[Samba] User cannot get into own directory with 700 permissions

Linda W samba at tlinx.org
Fri Jun 15 23:39:50 MDT 2012

Colin Fowler wrote:
> If I create a directory with 700 permissions owned by me with the 
> group set to my primary group I *cannot* get into the directory from 
> my windows machine. I can of course get into it from unix
> If however I set the mode to 740, I can get into it from windows
> Samba version is 3.6.5 running on Debian squeeze and is installed from 
> the backports repository. Below is a snippet of the log file at log 
> level 5 from when I try to access the directory "700_dir_cfowler_staff"
> any help much appreciated!
You create the directory on your unix box with 700 permissions.

How did you mount the partition??

I.e. How does it know that the 'you' on your win-sys is the same 'you' as
the you on your linux box?

Case in point -- I have at least 2 'you's, that I am...  one is in my 
the other is on the workstation.

The one in the domain is the same one as on the linux server, but the 
login with
the same name on my workstation is NOT the same user -- one is 
linda at workstation, while the other is linda at domain.

Now you can put both of those users in the same group...and have files 
by group (which is how I try to manage sharing -- but it doesn't always work
because windows progs don't know to give access by group --- I mean giving
access to a group -- to say some software -- that would be "like" piracy ---
(*cough*), -- windows has always wanted to charge by the user AND by the 
-- so the windows you install on 1 machine isn't really yours to use on 

So it was in their interest to allow as little universal ID's as possible
unless you paid extra, for "per-person" licensing that was sold to 
at a premium price... maybe you get the picture??...

You can either try to make do with groups -- or try to bring up your linux
box as a domain server -- if you already have it set as a domain server,
um...I think 'deny-access' entries get ordered before permission entries, so
if it took out your group access with a deny, that's another possibility.

Hopefully this gives you a few places to look...(can't say alot, as my own
setup is held together with duck-tape and paper clips... and isn't always
the most stable (understatement)...

More information about the samba mailing list