[Samba] Having problems with Samba and openLDAP Groups
Matt Burkhardt
mlb at imparisystems.com
Thu May 28 12:53:18 GMT 2009
Thanks for the help! I appreciate you taking the time!
On Thu, 2009-05-28 at 00:02 +0300, Liutauras Adomaitis wrote:
> > [2009/05/27 13:34:52, 2] smbd/service.c:make_connection_snum(616)
> > user 'mlb' (from session setup) not permitted to access this share
> > (Staff)
> > [2009/05/27 13:34:52, 3] smbd/error.c:error_packet_set(106)
> > error packet at smbd/reply.c(514) cmd=117 (SMBtconX)
> > NT_STATUS_ACCESS_DENIED
>
> i guess your user mib is not in group @Staff. What do you get with
> commands: smbldap-tools works only with ldap, it doesn't mean system
> sees those users.
> id mib
> getent passwd | grep mib
> getent group | grep -i staff
id mlb
uid=1000(mlb) gid=1000(mlb)
groups=1000(mlb),4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),33(www-data),44(video),46(plugdev),107(fuse),113(lpadmin),115(admin),116(sambashare),1001(musicshare),1002(printer-admin),1008(subversion),1012(Staff),513(Domain Users),1014(Staff)
getent passwd | grep mlb
mlb:x:1000:1000:Matt Burkhardt,,,:/home/mlb:/bin/bash
mlb:x:1009:544:mlb:/home/mlb:/bin/bash
mlb-laptop$:*:1014:515:Computer:/dev/null:/bin/false
getent group | grep -i Staff
staff:x:50:
Staff:x:1012:alex,mlb
Staff:*:1014:mlb,alex
>
> Run "testparm" - it will show some errors you have in your smb.conf file.
>
>
> Also run testparm command, it will show you some errors in your
> smb.conf file you have.
>
testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[bigdrive]"
Processing section "[Business]"
Processing section "[Editors]"
Processing section "[Members]"
Processing section "[Staff]"
WARNING: The "only user" option is deprecated
Processing section "[tmp]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
--
Matt Burkhardt, M.Sci. Technology Management
mlb at imparisystems.com
(301) 682-7901
502 Fairview Avenue
Frederick, MD 21701
http://www.imparisystems.com
More information about the samba
mailing list