[Samba] What in samba 4.1 prevents a '/' share?

David C. Rankin drankinatty at suddenlinkmail.com
Tue Jan 7 20:50:43 MST 2014

On 01/07/2014 12:23 AM, David C. Rankin wrote:
>   I have captured tcpdump traffic during the mount attempts and they point to
> smb issuing the error, but I'm not that great at reading packet contents, so I'm
> not entirely sure. But basically, after successful AndX session setup (Tree
> Connect AndX Request, Path: \\phoinix\config), the request for \\phoinix\config
> is made and it is found successfully by the server, but then the server response
> with (Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED) The full ASCII
> dump of the packet dissection for the STATUS_ACCESS_DENIED packet is:
> No.     Time        Source                Destination           Protocol Length Info
>      25 3.487933         SMB      105
> Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED

smb gurus,

  I think I have made headway. I pulled another level 10 debug on the connection
attempt and in summary when from any client machine, I try to connect to the '/'
share, the share_access.c:237(user_ok_token) for (user david [me]) is ok for
//phoinix/config, but when samba then attempts the check for user 'root' is
fails with User root not in 'valid users'. Basically a terse summary of the
entries on connect with:

mount.cifs //phoinix/config /mnt/phx-cfg/ -v -o

[2014/01/07 20:32:58.157111,  5, pid=5405, effective(0, 0), real(0, 0)]
  Finding user david


[2014/01/07 20:32:58.158932, 10, pid=5405, effective(0, 0), real(0, 0)]
  user_ok_token: share config is ok for unix user david
[2014/01/07 20:32:58.159036,  5, pid=5405, effective(0, 0), real(0, 0)]
  Finding user root

<big snip>

[2014/01/07 20:32:58.176304, 10, pid=5405, effective(0, 0), real(0, 0)]
  User root not in 'valid users'


[2014/01/07 20:32:58.176620,  3, pid=5405, effective(0, 0), real(0, 0)]
  NT error packet at ../source3/smbd/reply.c(952) cmd=117 (SMBtconX)

  I've put the full log here:


  If anyone has any suggestions, I would appreciate them. Thanks.

David C. Rankin, J.D.,P.E.

More information about the samba mailing list