[Samba] Access is Denied
Joel Hammer
Joel at HammersHome.com
Sun Jun 8 01:14:17 GMT 2003
In TEST 7, you haven't supplied a password, which is required of your tmp share.
Other ideas:
You have guest account = nobody in globals
and guess only = yes in the share dennis.
According to man smb.conf, no matter who you say you are, you will be
logged in as nobody on that share. I am not sure if this is good or bad.
I have success with guest account = ftp and security = user in global and
guest ok = yes in the share. I would leave off guest only = yes, for now.
You have to make sure that the permissions on the the directory allow your
guest user access to the share..
Joel
n Sat, Jun 07, 2003 at 01:53:14PM -0700, Dennis Krinke wrote:
> I have a debian linux computer called 'dads'
> and a win98 conputer called 'moms'
> I want to be able to transfer files from 'moms' to 'dads' using samba.
> 'dads' has these debian packages:
> ii samba 2.2.3a-12.3 A LanManager like file and printer
> server fo
> ii samba-common 2.2.3a-12.3 Samba common files used by both the
> server a
> ii samba-doc 2.2.3a-12.3 Samba documentation.
>
> Some features of samba seem to be working,
> I can see 'dads' in network neighborhood from 'moms',
> but when I try to copy files to 'dad',
> win98 tells me:
> Cannot copy filexxx Access is denied
> Make sure the disk is not full or write protested
> and that the file is not currently in use.
>
> and no files are transferred.
> I have attached testparm.txt and
> /etc/samba/smb.conf
>
> What do I need to fix?
> TIA,
> Dennis Krinke
>
>
> per DIAGNOSIS.txt:
> TEST 1:
> testparm smb.conf >testparm.txt
> (see testparm.txt)
>
> TEST2:
> ping dads
> PING dads (127.0.0.1): 56 data bytes
> 64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.3 ms
> 64 bytes from 127.0.0.1: icmp_seq=1 ttl=255 time=0.1 ms
> 64 bytes from 127.0.0.1: icmp_seq=2 ttl=255 time=0.1 ms
>
> TEST 3:
> smbclient -L dads
> added interface ip=192.168.19.28 bcast=192.168.19.255 nmask=255.255.255.0
> Password:
> Anonymous login successful
> Domain=[FAMILY] OS=[Unix] Server=[Samba 2.2.3a-12.3 for Debian]
>
> Sharename Type Comment
> --------- ---- -------
> tmp Disk temporary files
> IPC$ IPC IPC Service (dads server (Samba
> 2.2.3a-12.3 for Debian))
> ADMIN$ Disk IPC Service (dads server (Samba
> 2.2.3a-12.3 for Debian))
> BJ-200ex Printer lp
>
> Server Comment
> --------- -------
> DADS dads server (Samba 2.2.3a-12.3 for Debian)
> MOMS P166
>
> Workgroup Master
> --------- -------
> FAMILY MOMS
>
> TEST 4:
> nmblookup -B dads __SAMBA__
> querying __SAMBA__ on 127.0.0.1
> 192.168.19.28 __SAMBA__<00>
>
> TEST 5:
> nmblookup -B moms '*'
> querying * on 192.168.19.24
> 192.168.19.24 *<00>
>
> TEST 6:
> nmblookup -d 2 '*'
> added interface ip=192.168.19.28 bcast=192.168.19.255 nmask=255.255.255.0
> querying * on 192.168.19.255
> Got a positive name query response from 192.168.19.28 ( 192.168.19.28 )
> Got a positive name query response from 192.168.19.24 ( 192.168.19.24 )
> 192.168.19.28 *<00>
> 192.168.19.24 *<00>
>
> TEST 7:
> smbclient //dads/tmp -Udennis
> added interface ip=192.168.19.28 bcast=192.168.19.255 nmask=255.255.255.0
> Password:
> Domain=[FAMILY] OS=[Unix] Server=[Samba 2.2.3a-12.3 for Debian]
> tree connect failed: NT_STATUS_WRONG_PASSWORD
>
>
> Load smb config files from smb.conf
> Processing section "[homes]"
> Processing section "[dennis]"
> Processing section "[tmp]"
> Processing section "[printers]"
> Loaded services file OK.
> Press enter to see a dump of your service definitions
> # Global parameters
> [global]
> coding system =
> client code page = 850
> code page directory = /usr/share/samba/codepages
> workgroup = FAMILY
> netbios name =
> netbios aliases =
> netbios scope =
> server string = %h server (Samba %v)
> interfaces =
> bind interfaces only = No
> security = SHARE
> encrypt passwords = Yes
> update encrypted = No
> allow trusted domains = Yes
> hosts equiv =
> min passwd length = 5
> map to guest = Never
> null passwords = No
> obey pam restrictions = Yes
> password server =
> smb passwd file = /etc/samba/smbpasswd
> root directory =
> pam password change = No
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
> passwd chat debug = No
> username map =
> password level = 0
> username level = 0
> unix password sync = No
> restrict anonymous = No
> lanman auth = Yes
> use rhosts = No
> log level = 2
> syslog = 0
> syslog only = No
> log file = /var/log/samba/log.%m
> max log size = 1000
> timestamp logs = Yes
> debug hires timestamp = No
> debug pid = No
> debug uid = No
> protocol = NT1
> large readwrite = No
> max protocol = NT1
> min protocol = CORE
> read bmpx = No
> read raw = Yes
> write raw = Yes
> nt smb support = Yes
> nt pipe support = Yes
> announce version = 4.5
> announce as = NT
> max mux = 50
> max xmit = 65535
> name resolve order = lmhosts host wins bcast
> max packet = 65535
> max ttl = 259200
> max wins ttl = 518400
> min wins ttl = 21600
> time server = No
> unix extensions = No
> change notify timeout = 60
> deadtime = 0
> getwd cache = Yes
> keepalive = 300
> lpq cache time = 10
> max smbd processes = 0
> max disk size = 0
> max open files = 10000
> read size = 16384
> socket options = TCP_NODELAY
> stat cache size = 50
> use mmap = Yes
> total print jobs = 0
> load printers = Yes
> printcap name = /etc/printcap
> disable spoolss = No
> enumports command =
> addprinter command =
> deleteprinter command =
> show add printer wizard = Yes
> os2 driver map =
> strip dot = No
> character set =
> mangled stack = 50
> stat cache = Yes
> domain admin group =
> domain guest group =
> machine password timeout = 604800
> add user script =
> delete user script =
> logon script =
> logon path = \\%N\%U\profile
> logon drive =
> logon home = \\%N\%U
> domain logons = No
> os level = 20
> lm announce = Auto
> lm interval = 60
> preferred master = Auto
> local master = Yes
> domain master = Auto
> browse list = Yes
> enhanced browsing = Yes
> dns proxy = No
> wins proxy = No
> wins server =
> wins support = No
> wins hook =
> kernel oplocks = Yes
> oplock break wait time = 0
> add share command =
> change share command =
> delete share command =
> config file =
> preload =
> lock dir =
> utmp directory =
> wtmp directory =
> utmp = No
> default service =
> message command =
> dfree command =
> valid chars =
> remote announce =
> remote browse sync =
> socket address = 0.0.0.0
> homedir map =
> time offset = 0
> NIS homedir = No
> source environment =
> panic action =
> hide local users = No
> host msdfs = No
> winbind uid =
> winbind gid =
> template homedir = /home/%D/%U
> template shell = /bin/false
> winbind separator = \
> winbind cache time = 15
> winbind enum users = Yes
> winbind enum groups = Yes
> comment =
> path =
> alternate permissions = No
> username =
> guest account = nobody
> invalid users = root
> valid users =
> admin users =
> read list =
> write list =
> printer admin =
> force user =
> force group =
> read only = Yes
> create mask = 0744
> force create mode = 00
> security mask = 0777
> force security mode = 00
> directory mask = 0755
> force directory mode = 00
> directory security mask = 0777
> force directory security mode = 00
> inherit permissions = No
> guest only = No
> guest ok = No
> only user = No
> hosts allow =
> hosts deny =
> status = Yes
> nt acl support = Yes
> max connections = 0
> min print space = 0
> strict allocate = No
> strict sync = No
> sync always = No
> write cache size = 0
> max print jobs = 1000
> printable = No
> postscript = No
> printing = bsd
> print command = lpr -r -P'%p' %s
> lpq command = lpq -P'%p'
> lprm command = lprm -P'%p' %j
> lppause command =
> lpresume command =
> queuepause command =
> queueresume command =
> printer name =
> use client driver = No
> default devmode = No
> printer driver =
> printer driver file = /etc/samba/printers.def
> printer driver location =
> default case = lower
> case sensitive = No
> preserve case = Yes
> short preserve case = Yes
> mangle case = No
> mangling char = ~
> hide dot files = Yes
> hide unreadable = No
> delete veto files = No
> veto files =
> hide files =
> veto oplock files =
> map system = No
> map hidden = No
> map archive = Yes
> mangled names = Yes
> mangled map =
> browseable = Yes
> blocking locks = Yes
> fake oplocks = No
> locking = Yes
> oplocks = Yes
> level2 oplocks = Yes
> oplock contention limit = 2
> posix locking = Yes
> strict locking = No
> share modes = Yes
> copy =
> include =
> exec =
> preexec close = No
> postexec =
> root preexec =
> root preexec close = No
> root postexec =
> available = Yes
> volume =
> fstype = NTFS
> set directory = No
> wide links = Yes
> follow symlinks = Yes
> dont descend =
> magic script =
> magic output =
> delete readonly = No
> dos filemode = No
> dos filetimes = No
> dos filetime resolution = No
> fake directory create times = No
> vfs object =
> vfs options =
> msdfs root = No
>
> [homes]
> comment = Home Directories
> create mask = 0700
> directory mask = 0700
> browseable = No
>
> [dennis]
> comment = dennis
> path = /home/dennis
> read only = No
> guest only = Yes
> guest ok = Yes
>
> [tmp]
> comment = temporary files
> path = /tmp
>
> [printers]
> comment = All Printers
> path = /tmp
> create mask = 0700
> printable = Yes
> browseable = No
> [global]
> workgroup = Family
> # password level = 2
> server string = %h server (Samba %v)
> invalid users = root
> log file = /var/log/samba/log.%m
> max log size = 1000
> syslog = 0
> security = share
> encrypt passwords = true
> socket options = TCP_NODELAY
> dns proxy = no
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
> obey pam restrictions = yes
> [homes]
> comment = Home Directories
> browseable = no
> writable = no
> create mask = 0700
> directory mask = 0700
>
> [dennis]
> comment = dennis
> browseable = yes
> path = /home/dennis
> writeable = yes
> guest ok = yes
> guest only = yes
>
> [tmp]
> comment = temporary files
> path = /tmp
> read only = yes
>
> [printers]
> comment = All Printers
> browseable = no
> path = /tmp
> printable = yes
> public = no
> writable = no
> create mode = 0700
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list