[Samba] create_connection_server_info failed: NT_STATUS_ACCESS_DENIED

David Touzeau david at touzeau.eu
Fri Feb 18 07:35:32 MST 2011


Dear 

I'm using samba 3.5.6 + PDC and connected to LDAP directory

In log level 1 there is many entries like this :

Feb 18 18:28:00 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:00 samba smbd[3094]: [2011/02/18 18:28:00.255872,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:00 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:00 samba smbd[3094]: [2011/02/18 18:28:00.260807,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:00 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:00 samba smbd[3094]: [2011/02/18 18:28:00.265887,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:00 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:00 samba smbd[3094]: [2011/02/18 18:28:00.304593,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:00 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:00 samba smbd[3094]: [2011/02/18 18:28:00.352915,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:00 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:01 samba smbd[3094]: [2011/02/18 18:28:01.396574,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:01 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:01 samba smbd[3094]: [2011/02/18 18:28:01.444569,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:01 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:01 samba smbd[3094]: [2011/02/18 18:28:01.492564,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:01 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:01 samba smbd[3094]: [2011/02/18 18:28:01.540553,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:01 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:01 samba smbd[3094]: [2011/02/18 18:28:01.588568,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:01 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:01 samba smbd[3094]: [2011/02/18 18:28:01.609657,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:01 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:03 samba smbd[3094]: [2011/02/18 18:28:03.005670,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:03 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:03 samba smbd[3094]: [2011/02/18 18:28:03.011218,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:03 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:03 samba smbd[3094]: [2011/02/18 18:28:03.017388,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:03 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:03 samba smbd[3094]: [2011/02/18 18:28:03.025927,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:03 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:03 samba smbd[3094]: [2011/02/18 18:28:03.034651,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:03 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED
Feb 18 18:28:03 samba smbd[3094]: [2011/02/18 18:28:03.039645,  1]
smbd/service.c:678(make_connection_snum)
Feb 18 18:28:03 samba smbd[3094]:   create_connection_server_info
failed: NT_STATUS_ACCESS_DENIED

How to fix this error ?

Here it is the samba configuration : 


[global]
workgroup=locate
netbios name=samba
server string=%h server (Samba, Ubuntu)
disable netbios=no
remote announce=192.168.0.255/LOCATE
name resolve order=wins  bcast hosts
dns proxy=No
syslog=3
log level=1
log file=/var/log/samba/log.%m
debug timestamp=yes
follow symlinks=yes
wide links=yes
unix extensions=no
usershare allow guests=no
usershare max shares=100
usershare owner only=true
usershare path=/var/lib/samba/usershares/data
guest account=nobody
map to guest=Bad Password
security=user
enable privileges=yes
domain master=yes
local master=yes
preferred master=yes
domain logons=yes
os level=40
ldap passwd sync=no
winbind use default domain=yes
winbind enum users=yes
winbind enum groups=yes
password server=*
encrypt passwords=true
winbind separator=+
winbind uid=10000-20000
winbind gid=10000-20000
client lanman auth=yes
client ntlmv2 auth=yes
nt acl support=yes
map acl inherit=yes
acl check permissions=yes
inherit permissions=yes
inherit acls=yes
acl map full control=yes
force unknown acl user=no
ldap delete dn=yes
passdb backend=ldapsam:ldap://192.168.200.4:389
ldap admin dn=cn=Manager,dc=my-domain,dc=com
ldap suffix=dc=my-domain,dc=com
ldap group suffix=dc=organizations
ldap user suffix=dc=organizations
ldap machine suffix=ou=Computer,dc=samba,dc=organizations
ldap idmap suffix=ou=idmap,dc=samba,dc=organizations,dc=my-domain,dc=com
ldapsam:trusted=yes
ldapsam:editposix=yes
template homedir=/home/%U
template shell=/bin/false
idmap backend=ldap:ldap://192.168.200.4:389
idmap uid=1000-1999999
idmap gid=1000-1999999
idmap config locate:backend=ldap
idmap config locate:readonly=no
idmap config locate:default=yes
idmap config
locate:ldap_base_dn=ou=idmap,dc=samba,dc=organizations,dc=my-domain,dc=com
idmap config locate:ldap_user_dn=cn=Manager,dc=my-domain,dc=com
idmap config locate:ldap_url=ldap://192.168.200.4:389
idmap config locate:range=1000-1999999
idmap alloc backend=ldap
idmap alloc
config:ldap_base_dn=ou=idmap,dc=samba,dc=organizations,dc=my-domain,dc=com
idmap alloc config:ldap_user_dn=cn=Manager,dc=my-domain,dc=com
idmap alloc config:ldap_url=ldap://192.168.200.4:389
idmap alloc config:range=1000-1999999
ldap ssl=off
logon path=
logon home=
logon drive=
socket options=TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_KEEPALIVE
SO_RCVBUF=8192 SO_SNDBUF=8192
case sensitive=No
default case=lower
preserve case=yes
short preserve case=yes
wins support=Yes
time server=yes
msdfs root=no
host msdfs=no
[tmp]
path=/tmp
create mask=0660
directory mask=0770
browsable=yes
public=yes
writable=yes
comment=
hide unreadable=yes
vfs object=full_audit
full_audit:prefix=%u|%I|%m|%S|%P
full_audit:success=rename unlink pwrite write
full_audit:failure=none
full_audit:facility=LOCAL7
full_audit:priority=NOTICE
[locate]
path=/data/locate
create mask=0660
directory mask=0770
browsable=yes
writable=yes
public=no
comment=
hide unreadable=yes
hide unwriteable files=no
inherit permissions=no
acl check permissions=yes
map acl inherit=yes
acl group control=yes
nt acl support=yes
inherit acls=yes
write list=@locate_group
read list=@locate_group
valid users=@locate_group
vfs object=full_audit
full_audit:prefix=%u|%I|%m|%S|%P
full_audit:success=rename unlink pwrite write
full_audit:failure=none
full_audit:facility=LOCAL7
full_audit:priority=NOTICE
[ged]
path=/data/ged
create mask=0660
directory mask=0770
browsable=yes
public=yes
writable=yes
comment=
hide unreadable=no
hide unwriteable files=no
inherit permissions=no
acl check permissions=yes
map acl inherit=yes
acl group control=yes
nt acl support=yes
inherit acls=yes
write list=@locate_group
read list=@locate_group
valid users=@locate_group
vfs object=full_audit
full_audit:prefix=%u|%I|%m|%S|%P
full_audit:success=rename unlink pwrite write
full_audit:failure=none
full_audit:facility=LOCAL7
full_audit:priority=NOTICE
[netlogon]
path=/home/netlogon/
writable=No
browseable=No
write list=root
[homes]
comment=Personnal Folder
browseable=No
writeable=Yes
vfs object=full_audit
full_audit:prefix=%u|%I|%m|%S|%P
full_audit:success=rename unlink pwrite write
full_audit:failure=none
full_audit:facility=LOCAL7
full_audit:priority=NOTICE


More information about the samba mailing list