[Samba] Access to shares is denied after upgrading from 3.6.3 (openSUSE 12.1) to 4.1.17 (openSUSE 13.2)
L.P.H. van Belle
belle at bazuin.nl
Fri Mar 20 04:04:53 MDT 2015
can you try this also
copy past it, but set the admin pass fist.
then whats the output.
SAMBA_NT_ADMIN_PASS="PUT_YOUR-ADMINISTRATOR_PASSWORD_HERE"
SETFQDN=`hostname -f`
echo "NT Authentication test"
echo ${SAMBA_NT_ADMIN_PASS}| smbclient //localhost/netlogon -U Administrator -c 'ls'
echo "Kerberos Authentication"
echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
kdestroy
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: rowlandpenny at googlemail.com
>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: vrijdag 20 maart 2015 10:34
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Access to shares is denied after
>upgrading from 3.6.3 (openSUSE 12.1) to 4.1.17 (openSUSE 13.2)
>
>On 20/03/15 06:11, Reinhard Nißl wrote:
>> Hi Marc,
>>
>> Am 19.03.2015 um 22:53 schrieb Marc Muehlfeld:
>>
>>> Am 19.03.2015 um 14:35 schrieb Nissl Reinhard:
>>>> When I try to access share \\platon\root<file:///\\platon\root> as
>>>> fee\administrator I get the following:
>>>>
>>>> platon:~ # smbclient -c dir -W fee -U administrator%secret
>>>> //platon/root
>>>> Domain=[FEE] OS=[Unix] Server=[Samba
>>>> 4.1.17-5.1-3375-SUSE-oS13.2-x86_64]
>>>> tree connect failed: NT_STATUS_ACCESS_DENIED
>>>> platon:~ #
>>>
>>> We need some information about your environment to help:
>>> - smb.conf (global + share configuration)
>>
>> see below, was already part of my other email.
>>
>>> - PDC/DC/Member
>>
>> Member
>>
>>> - If member: in an AD or NT4 domain
>>
>> AD
>>
>>> - Does samba have it's databases (secrets.tdb and
>LOCK|STATE|CACHEDIR)
>>> in the same places like it was on the old installation? Or are the
>>> databases copied to the right, expected location?
>>
>> I hadn't configured anything special on the old system. Cannot tell
>> what openSUSE actually changed during the update.
>>
>> At least find / -name secrets.tdb found that file here:
>> /etc/samba/secrets.tdb
>>
>>> - etc.
>>
>> cannot supply that kind of information ;-)
>>
>> Thanks in advance.
>>
>> Bye.
>> --
>> Reinhard Nißl, TB3, -198
>>
>>> ---8<---8<---8<---8<---8<---8<--- smbusers
>>> ---8<---8<---8<---8<---8<---8<---
>>>
>>> # This file allows you to map usernames from the clients to
>the server.
>>> # Unix_name = SMB_name1 SMB_name2 ...
>>> #
>>> # See section 'username map' in the manual page of smb.conf for more
>>> # information.
>>> #
>>> # This file is _not_ included in the default configuration as it
>>> makes the
>>> # usage of an user named administrator impossible.
>>>
>>> #root = administrator
>>> #;nobody = guest pcguest smbguest
>>>
>>> !root =
>>>
>fee\backup,fee\administrator,fee\markus.ni,fee\chris.we,fee\rai
>ner.sc,fee\juergen.ju
>>>
>>> ---8<---8<---8<---8<---8<---8<--- smb.conf
>>> ---8<---8<---8<---8<---8<---8<---
>>>
>>> # smb.conf is the main Samba configuration file. You find a full
>>> commented
>>> # version at
>/usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
>>> # samba-doc package is installed.
>>> # Date: 2012-05-02
>>> [global]
>>> workgroup = FEE
>>> realm = FEE.DE
>>> netbios name = PLATON
>>> server string = Web- und Internet-Mail-Server
>>> interfaces = 10.73.0.6/255.255.0.0
>>> bind interfaces only = Yes
>>> # security = DOMAIN
>>> security = ADS
>>> encrypt passwords = Yes
>>> passdb backend = tdbsam
>>> password server = feesv1 svar1
>>> username map = /etc/samba/smbusers
>>> name resolve order = wins hosts
>>> # read size = 65535
>>> # character set = ISO8859-1
>>> os level = 0
>>> local master = No
>>> wins server = 10.73.0.7 10.73.0.21
>>>
>>> guest ok = Yes
>>> hide dot files = No
>>>
>>> # winbind separator = +
>>> winbind cache time = 10
>>> template shell = /bin/false
>>> template homedir = /tmp
>>> winbind uid = 10000-20000
>>> winbind gid = 10000-20000
>>> winbind use default domain = yes
>>> # winbind nested groups = yes
>>> # auth methods = winbind
>>> winbind enum users = yes
>>> winbind enum groups = yes
>>> winbind expand groups = 1
>>> deadtime = 1
>>>
>>> load printers = no
>>> printing = bsd
>>>
>>> [web]
>>> comment = Web-Konfiguration
>>> path = /data/web
>>> valid users =
>>>
>@webadmin,fee\gabi,fee\franz.la,fee\hans,fee\eva.gi,fee\robert.
>lo,fee\peter.me,fee\chris.sch,fee\jeremy.pr
>>> write list =
>>>
>@webadmin,fee\gabi,fee\franz.la,fee\hans,fee\eva.gi,fee\robert.
>lo,fee\peter.me,fee\chris.sch,fee\jeremy.pr
>>>
>>> force group = webadmin
>>> create mask = 0664
>>> # security mask = 0664
>>> force create mode = 0664
>>> # force security mode = 0664
>>> directory mask = 0775
>>> # directory security mask = 0775
>>> force directory mode = 0775
>>> # force directory security mode = 0775
>>>
>>> writeable = Yes
>>> guest ok = No
>>>
>>> [webTest]
>>> comment = Web-Konfiguration
>>> path = /data/web/webTest
>>> valid users =
>@webadmin,fee\gabi,fee\franz.la,fee\hans,fee\johann.fl
>>> write list =
>@webadmin,fee\gabi,fee\franz.la,fee\hans,fee\johann.fl
>>>
>>> force group = webadmin
>>> create mask = 0664
>>> # security mask = 0664
>>> force create mode = 0664
>>> # force security mode = 0664
>>> directory mask = 0775
>>> # directory security mask = 0775
>>> force directory mode = 0775
>>> # force directory security mode = 0775
>>>
>>> writeable = Yes
>>> guest ok = No
>>>
>>> [FactWork]
>>> comment = FactWork-Downloadportal
>>> path = /web/Fee/download/factwork
>>> valid users =
>>> @webadmin,fee\gabi, at fee\g_tb3,fee\administrator,fee\svtb3$
>>> write list = @webadmin,fee\gabi, at fee\g_tb3,fee\administrator
>>>
>>> force group = webadmin
>>> create mask = 0664
>>> # security mask = 0664
>>> force create mode = 0664
>>> # force security mode = 0664
>>> directory mask = 0775
>>> # directory security mask = 0775
>>> force directory mode = 0775
>>> # force directory security mode = 0775
>>>
>>> writeable = Yes
>>> guest ok = No
>>>
>>> [root]
>>> comment = Root-Verzeichnis
>>> path = /
>>> valid users = root
>>> write list = root
>>> writeable = Yes
>>> guest ok = No
>>>
>>> [sms]
>>> comment = sms-Mailverzeichnis
>>> path = /var/spool/mail
>>> valid users = root
>>> write list = root
>>> writeable = Yes
>>> guest ok = No
>>>
>>> [spamMail]
>>> comment = Spam Mail
>>> path = /data/spamMail
>>> valid users = root,webadmin
>>> write list = root,webadmin
>>>
>>> force user = root
>>> force group = root
>>> create mask = 0600
>>> # security mask = 0600
>>> force create mode = 0600
>>> # force security mode = 0600
>>> directory mask = 0755
>>> # directory security mask = 0755
>>> force directory mode = 0755
>>> # force directory security mode = 0755
>>>
>>> writeable = No
>>> guest ok = No
>>>
>>> root preexec = /root/bin/updateSpamMail
>>>
>>> [spamlog]
>>> comment = spamlog
>>> path = /var/spool/mail
>>> valid users = root
>>> write list = root
>>>
>>> force user = root
>>> force group = root
>>> create mask = 0600
>>> # security mask = 0600
>>> force create mode = 0600
>>> # force security mode = 0600
>>> directory mask = 0755
>>> # directory security mask = 0755
>>> force directory mode = 0755
>>> # force directory security mode = 0755
>>>
>>> writeable = Yes
>>> guest ok = No
>>>
>>> [mqueue]
>>> comment = Mail-Queue
>>> path = /var/spool/mqueue
>>> valid users = root,webadmin
>>> write list = root,webadmin
>>>
>>> force user = root
>>> force group = root
>>> create mask = 0600
>>> # security mask = 0600
>>> force create mode = 0600
>>> # force security mode = 0600
>>> directory mask = 0755
>>> # directory security mask = 0755
>>> force directory mode = 0755
>>> # force directory security mode = 0755
>>>
>>> writeable = Yes
>>> guest ok = No
>>>
>>>
>>>
>>
>
>I do not think that you are going to get any further help
>until you post
>your smb.conf
>
>Rowland
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list