[Samba] connection to IPC$ denied due to security descriptor
Edmundo Valle Neto
edmundo.valle at terra.com.br
Mon Nov 26 04:16:49 GMT 2007
richid escreveu:
> Hey all,
>
> I have a fileserver running Debian Etch and Samba 3.0.24 that I use to serve
> media and private home directories. I have a couple roommates, and
> therefore have a couple accounts on the box for those users. I had
> everything working perfectly until last week when my system drive took a
> crap. I've reinstalled everything exactly the same (I think?) but now I am
> having problems with some accounts not being able to connect to the shares.
> My username can connect to my home share and the communal media share just
> fine. When I try to connect to another users home share or to the media
> share with their username, I keep getting the password dialog box. I've
> ensured that they are in smbpasswd and that their password is correct. I've
> also verified this using smbclient.
>
> DETAILS:
>
> The log file is reporting this error when I try to connect:
> make_connection: connection to IPC$ denied due to security descriptor.
>
> Here is output from smbclient:
> bob at warehouse:~$ smbclient //warehouse/media -U bob
> Password:
> Domain=[WAREHOUSE] OS=[Unix] Server=[Samba 3.0.24]
> smb: \> ls
> . D 0 Thu Oct 18 11:25:22
> 2007
> .. D 0 Wed Nov 7 21:47:06
> 2007
> audio D 0 Tue Nov 13 23:40:25
> 2007
> downloads D 0 Tue Nov 13 23:41:11
> 2007
> video D 0 Thu Nov 15 23:00:34
> 2007
>
> 44708 blocks of size 33553920. 25310 blocks available
> smb: \>
>
> Here is my smb.conf:
>
> [global]
> netbios name = warehouse
> server string = warehouse
> dns proxy = no
> log file = /var/log/samba/log.%m
> max log size = 1000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> encrypt passwords = true
> passdb backend = tdbsam
> obey pam restrictions = yes
> invalid users = root
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n
> socket options = TCP_NODELAY
> domain master = auto
>
> force user = %U
> force group = users
>
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
> create mask = 0700
> directory mask = 0700
> force group = %G
> valid users = %S
>
> [media]
> comment = Media
> path = /mnt/storage/media
> browsable = yes
> writeable = yes
> create mask = 0775
> directory mask = 0775
> #guest ok = yes
> hide files = /*.dat/
>
>
> It's pretty basic, I'm not doing anything special here. Anyone have any
> idea what the problem is? I've also read a couple other threads, and have
> already tried removing the /var/run/samba/share_info.tdb file and restarting
> Samba, but that hasn't worked. I'm really stumped on this one, anyone else?
>
> Thanks in advance,
> Rich
>
I have something similar with the computers in my home using Ubuntu
(that uses almost the same samba package), I can say one thing, it
doesn't seems to triggered with something inside share_info.tdb, putting
the line "force group = users" (that I think I never used before) gives
me "make_connection: connection to IPC$ denied due to security
descriptor." errors when I log on a Windows XP in the same network, and
it appears to happen when XP tries to connect to samba with the guest
account to get the list of shares. But I haven't noted any problem
because of that. Samba continues to accept connections using already
created accounts.
So, I don't have sure if your problem has anything to do with that error
message.
Testparm gives you any error?
Listing the shares with these accounts work? smbclient -L localhost
-Uanyuser%password ?
Regards.
Edmundo Valle Neto
More information about the samba
mailing list