[Samba] Can't map [homes] share with Samba 3 configured as PDC
Mansell, Gary
Gary.Mansell at ricardo.com
Thu Jan 29 11:08:28 GMT 2004
Hi,
I have followed the worked example in the HOWTO documentation for the small Engineering Office which demonstrates how to configure Samba-3 as the PDC for an NT domain.
I have setup a RHAS 3.0 Linux box and have configured Samba as per the instructions in the book.
Using an NT 4.0 client workstation I can sucessfully login as the user grma (It authenticates against the Samba PDC OK) but I cannot seem to map the user's home directory. The log file indicates: NT_STATUS_ACCESS_DENIED
This seems strange to me as I have had home directories working fine on previous versions of Samba that are not acting as PDC's.
Here is my smb.conf file:
[root at mistysrv samba]# more /etc/samba/smb.conf
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/01/28 15:11:06
# Global parameters
[global]
debug level = 10
workgroup = MISTY
server string = MISTYSRV Samba Server %v
passdb backend = tdbsam
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
delete user from group script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
logon script = scripts\logon.bat
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
dns proxy = No
ldap ssl = no
idmap uid = 15000-20000
idmap gid = 15000-20000
printing = cups
[homes]
comment = Home Directories
valid users = %S
browseable = No
writeable = yes
create mode = 0644
directory mode = 0755
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root
create mask = 0600
guest ok = Yes
printable = Yes
browseable = No
[netlogon]
comment = Network Logon Share
path = /var/lib/samba/netlogon
admin users = root
guest ok = Yes
browseable = No
[print$]
comment = Printer Drivers Share
path = /var/lib/samba/drivers
write list = root
printer admin = root
[Profiles]
comment = Roaming Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
Here is some of the output from the workstation's logfile that I think is pertinent. The problem seems to be highlighted as NT_STATUS_ACCESS_DENIED
[2004/01/29 10:49:25, 6] lib/util_sock.c:write_socket(407)
write_socket(16,128)
[2004/01/29 10:49:25, 6] lib/util_sock.c:write_socket(410)
write_socket(16,128) wrote 128
[2004/01/29 10:49:35, 5] smbd/uid.c:change_to_root_user(218)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2004/01/29 10:49:35, 4] smbd/reply.c:reply_tcon_and_X(266)
Client requested device type [A:] for share [GRMA]
[2004/01/29 10:49:35, 5] smbd/service.c:make_connection(830)
making a connection to 'homes' service [GRMA] created at session setup time
[2004/01/29 10:49:35, 10] lib/username.c:user_in_list(504)
user_in_list: checking user grma in list
[2004/01/29 10:49:35, 10] lib/username.c:user_in_list(508)
user_in_list: checking user |grma| against |%S|
[2004/01/29 10:49:35, 2] smbd/service.c:make_connection_snum(384)
user 'grma' (from session setup) not permitted to access this share (grma)
[2004/01/29 10:49:35, 3] smbd/error.c:error_packet(113)
error packet at smbd/reply.c(274) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED
[2004/01/29 10:49:35, 5] lib/util.c:show_msg(478)
[2004/01/29 10:49:35, 5] lib/util.c:show_msg(488)
size=35
smb_com=0x75
smb_rcls=34
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=51966
smb_uid=101
smb_mid=1856
smt_wct=0
smb_bcc=0
[2004/01/29 10:49:35, 6] lib/util_sock.c:write_socket(407)
Some help would be very gladly appreciated
Regards
Gary Mansell
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system.Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient).Only Directors or Duly Authorised Officers are authorised to enter into legally binding obligations on behalf of Ricardo unless the obligation is contained within a Ricardo Purchase Order. Ricardo may monitor outgoing and incoming e-mails and other telecommunications on its e-mail and telecommunications systems. By replying to this e-mail you give consent to such monitoring.The recipient should check this e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. "Ricardo" means Ricardo plc and its subsidiary companies.
Ricardo plc is a public limited company registered in England with registered number 00222915.
The registered office of Ricardo plc is Bridge Works, Shoreham-by Sea, West Sussex, BN43 5FG.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More information about the samba
mailing list