[Samba] NT_STATUS_NO_SUCH_GROUP
David Cake
dave at difference.com.au
Tue Mar 30 02:51:23 MDT 2010
I have an issue where a user cannot connect to a specific
samba group. I've tried connecting directly from Windows, and via
smbclient.
via smbclient I get
smbclient '\\SERVER NAME\Skin_FTP' -U username
Password:
Domain=[EP] OS=[Unix] Server=[Samba 3.2.5]
tree connect failed: NT_STATUS_NO_SUCH_GROUP
Yet an apparently mostly identical share seems to work fine
smbclient '\\SERVER NAME\Queen_FTP' -U username
Password:
Domain=[EP] OS=[Unix] Server=[Samba 3.2.5]
smb: \>
The two shares seem pretty much the same
[Queen_FTP]
valid users = @royal
writeable = yes
create mode = 775
path = /home/royal
force group = royal
directory mode = 775
[Skin_FTP]
writeable = yes
valid users = @skin
create mode = 775
path = /home/skin
force group = skin
directory mode = 775
both groups are Samba Domain groups, that correspond to a local unix
group with the same name. Both local unix groups seem to exist, and I
can't see any significant differences between the two.
So, any suggestions for how to go about debugging this one?
I've double checked unix group details, restarted winbind in the
hopes this would force a group cache rebuild, double checked
everything I can find - and I still have no idea why one group works,
another does not.
getent group royal and getent group skin both return apparently valid
unix group file entries
eg royal:x:1024: a bunch of usernames
Thanks in advance
David
PS relevant parts of smb.conf
-------------------
[global]
load printers = yes
socket options = TCP_NODELAY
domain master = yes
preferred master = yes
domain logons = yes
encrypt passwords = true
public = yes
allow hosts = 10.0.50.0/255.255.0.0
wins support = true
netbios name = SERVERNAME
server string = File & Print Server
printing = cups
default = global
unix password sync = yes
local master = yes
workgroup = EP
os level = 65
username map = /etc/samba/smbusers
[global]
log file = /var/log/samba/smb.log
dns proxy = no
netbios name = Servername
server string = %h (Samba %v)
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n
invalid users = root
socket options = TCP_NODELAY
obey pam restrictions = yes
workgroup = EP
encrypt passwords = true
syslog = 0
passwd program = /usr/bin/passwd %u
max log size = 1000
smb ports = 139
veto files =
/:2eFBCLockFolder/.FBCLockFolder/:2eFBCIndex/.FBCIndex/:2eDS_Store/.DS_Store/TheVolumeSettingsFolder?/TheFindByContentFolder?/Temporary
Items/Network Trash
Folder/.AppleDB/:2eVolumeIcon.icns/.VolumeIcon?.icns/Icon?/.AppleDouble?/.AppleDesktop?/desktop.ini/RECYCLER/
delete veto files = Yes
map to guest = bad user
#needed for domain logons
comment = Network Logon Service
path = /var/lib/samba/netlogon
admin users = root
guest ok = Yes
browseable = Yes
#[homes]
# comment = Home Directories
# browseable = yes
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
writable = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0700
More information about the samba
mailing list