[Samba] Custom user shares
Rowland Penny
rowlandpenny at googlemail.com
Tue Apr 22 12:50:21 MDT 2014
On 22/04/14 19:08, Ashley M. Kirchner wrote:
> Uh, excuse my ignorance, but what? What samba database? I didn't do
> anything with any database on any of the servers, not the one that is
> working fine nor this (older) one I'm trying to configure. If you're
> referring specifically to the 'passdb backend' option, it's commented out
> on both servers.
>
> This is the complete smb.conf file on both.
>
> [global]
> workgroup = WORKGROUP
> server string = BRASCO
> netbios name = BRASCO
> interfaces = lo eth0 192.168.1.0/24
>
> # logs split per machine
> log file = /var/log/samba/log.%m
> # max 50KB per log file, then rotate
> max log size = 50
>
> security = user
>
> local master = no
>
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
> wins support = no
> dns proxy = no
> load printers = no
> disable spoolss = yes
> printcap name = /dev/null
>
> smb ports = 139
> username map = /etc/samba/usermap.txt
>
> [kirash]
> path = /opt/backup/kirash
> comment = Ashley M. Kirchner
> writable = yes
> valid users = kirash
>
>
> On Tue, Apr 22, 2014 at 11:56 AM, Marc Muehlfeld <mmuehlfeld at samba.org>wrote:
>
>> Hello Ashley,
>>
>> Am 22.04.2014 19:45, schrieb Ashley M. Kirchner:
>>
>>> We have an old internal server running samba version 3.2.15 which can't be
>>> upgraded for different reasons. It's been running several passwordless
>>> shares with no problem. Now I'm trying to configure passworded user shares
>>> and not having much luck. I'm wondering if someone can help me diagnose
>>> this:
>>>
>>> In smb.conf I have
>>>
>>> security = user
>>> map to guest = Bad user
>>> ...
>>> username map = /etc/samba/usermap.txt
>>>
>>> The public shares are setup as follows:
>>> [bda]
>>> comment = BDA Files
>>> browseable = yes
>>> writable = yes
>>> path = /opt/bda
>>> guest ok = yes
>>> public = yes
>>> read only = no
>>> force user = nobody
>>> force group = nobody
>>> create mask = 0777
>>> directory mask = 0777
>>> locking = no
>>>
>>> *This all works.*
>>>
>>>
>>> Now for the user shares, I have this:
>>> [kirash]
>>> path = /opt/backup/kirash
>>> comment = Ashley M. Kirchner
>>> writable = yes
>>> valid users = kirash
>>>
>>> The unix user 'kirash' exists.
>>> usermap.txt has a line in it that maps the user as follows:
>>> kirash = AshleyMKirchner
>>>
>>> But when I try to access that share from my client I get access denied.
>>>
>>> Interestingly enough, I have a second samba server with a more recent
>>> version, 3.6.9 to be exact, with the same exact samba configuration and
>>> that DOES WORK. I can access the share, it asks for the user credentials
>>> (as set on that unix server) and I'm able to log in and access that share
>>> just fine.
>>>
>>> So what am I missing on the older server that's causing it to deny access?
>>>
>>> Note: our network does NOT use any kind of directory or other server log
>>> ins. Each client is on their own.
>>>
>>
>> You said the user is existing in unix. But is it also existing in the
>> samba database? As you haven't posted the complete smb.conf, I guess you
>> use tdb. Then have a look at 'smbpasswd' (-e / -a). If Samba uses a
>> different backend, please provide some more details.
>>
>>
>> Regards,
>> Marc
>>
>>
>>
You seem to have lost this line:
map to guest = Bad user
it was in your first post, this is in man smb.conf:
· Bad User - Means user logins with an invalid password are
rejected, unless the username does not exist, in which
case it
is treated as a guest login and mapped into the guest
account.
So, as you don't have any samba users (and provided you don't have any
unix users on the machine that is running samba) all users should be
able to connect.
But then you have the share, where the only valid user is kirash, try
removing this and then adding 'guest ok = yes'
This should work, unless you have missed telling us something.
Rowland
More information about the samba
mailing list