[Samba] Samba Configuration

Liutauras Adomaitis liutauras.adomaitis at gmail.com
Wed May 27 20:26:41 GMT 2009

On Wed, May 27, 2009 at 4:09 PM, Matt Burkhardt <mlb at imparisystems.com> wrote:
> On Mon, 2009-05-25 at 23:06 +0300, Liutauras Adomaitis wrote:
> On Mon, May 25, 2009 at 10:29 PM, Matt Burkhardt <mlb at imparisystems.com>
> wrote:
>> Maybe I'm missing this - but I'm having problems setting up some file
>> shares that are limited to certain groups.  I've done countless searches
>> on setups and on the tree connnect failed error message, and just
>> haven't found anything that solves my problem.
>> I am able to create shares that are basically open to the public, but I
>> know the security is all messed up.
>> I have openLDAP set up, can log onto the Samba server, but when I try to
>> set up the security, I just end up with
>>> smbclient //Ubuntu/Staff
>>> Enter mlb's password:
>>> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.28a]
>>> tree connect failed: NT_STATUS_ACCESS_DENIED
> I think there is a number of possible answers or potential problems.
> your smb.conf, logs (level 10 it is not necessary probably, but 3
> atleast - I think) is needed.
> Liutauras
> Ok - I set log level = 3 in /etc/samba/smb.conf and restarted the Samba
> server, then tried to logon with smbclient //Ubuntu/Staff and then stopped
> the server and here are smbd and nmbd only with the time stamp from after
> the restart
> --
> Matt Burkhardt, M.Sci. Technology Management
> mlb at imparisystems.com
> (301) 682-7901
> 502 Fairview Avenue
> Frederick, MD  21701
> http://www.imparisystems.com

I see you got log.smbd and log.nmbd files. There is nothing about
accessing [Staff] share, so I guess you have "log file =
/var/log/samba/%m.log" in your smb.conf file. Most probably there must
be more log files. Search for file called by your box IP address or
hostname.log file, or change "log file = mylogfile.log", to log
everything to one file.

As for possible causes:
- you are trying to access share as user, which doesn't exists in
samba users database.
- you set up share, which doesn't allow your user to access this share.
- you share is pointing to wrong directory in your system, or you
don't have access rights to that directory. Check rights in full path.
(I'm not sure if error message is like the one you get, but it worth
to check)

I just reread your 1st post - what do you mean "can log onto the Samba
server"? If you can access public samba shares, then my guess is that
your LDAP backend is not setup correctly and you don't have any users
visible by samba.

More information about the samba mailing list