[Samba] certain users can't map home directories

Doug Tucker tuckerd at lyle.smu.edu
Tue Mar 25 15:44:12 MDT 2014 

No responses so far.  I'm really trying to find something that will give 
someone a clue.  The *only* thing I can find common to the users that 
don't work on windows 7 is their unix id is > 11000.  No idea why or 
even what to look for but it is the only common thing I can find with 
them.  Hoping this sets a light bulb off with someone or I'm going to 
have to roll back to 3.033.

Sincerely,

Doug Tucker

On 03/25/2014 10:11 AM, Doug Tucker wrote:
> Follow up with more info that just confuses things for me more.  I 
> chmod'd the user directory for one of the few getting the permission 
> denied issue from the standard 700 to 777 just to create a file and 
> see what it wrote as.  I was thinking maybe it was not mapping the 
> user correctly somehow and the write would show up as a user other 
> than who the person was. I was wrong.  The user can then map their 
> home directory without getting the permission denied after passing 
> authentication, but when they write a file to it, the file is written 
> with the proper permissions.  Any ideas?  I don't even know where to 
> go from here.
>
> Sincerely,
>
> Doug Tucker
>
> On 03/24/2014 05:34 PM, Doug Tucker wrote:
>> Very odd issue.  Transitioning over to a new samba 3.6.9 (from 
>> 3.0.33) server.  Majority of the users are ok, but a handful of users 
>> cannot map their home directories from windows7 clients. Logged into 
>> XP their homes map fine. They pass authentication:
>>
>> (log snippet)
>>
>> [2014/03/24 17:20:43.277337,  3] auth/auth.c:219(check_ntlm_password)
>>   check_ntlm_password:  Checking password for unmapped user 
>> [ourdomain]\[hisusername]@[WIN7-VM] with the new password interface
>> [2014/03/24 17:20:43.277439,  3] auth/auth.c:222(check_ntlm_password)
>>   check_ntlm_password:  mapped user is: 
>> [ourdomain]\[hisusername]@[WIN7-VM]
>> [2014/03/24 17:20:43.290082,  3] auth/user_util.c:402(map_username)
>>   Mapped user ourdomain+hisusername to hisusername
>> [2014/03/24 17:20:43.294187,  3] auth/auth.c:268(check_ntlm_password)
>>   check_ntlm_password: winbind authentication for user [hisusername] 
>> succeeded
>> [2014/03/24 17:20:43.294226,  2] auth/auth.c:309(check_ntlm_password)
>>   check_ntlm_password:  authentication for user [hisusername] -> 
>> [hisusername] -> [hisusername] succeeded
>> [2014/03/24 17:20:45.562177,  3] 
>> ../libcli/auth/ntlmssp_sign.c:535(ntlmssp_sign_init)
>>   NTLMSSP Sign/Seal - Initialising with flags:
>> [2014/03/24 17:20:45.562246,  3] 
>> ../libcli/auth/ntlmssp.c:34(debug_ntlmssp_flags)
>>   Got NTLMSSP neg_flags=0xe2088215
>> [2014/03/24 17:20:45.562296,  3] 
>> smbd/password.c:298(register_existing_vuid)
>>   register_existing_vuid: User name: hisusername    Real name:
>> [2014/03/24 17:20:45.562328,  3] 
>> smbd/password.c:308(register_existing_vuid)
>>   register_existing_vuid: UNIX uid 11333 is UNIX user hisusername, 
>> and will be vuid 100
>> [2014/03/24 17:20:45.562441,  3] 
>> smbd/password.c:238(register_homes_share)
>>   Adding homes service for user 'hisusername' using home directory: 
>> '/users5/volume1/hisusername'
>> [2014/03/24 17:20:45.562497,  3] param/loadparm.c:6582(lp_add_home)
>>   adding home's share [hisusername] for user 'hisusername' at 
>> '/users5/volume1/hisusername'
>> [2014/03/24 17:20:45.564318,  3] smbd/process.c:1662(process_smb)
>>   Transaction 3 of length 118 (0 toread)
>> [2014/03/24 17:20:45.564453,  3] smbd/process.c:1467(switch_message)
>>   switch message SMBtconX (pid 18333) conn 0x0
>> [2014/03/24 17:20:45.564494,  3] lib/access.c:338(allow_access)
>>   Allowed connection from 129.119.103.59 (129.119.103.59)
>> [2014/03/24 17:20:45.564527,  3] 
>> ../libcli/security/dom_sid.c:208(dom_sid_parse_endp)
>>   string_to_sid: SID root is not in a valid format
>> [2014/03/24 17:20:45.565103,  3] 
>> smbd/service.c:872(make_connection_snum)
>>   Connect path is '/users5/volume1/hisusername' for service 
>> [hisusername]
>> [2014/03/24 17:20:45.565243,  3] smbd/vfs.c:102(vfs_init_default)
>>   Initialising default vfs hooks
>> [2014/03/24 17:20:45.565295,  3] smbd/vfs.c:128(vfs_init_custom)
>>   Initialising custom vfs hooks from [/[Default VFS]/]
>> [2014/03/24 17:20:45.566128,  3] 
>> ../libcli/security/dom_sid.c:208(dom_sid_parse_endp)
>>   string_to_sid: SID root is not in a valid format
>>
>> But then as it tries to display the folder in windows explorer it 
>> shows "access denied" and then this in the logs:
>>
>> [2014/03/24 17:20:45.740588,  3] smbd/process.c:1467(switch_message)
>>   switch message SMBntcreateX (pid 18333) conn 0x7f14235b5490
>> [2014/03/24 17:20:45.740715,  3] smbd/error.c:81(error_packet_set)
>>   error packet at smbd/error.c(161) cmd=162 (SMBntcreateX) 
>> NT_STATUS_ACCESS_DENIED
>> [2014/03/24 17:20:45.747582,  3] smbd/process.c:1662(process_smb)
>>   Transaction 7 of length 114 (0 toread)
>> [2014/03/24 17:20:45.747659,  3] smbd/process.c:1467(switch_message)
>>   switch message SMBntcreateX (pid 18333) conn 0x7f14235b5490
>> [2014/03/24 17:20:45.747758,  3] smbd/dosmode.c:159(unix_mode)
>>   unix_mode(desktop.ini) returning 0744
>> [2014/03/24 17:20:45.747790,  3] smbd/error.c:81(error_packet_set)
>>   error packet at smbd/error.c(161) cmd=162 (SMBntcreateX) 
>> NT_STATUS_OBJECT_NAME_NOT_FOUND
>> [2014/03/24 17:20:45.748707,  3] smbd/process.c:1662(process_smb)
>>   Transaction 8 of length 92 (0 toread)
>> [2014/03/24 17:20:45.748781,  3] smbd/process.c:1467(switch_message)
>>   switch message SMBntcreateX (pid 18333) conn 0x7f14235b5490
>> [2014/03/24 17:20:45.748848,  3] smbd/dosmode.c:159(unix_mode)
>>   unix_mode(.) returning 0744
>> [2014/03/24 17:20:45.748918,  3] smbd/error.c:81(error_packet_set)
>>   error packet at smbd/error.c(161) cmd=162 (SMBntcreateX) 
>> NT_STATUS_ACCESS_DENIED
>>
>> Yet on the same machine, other users can map their home directories 
>> just fine.  I have checked all I can think of, I'm hoping the 
>> community has some ideas.
>>
>

More information about the samba mailing list