[Samba] Cannot access shared home directories from linux machine

L.P.H. van Belle belle at bazuin.nl
Thu Jul 3 06:46:16 MDT 2014


i see : 

>other::---  


what are the rights on  
/home	
and 
/home/DOMAIN 

try set it in linux on 755 ( both ) 
and try again. 


Louis

>-----Oorspronkelijk bericht-----
>Van: ea4ml3f at gmx.at [mailto:samba-bounces at lists.samba.org] Namens isofx
>Verzonden: donderdag 3 juli 2014 14:35
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Cannot access shared home directories from 
>linux machine
>
>Hi,
>
>I configured a share for home-directories on my Debian Samba 
>PDC (4.1.9) 
>and connected the share on another linux machine (terminal server) via 
>/etc/fstab:
>
>//192.168.10.51/home    /home/DOMAIN/       cifs 
>credentials=/root/.smbcredentials,iocharset=utf8        0       0
>
>The .smbcredentials file contains the Domain Administrators 
>username/password. The share is mounted successfully, however 
>users can 
>not log into their home directories.
>
>I configured the home share just like explained in the samba wiki 
>(https://wiki.samba.org/index.php/Setting_up_a_home_share).
>I added a demo user "demo" - the respective home-directory was created 
>successfully and the permissions are fine checking from a 
>windows machine.
>
>However, when I try to connect to the terminal server as "demo", this 
>happens:
>
>Could not chdir to home directory /home/DOMAIN/demo: Permission denied
>-bash: /home/DOMAIN/demo/.bash_profile: Permission denied
>demo at ts01:/$
>
>Here's my PDC's smb.conf:
>
>[global]
>         workgroup = DOMAIN
>         realm = DOMAIN.INTERN
>         netbios name = DC01
>         server role = active directory domain controller
>         dns forwarder = 8.8.8.8
>         idmap_ldb:use rfc2307 = yes
>
>         interfaces = lo eth0
>         bind interfaces only = yes
>         log file = /var/log/samba/samba.log
>
>         security = user
>         encrypt passwords = yes
>
>[netlogon]
>         path = /var/lib/samba/sysvol/domain.intern/scripts
>         read only = No
>
>[sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
>
>[home]
>         path = /media/data01/home
>         read only = no
>
>I integrated the terminal server into the domain, authentication via 
>winbind works fine! Here's the terminal servers smb.conf:
>
>[global]
>netbios name = TS01
>server string = TS01
>
>workgroup = DOMAIN
>realm = DOMAIN.INTERN
>
>security = ADS
>local master = no
>preferred master = no
>dns proxy = no
>
>encrypt passwords = true
>kerberos method = secrets and keytab
>
>vfs objects = acl_xattr
>map acl inherit = Yes
>store dos attributes = Yes
>
>winbind use default domain = yes
>winbind enum groups = yes
>winbind enum users = yes
>winbind nss info = rfc2307
>
>map untrusted to domain = no
>
>template homedir = /home/DOMAIN/%U
>template shell = /bin/bash
>
>idmap config * : backend = rid
>idmap config * : range = 10000 - 49999
>idmap uid = 50000 - 100000
>idmap gid = 50000 - 100000
>
>This is the user information for the demo user:
>
>root at ts01:/home/DOMAIN# wbinfo -i demo
>demo:*:51114:50513::/home/DOMAIN/demo:/bin/bash
>
>However this information is not listed in the ACLs of the folder:
>
>root at ts01:/home/DOMAIN# getfacl demo/
># file: demo/
># owner: 3000000
># group: users
>user::rwx
>user:root:rwx
>user:3000002:rwx
>user:3000008:rwx
>user:3000033:rwx
>group::r-x
>group:users:r-x
>group:3000000:rwx
>group:3000002:rwx
>group:3000008:rwx
>group:3000033:rwx
>mask::rwx
>other::---
>default:user::rwx
>default:user:root:rwx
>default:user:3000000:rwx
>default:user:3000002:rwx
>default:user:3000008:rwx
>default:user:3000033:rwx
>default:group::r--
>default:group:users:r--
>default:group:3000000:rwx
>default:group:3000002:rwx
>default:group:3000008:rwx
>default:group:3000033:rwx
>default:mask::rwx
>default:other::---
>
>This is my first try of configuring a domain using samba - I'm 
>grateful 
>for any hints in the right direction!
>
>Best regards,
>
>Rainhard
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>



More information about the samba mailing list