[Samba] HELP! After upgrade, can't get at my shares

Fri Jun 3 18:12:25 GMT 2005

I'm really not looking forward to downgrading because of this but if
this persists much longer I'll have to. :-(

Platform: MDV LE 2005

Previous version was 3.0.9 I think. Whatever the default for Mdk 10.1
Official was.

samba-swat-3.0.14a-2mdk
samba-smbldap-tools-3.0.14a-2mdk
samba-doc-3.0.14a-2mdk
samba-client-3.0.14a-2mdk
samba-common-3.0.14a-2mdk
samba-vscan-clamav-3.0.14a-2mdk
samba-server-3.0.14a-2mdk

LDAP backend.  Getent works and I have no trouble logging ldap users
into Linux. Commented out LDAP ACLs and that did not seem to help.
smbldap-tools seems to work fine. testparm returns no errors.

I've tried setting "valid users =" in the homes share to various things
and no dice. This included commenting it out all together. The old
setting was "valid users = %S".

Tests show the following:

[root at enigma ~]# smbclient -L enigma
Password:
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.14a]

        Sharename       Type      Comment
        ---------       ----      -------
        apps            Disk      Application Files
        public          Disk
        print$          Disk      Printer Drivers
        IPC$            IPC       IPC Service (Samba 3.0.14a)
        ADMIN$          IPC       IPC Service (Samba 3.0.14a)
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.14a]

        Server               Comment
        ---------            -------
        ENIGMA               Samba 3.0.14a
        MICROTRON

        Workgroup            Master
        ---------            -------
        J9STARR              ENIGMA
[root at enigma ~]#

OK, so as a user:

[njim at enigma njim]$ smbclient  //enigma/njim
Password:
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.14a]
tree connect failed: NT_STATUS_ACCESS_DENIED
[njim at enigma njim]$

Note: CUPS isn't set up yet which I think explains the print errors.
Also the smbldap script paths still need adjusting in this version of my
smb.conf.

testparm output is:

# Global parameters
[global]
	unix charset = LOCALE
	workgroup = J9STARR
	interfaces = eth0, lo
	bind interfaces only = Yes
	passdb backend = ldapsam:ldap://localhost
	passwd program = /usr/bin/passwd '%u'
	passwd chat debug = Yes
	unix password sync = Yes
	syslog = 0
	log file = /var/log/samba/%m
	max log size = 50
	name resolve order = wins hosts bcast
	time server = Yes
	printcap name = CUPS
	add user script = /usr/share/samba/scripts/smbldap-useradd.pl -a -m '%u'
	delete user script = /usr/share/samba/scripts/smbldap-userdel.pl '%u'
	add group script = /usr/share/samba/scripts/smbldap-groupadd.pl -p '%g'
	delete group script = /usr/share/samba/scripts/smbldap-groupdel.pl '%g'
	add user to group script = /usr/share/samba/scripts/smbldap-groupmod.pl
-m '%u' '%g'
	delete user from group script =
/usr/share/samba/scripts/smbldap-groupmod.pl -x '%u' '%g'
	set primary group script = /usr/share/samba/scripts/smbldap-usermod.pl
-g '%g' '%u'
	add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w '%u'
	logon script = logon.bat
	logon path = \\%L\profiles\%U
	logon drive = Z:
	logon home = \\%L\%U\profiles
	domain logons = Yes
	preferred master = Yes
	wins support = Yes
	ldap admin dn = cn=enigma.j9starr.net,ou=Hosts,dc=j9starr,dc=net
	ldap group suffix = ou=Group
	ldap idmap suffix = ou=Idmap
	ldap machine suffix = ou=People
	ldap suffix = dc=j9starr,dc=net
	ldap ssl = no
	ldap user suffix = ou=People
	idmap backend = ldap:ldap://localhost
	idmap uid = 10000-20000
	idmap gid = 10000-20000
	printer admin = root, "@Domain Admins"
	hosts allow = 192.168.2., 127.
	hosts deny = ALL
	map acl inherit = Yes
	print command = lpr-cups -P %p -o raw %s -r

[apps]
	comment = Application Files
	path = /mnt/apps
	read only = No
	vfs objects = vscan-clamav

[netlogon]
	comment = Network Logon Service
	path = /var/lib/samba/netlogon/%a
	guest ok = Yes
	browseable = No
	locking = No

[profiles]
	comment = Profile Share
	path = /var/lib/samba/%a/profiles
	read only = No
	profile acls = Yes
	browseable = No
	root preexec = PROFILE=/var/lib/samba/%a/profiles/%u; if [ ! -e
$PROFILE ]; 		then mkdir -pm700 $PROFILE; chown "%u"."%g" $PROFILE; fi
	root postexec = /bin/su -c "/usr/local/bin/dl
/var/lib/samba/%a/profiles/%u/Desktop/*[^.lnk]" "%u"
	recycle:repository = ../../../../../home/%U/Desktop/Trash
	recycle:noversions = *.doc|*.xls|*.ppt
	recycle:excludedir = /tmp|/temp|/cache
	recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
	recycle:maxsize = 209715200
	recycle:versions = Yes
	recycle:touch = Yes
	recycle:keeptree = Yes

[homes]
	comment = Home Directories
	valid users = %S
	read only = No
	hide special files = Yes
	browseable = No
	recycle:repository = ./Desktop/Trash
	recycle:noversions = *.doc|*.xls|*.ppt
	recycle:excludedir = /tmp|/temp|/cache
	recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
	recycle:maxsize = 0
	recycle:versions = Yes
	recycle:touch = Yes
	recycle:keeptree = Yes

[public]
	path = /home/storeage
	read only = No
	guest only = Yes
	guest ok = Yes
	recycle:repository = ./Trash
	recycle:noversions = *.doc|*.xls|*.ppt
	recycle:excludedir = /tmp|/temp|/cache
	recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
	recycle:maxsize = 0
	recycle:versions = Yes
	recycle:touch = Yes
	recycle:keeptree = Yes

[printers]
	comment = All Printers
	path = /var/spool/samba
	printer admin = "@Domain Admins"
	guest ok = Yes
	printable = Yes
	use client driver = Yes
	browseable = No

[print$]
	comment = Printer Drivers
	path = /var/lib/samba/printers
	write list = root, "@Domain Admins"
	guest ok = Yes