[Samba] access denied & Sid does not start with 'S-'.

dnk d.k.emaillists at gmail.com
Mon Aug 20 17:20:15 GMT 2007 

Hi there.

For some reason I am getting permission denied errors on a new samba server.
I can add machines to the domain, I can login with any user id's and so on
as well. But when I try connecting to a public share, or the users home
directory, I get a user denied error.

"\\Fileserver\user is not accessible. You might not have permission to use
this network resource. Contact the administrator of this server to find out
if you have access permission."

When checking the permissions on the users home directory, i have the
following:

drwx------   3 user user

And permissions on my "public" directory is:

drwxrwxr-x 9 root users

In my log files I have:

smb.log

Connect path is '/home/dustin' for service [dustin]
  string_to_sid: Sid dustin does not start with 'S-'.
  '/home/dustin' does not exist or permission denied when connecting to
[dustin] Error was Permission denied
  Yielding connection to dustin
  create_conn_struct: Can't ChDir to new conn path /home/dustin. Error was
Permission denied
  create_conn_struct: Can't ChDir to new conn path /home/dustin. Error was
Permission denied




My SMB.conf is below, any ideas? This one is driving me insane as this
server was working when i set it up back in our office....



[global]
   workgroup = DOMAIN
   netbios name = Fileserver
   server string = DOMAIN %h

   passdb backend = tdbsam
   security = user
   encrypt passwords = yes
   username map = /etc/samba/smbusers
   name resolve order = wins bcast hosts
   domain logons = yes
   preferred master = yes
   wins support = yes

  #Extra Security
   hosts allow = 192.168.90.0/24, 127.0.0.1
   hosts deny = 0.0.0.0/0

  #Misc
   veto oplock files = /*.doc/*.xls/*.mdb/
   time server = yes

   # Set CUPS for printing
   load printers = yes
   printcap name = CUPS
   printing = CUPS

   # Default logon
   logon drive = H:
   logon script = %U.bat
   logon path =
   logon home =

   # Useradd scripts
   add user script = /usr/sbin/adduser --quiet --disabled-password --gecos
"" %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   delete group script = /usr/sbin/groupdel %g
   add user to group script = /usr/sbin/usernod -G %g %u
   add machine script = /usr/sbin/useradd -s /sbin/nologin -d
/var/lib/nobody %u
   idmap uid = 15000-20000
   idmap gid = 15000-20000
   template shell = /bin/bash

# sync smb passwords with linux passwords
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
   passwd chat debug = yes
   unix password sync = yes

   # set the loglevel
   log level = 3

[homes]
   comment = Home
   valid users = %S
   read only = no
   browsable = no

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   admin users = Administrator
   valid users = %U
   read only = no
   guest ok = yes
   writable = no
   share modes = no

[public]
comment = All Users
path = /home/shares/public
valid users = @users
force group = users
create mask = 0660
directory mask = 0771
writeable = yes
read only = no
inherit permissions = yes

More information about the samba mailing list