05/23 09:05:04.090848,
> 2] ../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr)
> connect_acl_xattr: setting 'inherit acls = true' 'dos filemode
> true' and 'force unknown acl user = true' for service Transfer
> [2018/05/23 09:05:04.091137,
> 2] ../source3/smbd/service.c:774(make_connection_snum) macbook-ah
> (ipv4:10.1.0.3:59252) connect to service Transfer initially as user
> LOPRODUCTS\aharms (uid=36107, gid=35514) (pid 8585) [2018/05/23
> 09:05:04.208536,
> 2] ../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr)
> connect_acl_xattr: setting 'inherit acls = true' 'dos filemode
> true' and 'force unknown acl user = true' for service IPC$
> [2018/05/23 09:05:17.933197,
> 2] ../source3/smbd/service.c:1050(close_cnum) macbook-ah
> (ipv4:10.1.0.3:59252) closed connection to service Transfer
>
>
> --- Configuration details ---
>
> Samba Version 4.3.11-Ubuntu
> Winbind Version 4.3.11-Ubuntu
> Kernel 4.4.0-122-generic
> Windows Server 2016 with AuthLite two factor authentication
> Clients: mac OS and Windows 10
Lets start with the obvious thing, can you post the smb.conf as on disk
(do not use testparm)
Rowland