[Samba] ACLs, NT_STATUS_ACCESS_DENIED, etc.
Ken D'Ambrosio
ken at jots.org
Wed Dec 1 01:01:23 MST 2010
Hey, all. I've got some irksome issues, and would love it if someone
could show me where I'm going wrong.
First and foremost, I can access the folders, create new ones, etc. But
copying stuff from an existing Windows share (with ACLs), not so much.
Likewise when I try to assign permissions. I wind up with stuff like
[2010/12/01 02:56:34, 0] libsmb/ntlmssp_sign.c:208(ntlmssp_check_packet)
NTLMSSP NTLM2 packet check failed due to invalid signature!
[2010/12/01 02:56:34, 0] rpc_server/srv_pipe_hnd.c:395(process_request_pdu)
process_request_pdu: failed to do auth processing.
[2010/12/01 02:56:34, 0] rpc_server/srv_pipe_hnd.c:396(process_request_pdu)
process_request_pdu: error was NT_STATUS_ACCESS_DENIED.
Googling this stuff has been to pretty much no avail. I'm running Ubuntu
10.04's Samba, v. 3.4.7~dfsg-1ubuntu3.2. (I did try upgrading to 10.10's
Samba -- same problems, different errors. Downgraded.)
Here's my smb.conf (I apologize for its messiness; t-shooting does that):
[global]
workgroup = SEGWAY
realm = SEGWAY.LOCAL
netbios name = bed_fs1
server string = %h server (Samba %v, Ubuntu)
security = ADS
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
domain master = No
dns proxy = No
usershare allow guests = Yes
allow trusted domains = yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 1000-29999
idmap gid = 1000-29999
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
#[homes]
#comment = Home Directories
#browseable = yes
#valid users = %S
#writable = yes
[man_fs2]
path = /servers/man_fs2
valid users = @"SEGWAY+Domain Admins" , @"SEGWAY+Domain Users" ,
@"SEGWAY+Segway Team"
admin users = @"SEGWAY+Domain Admins" , root
write list = @"SEGWAY+Segway Team" , @"SEGWAY+Domain Admins" ,
@"SEGWAY+Domain Users"
directory mask = 0700
create mode = 0700
force create mode = 0700
force directory mode = 0700
read only = no
writeable = yes
available = yes
browseable = yes
public = yes
guest ok = yes
nt acl support = yes
#map archive = No
#map hidden = No
#map system = No
#map readonly = No
Thanks kindly!
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba
mailing list