[Samba] Problems accessing Shares

Gianluca Culot gianlucaculot at dmsware.com
Fri Jun 15 14:25:50 GMT 2007 

Hello List I
 
I'm experiencing SERIOUS problems accessing Shares.
I'm using Samba 3.0.25 on a FreeBSD Box
 
I'm using samba for sharing and user authentication
 
Everything seemed working perfectly
but when I tried to share some more directories, problems poped up
 
I can read shares ONLY if they have Read attribute for Other.
and I can manipulate files ONLY if they have Write attribute for Other 
to say it plain.... Ilooks like I have to set 777 mode on all shared dirs...
 
They ONLY other alternative is to chance the owner of the directory to my
user and "domain users" groups (which comes from AD)
 
here is an example
 
mail# /usr/local/www > ls -al
total 28
drwxr-xr-x  14 root           wheel          512 Jun 14 11:26 .
drwxr-xr-x  19 root           wheel          512 May  7 15:16 ..
drwxr-xr-x   2 root           wheel          512 May  7 14:29 DMScmf
drwxr-xr-x  12 root           wheel          512 Jun 11 16:50 Zope29
drwxr-xr-x   6 root           wheel          512 May  7 15:17 apache22
drwxr-xr-x   8 root           wheel          512 May  4 12:40 awstats
drwxr-xr-x   2 root           wheel          512 May  9 18:00 cgi-bin
drwxrwx---   2 gianlucaculot  domain users   512 Jun 12 17:57 docebo
drwxr-xr-x  13 root           wheel          512 May 10 16:44 downloads
drwxrwxrwx   3 root           wheel          512 Jun 14 11:26 ftpUploads
drwxrwxr-x   5 andrealaus     domain users  1024 Jun 13 18:18 lausblog
drwxr-x---  14 www            www            512 Jun  8 17:08 squirrelmail
drwxr-xr-x   2 root           wheel          512 Jun 11 10:57 test
drwxr-xr-x   3 root           wheel          512 Apr 27 16:04 www.dmsware.it

/usr/local/www is shared as websites    ( i.e. \\server\webistes ) 
I can read content of every dir with 755 (or 775) mode
I can do everyting on docebo
but I cannot access squirrelmail... even if I belong to the WWW group
 
 
here is the smb.conf
 
mail# /usr/local/www > cat /etc/smb.conf
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2007/05/09 10:32:32
 
[global]
        workgroup = DMSWARE
        Wins support = yes
        dns proxy = yes
        name resolve order = host wins bcast
        local master = yes
        domain master = no
        preferred master = auto
        enhanced browsing = yes
        #encrypt password = yes         # YES = Default
 
        realm = DMSWARE.it
        server string = mail
        security = ADS
        password server = orion
        passdb backend = tdbsam
        passwd program = /usr/bin/passwd %u
        client use spnego = yes
        server signing = auto
        client signing = auto
        #passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
        #passwd chat debug = yes
        log file = /var/log/samba/log.%m
        add user script = /usr/sbin/pw useradd %u
        delete user script = /usr/sbin/pw userdel %u
        add group script = /usr/sbin/groupadd %g
        delete group script = /usr/sbin/pw groupdel %g
 
        template homedir = /home/%U
        template shell = /bin/csh
        winbind cache time = 3600
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        winbind nss info = rfc2307
 
        idmap domains = DMSWARE
        idmap config DMSWARE:range = 10000-49999
        idmap config DMSWARE:base_rid = 0
        idmap config DMSWARE:backend = rid
        idmap uid = 10000-49999
        idmap gid = 10000-49999
 
        #  Networking configuration options
        hosts allow = 192.168.0. localhost
        #guest ok = yes
        #guest only = yes
        browseable = yes
        #read only = yes
        #force directory mode = 744
        public = yes
        available = yes
        browse list = yes
 
        #idmap backend = ad
        #idmap backend = idmap_rid:DMSWARE=10000-49999
        #idmap uid = 10000-49999
        #idmap gid = 10000-49999
 
   # 'unix password sync' serve per mantenere sincronizzate le password di
Samba e degli account Linux
   # Attenzione, vengono sincronizzate le password Linux rispetto le
password Samba,
   # questa procedura non funziona al contrario:
   # se si cambia con passwd una password Unix,
   # si dovrà cambiarla a mano con smbpasswd per tenere
   # sincronizzata la password Unix con la password Samba.
   #unix password sync = yes
 
   # set the loglevel
   log level = 2
 
[downloads]
        path = /usr/local/www/www.dmsware.it/downloads/downloads
        valid users = @DMSWARE\multimediaquality, @DMSWARE\multimediaspv,
@DMSWARE\softwarespv, DMSWARE\andrealaus
        read only = No
        create mask = 0777
        directory mask = 0777
 
[websites]
        path = /usr/local/www/
        valid users = DMSWARE\gianlucaculot
        write list = DMSWARE\gianlucaculot, @DMSWARE\software,
@DMSWARE\softwarespv
        read only = No
        create mask = 0775
        directory mask = 0775
 
[shares]
        path = /usr/local/share
        valid users = DMSWARE\gianlucaculot
 

[Home]
        path = /home
        read only = No
 
 
[test]
        path = /usr/local/www/test
        valid users = @DMSWARE\multimediaspv, @DMSWARE\softwarespv,
DMSWARE\andrealaus
        read only = No
        create mask = 0777
        directory mask = 0777
 
What then hell I'm doing wrong ?

----------------------------------------------
Gianluca Culot
DMS Multimedia
Via delle Arti e dei Mestieri, 6
20050 Sulbiate (Mi) - Italy
Tel: +39 039 5968925
Fax: +39 039 3309813
<mailto:gianlucaculot at dmsware.com>
www.dmsware.com <http://www.dmsware.com/>

Ai sensi del D.Lgs. 196/2003 si precisa che le informazioni contenute in
questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora
il messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza
copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Il
mittente comunica che il presente messaggio ed ogni suo allegato, al momento
dell’invio, era esente da ogni tipo di virus, worm, trojan e/o ogni altri
tipo di codice software dannoso. Questo messaggio e i suoi allegati
potrebbero essere stati infettati durante la trasmissione. Leggendo il
messaggio e/o aprendo gli allegati, il Destinatario si prende la piena
responsabilità nei confronti di ogni azione protettiva o di rimedio per la
rimozione di virus ed altri difetti. DMS Multimedia non potrà essere
considerata responsabile per qualsivoglia danno o perdita derivata qualunque
modo da questo messaggio o dai suoi allegati.

The information in this electronic mail message, including any attachments,
is confidential and may be legally privileged. It is intended solely for the
addressee(s). Access to this Internet electronic mail message by anyone else
is unauthorised. If you are not the intended recipient, any disclosure,
copying, distribution or action taken or omitted to be taken in reliance on
it is prohibited and may be unlawful. The sender believes that this E-mail
and any attachments were free of any virus, worm, Trojan horse, and/or
malicious code when sent. This message and its attachments could have been
infected during transmission. By reading the message and opening the
attachments, the recipient accepts full responsibility for taking protective
and remedial action about viruses and other defects.DMS Multimedia is not
liable for any loss or damage arising in any way from this message or its
attachments

More information about the samba mailing list