[Samba] not permitted to access this share

andy.marr at bt.com andy.marr at bt.com
Tue Sep 29 07:38:04 MDT 2009


I've checked the wbinfo all returns as expected .

I've checked the user on the UNIX server can access the files and dir -
no problem.

I don't understand if SAMBA is actually try to map
FIRSTGROUP\admandymarr on to the share ?

If it is then it wont work, as the share only specifies the username not
the domain and username.

I'm not using PAM for these shares , is it needed ? Am I missing a trick
?

Anything would be a help

Regards
Andy





-----Original Message-----
From: Marr,A,Andy,DGE62 C 
Sent: 29 September 2009 11:01
To: samba at lists.samba.org
Subject: not permitted to access this share 

 
Hi all

I've a SAMBA 3.0.33 server running  on Solaris 10 sparc.

The server is joined  to a Windows ADS.

I'm getting the following error when trying to access the share as an AD
user from a windows machine.

[2009/09/29 10:48:05, 2] smbd/service.c:(616)
  user 'FIRSTGROUP\admandymarr' (from session setup) not permitted to
access thi s share (lsww)
[2009/09/29 10:48:05, 3] smbd/error.c:(106)
  error packet at smbd/reply.c(514) cmd=117 (SMBtconX)
NT_STATUS_ACCESS_DENIED
)

I setup a temp share with an empty valid users list , but I get the same
issue.

I'm not sure if the user should have the domain\user when trying to
access the share ? 

I'm so close :-)

Any pointers would be great ?

Smb.conf
[global]
        workgroup = FIRSTGROUP
        netbios name = FGUKSHPPAY001
        realm = FIRSTGROUP.COM
        preferred master = no
        server string =  DR Samba Server
        security = ADS
        encrypt passwords = yes
        allow trusted domains = yes
        log level = 5
        log file = /var/samba/log/log.%m
        max log size = 250
        printcap name = /dev/null
        load printers = no
        idmap uid = 62000-73000
        idmap gid = 6200-7300
        winbind use default domain = yes
        winbind enum users = yes
        winbind enum groups = yes
        template homedir = /export/home/%U
        template shell = /bin/bash
        password server = fgukcbpadc001.firstgroup.com

#============================ Share Definitions
==============================

[temp]
   comment = lsww
   path = /tmp
   valid users =
   public = yes
   browseable = yes
   read only = yes


[lsww]
   comment = lsww
   path = /mirror/livesww/list
   valid users = admandymarr
   public = yes
   browseable = yes
   read only = yes


More information about the samba mailing list