[Samba] Trouble with access permissions from W2K client to Samba
3.0.2 server
Jason Ruiter
Jason.Ruiter at Altarum.org
Wed May 25 13:38:15 GMT 2005
Greetings,
I'm using Samba (3.0.2) on debian sarge as a file server for W2K
clients. I'm having problems with one user in particular. The user can
connect to a share, but has no write access. On the Unix side of the
world, he has full write access.
Attached are the relevant portions of the log file and my smb.conf file.
Other details:
The domain controller is W2K ADS. I have several other users who have
the correct write permission.
Its been a while since I've looked into w2K, so I may be missing
something fundamental here.
Let me know if you need more info.
Thanks
Jason
---Begin smb.conf---
[global]
realm=COMPANYX.COM
encrypt passwords = yes
security=ADS
password server = ADS.COMPANYX.COM
username map = /etc/samba/smbusers
lanman auth = no
min protocol = NT1
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain master = no
server string = %h server (Samba %v)
wins support = no
dns proxy = no
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam guest
obey pam restrictions = yes
guest account = nobody
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX
spassword:* %n\n .
[gis_lab]
path=/data/gis
guest ok = yes
read only = yes
admin users = jruiter
writelist = @eetdusers
create mask = 775
directory mode = 775
[homes]
comment = Home Directories
read only = No
VAlid USers = %S
browseable = no
writable =yes
create mask = 0700
directory mask = 0700
[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
-- End smb.conf --
--begin logfile--
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(179)
Ticket name is [RPOWELL-MI-0260$@COMPANYX.COM]
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(236)
Could not find short name -- winbind not running?
[2005/05/25 09:31:23, 1] smbd/sesssetup.c:reply_spnego_kerberos(245)
Username COMPANYX.COM\RPOWELL-MI-0260$ is invalid on this system
[2005/05/25 09:31:23, 3] smbd/error.c:error_packet(94)
error string = No such file or directory
[2005/05/25 09:31:23, 3] smbd/error.c:error_packet(118)
error packet at smbd/sesssetup.c(249) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
nas:/var/log/samba# tail -100 log.198.108.103.130
[2005/05/25 09:28:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(179)
Ticket name is [RPOWELL-MI-0260$@COMPANYX.COM]
[2005/05/25 09:28:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(236)
Could not find short name -- winbind not running?
[2005/05/25 09:28:23, 1] smbd/sesssetup.c:reply_spnego_kerberos(245)
Username COMPANYX.COM\RPOWELL-MI-0260$ is invalid on this system
[2005/05/25 09:28:23, 3] smbd/error.c:error_packet(94)
error string = No such file or directory
[2005/05/25 09:28:23, 3] smbd/error.c:error_packet(118)
error packet at smbd/sesssetup.c(249) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
[2005/05/25 09:29:23, 3] smbd/process.c:process_smb(890)
Transaction 86 of length 1400
[2005/05/25 09:29:23, 3] smbd/process.c:switch_message(685)
switch message SMBsesssetupX (pid 32088)
[2005/05/25 09:29:23, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_sesssetup_and_X(638)
wct=12 flg2=0xc807
[2005/05/25 09:29:23, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(518)
Doing spnego session setup
[2005/05/25 09:29:23, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(549)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 2 840 48018 1 2 2
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 2 840 113554 1 2 2
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 3 6 1 4 1 311 2 2 10
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(430)
Got secblob of size 1198
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(179)
Ticket name is [RPOWELL-MI-0260$@COMPANYX.COM]
[2005/05/25 09:29:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(236)
Could not find short name -- winbind not running?
[2005/05/25 09:29:23, 1] smbd/sesssetup.c:reply_spnego_kerberos(245)
Username COMPANYX.COM\RPOWELL-MI-0260$ is invalid on this system
[2005/05/25 09:29:23, 3] smbd/error.c:error_packet(94)
error string = No such file or directory
[2005/05/25 09:29:23, 3] smbd/error.c:error_packet(118)
error packet at smbd/sesssetup.c(249) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
[2005/05/25 09:30:23, 3] smbd/process.c:process_smb(890)
Transaction 87 of length 1400
[2005/05/25 09:30:23, 3] smbd/process.c:switch_message(685)
switch message SMBsesssetupX (pid 32088)
[2005/05/25 09:30:23, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_sesssetup_and_X(638)
wct=12 flg2=0xc807
[2005/05/25 09:30:23, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(518)
Doing spnego session setup
[2005/05/25 09:30:23, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(549)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 2 840 48018 1 2 2
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 2 840 113554 1 2 2
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 3 6 1 4 1 311 2 2 10
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(430)
Got secblob of size 1198
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(179)
Ticket name is [RPOWELL-MI-0260$@COMPANYX.COM]
[2005/05/25 09:30:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(236)
Could not find short name -- winbind not running?
[2005/05/25 09:30:23, 1] smbd/sesssetup.c:reply_spnego_kerberos(245)
Username COMPANYX.COM\RPOWELL-MI-0260$ is invalid on this system
[2005/05/25 09:30:23, 3] smbd/error.c:error_packet(94)
error string = No such file or directory
[2005/05/25 09:30:23, 3] smbd/error.c:error_packet(118)
error packet at smbd/sesssetup.c(249) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
[2005/05/25 09:31:23, 3] smbd/process.c:process_smb(890)
Transaction 88 of length 1400
[2005/05/25 09:31:23, 3] smbd/process.c:switch_message(685)
switch message SMBsesssetupX (pid 32088)
[2005/05/25 09:31:23, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_sesssetup_and_X(638)
wct=12 flg2=0xc807
[2005/05/25 09:31:23, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(518)
Doing spnego session setup
[2005/05/25 09:31:23, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(549)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 2 840 48018 1 2 2
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 2 840 113554 1 2 2
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
Got OID 1 3 6 1 4 1 311 2 2 10
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(430)
Got secblob of size 1198
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(179)
Ticket name is [RPOWELL-MI-0260$@COMPANYX.COM]
[2005/05/25 09:31:23, 3] smbd/sesssetup.c:reply_spnego_kerberos(236)
Could not find short name -- winbind not running?
[2005/05/25 09:31:23, 1] smbd/sesssetup.c:reply_spnego_kerberos(245)
Username COMPANYX.COM\RPOWELL-MI-0260$ is invalid on this system
[2005/05/25 09:31:23, 3] smbd/error.c:error_packet(94)
error string = No such file or directory
[2005/05/25 09:31:23, 3] smbd/error.c:error_packet(118)
error packet at smbd/sesssetup.c(249) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
--end logfile --
More information about the samba
mailing list