[Samba] setting acls from win XP clients

Jesse Spangenberger jesse at oceanlodge.biz
Fri Jan 13 18:14:46 GMT 2006 

 

-----Original Message-----
From: Gerald (Jerry) Carter [mailto:jerry at samba.org] 
Sent: Thursday, January 12, 2006 10:54 PM
To: Ben
Cc: samba at lists.samba.org
Subject: Re: [Samba] setting acls from win XP clients

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 12 Jan 2006, Ben wrote:

> I have a samba server using ldap for authentication. All the client 
> machines are Win XP Pro machines. I am not using domain logons 
> (although, I tested them and samba is set up for them), but 
> security=user. I have acl's successfully working on the filesystem 
> that samba is using. I want to have users to be able to set the ACL 
> permission of files / directories. When a user tries to do this (from 
> windows, right-click on a file, file properties, security, add) XP 
> asks them to log on to the workgroup to get a list of valid users / 
> groups / security principals. When I try to log in (with valid or 
> invalid username or password), I get an error stating that "Multiple 
> connections to a server or shared resource by the same user, using 
> more than one user name, are not allowed" I get this error even when I 
> haven't yet logged onto an samba shares.

This is a Windows bug (introduced in Windows 2000 SP4).  I spent several
days working on it.  Doesn't work between Win2k/XP and NT4 either.
Use you Samba box as a DC and it will be fine.

====

Actually, this is not a bug but a security measure I do believe.  Win2k and
WinXP will not connect to the same server multiple time using different user
logon information (actually, sorta pointless if you set up permissions
right).  Thus, if John Doe is logged in and Jane wants to reach personal
information in her home drive, then A) John Doe has to log out or B)
disconnect all drives to the server with the home shares on them, then map
her drive.  

Also to note, If you map a network drive with windows with one
username/password pair -- it will also use that as the default
username/password pair for that server for any other mapped drives.

Though, not testing, I wonder if linux is under the same restrains? Heh.

Jesse Spangenberger

More information about the samba mailing list