[Samba] users home folders not accessable - access denied

dnk d.k.emaillists at gmail.com
Mon Apr 27 16:53:06 GMT 2009

I apologize in advance if this is a double post. I had sent my last  
one from my phone and i never saw it show up on here, so thought  
something may have went haywire there. Anyways onto the issues:

CentOS 5.3

I have a samba server that was running great. I have my /home mounted  
on a raid 1 drive.

In my fstab it had:

/dev/md0                /home                 ext3    defaults,acl     
1 2

Now i was running out of room, so i added another hard drive. As the  
original system that was configured did not use LVM, I had to create a  
new mount point.

So I formatted the new drive with ext3, and was going to split my  
samba into two drives.. the raided drives would contain all my main  
samba shares, and my home folders would just be on the new single  
drive (space constrictions in the chassis, otherwise i would have done  
it as raid 1 as well).

So I modified my fstab to be:

/dev/md0                /shares                 ext3     
defaults,acl    1 2
/dev/sdc1               /home                   ext3     
defaults,acl    1 2

Now as you can see, the raid 1 drives (my original /home) has been  
moved to /shares and my new drive is now /home. All the home  
directories were moved to the new drive (sdc1). I can access the data,  
write to it, delete, etc. So all seems fine from the CLI. For all  
intents and purposes, the new drive is there, mounting at boot, and  
able to be used.

Now when i try to access all my shares, my main shares from the / 
shares drive work like a charm. But when a user tries to access their  
private folder (/home/username), they get the error:

\\server\username is not accessible. You might not have permission to  
use this network resource. Contact the system administrator of this  
server to find out if you have access permissions. The network name  
cannot be found.

Now when browsing the network, I can see that share there.

When I look in my smbd.log file I see:

   '/home/username' does not exist or permission denied when  
connecting to [username] Error was Permission denied

Just to see if i can get more info, I tried mapping the drive

net use h: \\server\username

System error 53 has occurred. The network path was not found.

from another machine I tried to access via cli (os x to my samba server)

smbclient //server/username -Uusername%password
Domain=[DOM] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

Below is my smb.conf

workgroup = DOM
netbios name = Server
server string = (%L)
wins support = Yes
name resolve order = wins bcast hosts
passdb backend = tdbsam
username map = /etc/samba/smbusers
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/groupmod -A %u %g
delete user from group script = /usr/sbin/groupmod -R %u %g
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/ 
nobody %u
# Note: The following specifies the default logon script.
# Per user logon scripts can be specified in the user account using  
logon script = %U.bat
# This sets the default profile path. Set per user paths with pdbedit
logon path =
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
#mac hacks
follow symlinks = yes
unix extensions = no
veto files = /.DS_Store/._.*/DesktopFolderDB/Network Trash Folder/ 
delete veto files = true
hide dot files = yes

comment = Home Directories
valid users = %S
read only = No
browseable = No

comment = Network Logon Service
path = /shares/netlogon
admin users = root
guest ok = Yes
browseable = No

comment = Share for the users in the main group
path = /shares/main
valid users = @main
force group = main
create mask = 0660
directory mask = 0771
writeable = yes

Then I went as far as defining an actual share for on of my users to  
test by adding to my smb.conf

comment = TMP Share for username files
path = /home/enorton
valid users = @username
force group = username
create mask = 0660
directory mask = 0771
writeable = yes

And all my symptoms were the same.

I also tried:
- I checked my rsolv.conf - all good there.

- pings both ways- all good

- firewall (none on the samba server - at this point for testing):
  # iptables -L -v
Chain INPUT (policy ACCEPT 99665 packets, 18M bytes)
  pkts bytes target     prot opt in     out     source                

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
  pkts bytes target     prot opt in     out     source                

Chain OUTPUT (policy ACCEPT 87228 packets, 33M bytes)
  pkts bytes target     prot opt in     out     source                

- I tried to see my shares:
# smbclient -L server
Domain=[DOM] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]

	Sharename       Type      Comment
	---------       ----      -------
	main            Disk      Share for the users in the main group	
	IPC$            IPC       IPC Service ((boleo))
	root            Disk      Home Directories
Domain=[DOM] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]

	Server               Comment
	---------            -------

	Workgroup            Master
	---------            -------
	DOM                 SERVER

- No subnet restrictions (also moot since i can connect to my main  
- Double checked permissions on the actual home folders:
# ls -al /home/ | grep user
drwx------  5 user           user           4096 Apr 26 23:48 user
-reset them to be safe:
# chmod -R 700 /home/username; chown -R user:user /home/user
- I tried:
nmblookup -B SERVER __SAMBA__
I got my proper IP back.
- from my PC in DOS, running:
net view \\SERVER
I get back my list of shares.
- And also:
  nmblookup -M DOM
querying DOM on 192.168.xxx.255
192.168.xxx.xxx DOM<1d>
Reports back proper values.

As you can see I tried to be as thorough as possible.

Cuckoo for Cocoa Puffs over here.

Thanks in advance.


More information about the samba mailing list