[Samba] 答复: About error: 'Windows cannot access, you do not have permission to access'
Chenyehua
chen.yehua at h3c.com
Thu Dec 29 00:54:43 UTC 2016
Thanks for your attention.
First, use local users at samba server, and client login success.
[global]
workgroup = H3C ONESTOR
server string = %h server (Samba NAS)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 100000
log level = 10
syslog = 0
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
usershare max shares = 100
usershare allow guests = yes
clustering = yes
ctdbd socket = /var/run/ctdb/ctdbd.socket
max protocol = SMB2
large readwrite = yes
idmap config *:range = 1000000-1999999
use sendfile = yes
store dos attributes = yes
acl_xattr:ignore system acls = yes
aio read size = 1024
oplocks = no
deadtime = 10
aio write behind = true
socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
vfs objects = acl_xattr
load printers = no
idmap config *:backend = tdb2
security = user
idmap config ROOT:range = 2000000-2999999
idmap config ROOT:backend = rid
restrict anonymous = 2
then,it changed to use LADP, and restart smbd, so that samba server close the connection.
[global]
workgroup = H3C ONESTOR
server string = %h server (Samba NAS)
dns proxy = no
log file = /var/log/samba/log.%m
max log size =100000
log level = 10
syslog = 0
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
usershare max shares = 100
usershare allow guests = yes
clustering = yes
ctdbd socket = /var/run/ctdb/ctdbd.socket
max protocol = SMB2
large readwrite = yes
idmap config *:range = 1000000-1999999
use sendfile = yes
store dos attributes = yes
acl_xattr:ignore system acls = yes
aio read size = 1024
oplocks = no
deadtime = 10
aio write behind = true
socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
vfs objects = acl_xattr
load printers = no
idmap config *:backend = tdb2
security = user
idmap config ROOT:range = 2000000-2999999
idmap config ROOT:backend = rid
restrict anonymous = 2
passdb backend = ldapsam:ldap://xxx
ldap admin dn = "xxx"
ldap suffix = "xxx"
ldap delete dn = no
ldap ssl = off
Now,clent need to re-login because server has closed the connection. Then try to access samba and report error:' Windows cannot access, you do not have permission to access'
I reboot client but it still report this error.
-----邮件原件-----
发件人: samba [mailto:samba-bounces at lists.samba.org] 代表 Rowland Penny via samba
发送时间: 2016年12月27日 21:59
收件人: samba at lists.samba.org
主题: Re: [Samba] About error: 'Windows cannot access, you do not have permission to access'
On Tue, 27 Dec 2016 13:34:24 +0000
Chenyehua via samba <samba at lists.samba.org> wrote:
> HI
> I have a linux samba server and lists users at this server. and access
> the folder from the windows7 client. Now i configure a LDAP sever and
> let samba to use it . But I don’t want clients keeping the connection
> because I have changed the authentication,clinets need to re-login. So
> I restart smbd. and it works. Then,let clients reconnect to samba, but
> it report errors: Windows cannot access \\xxxxxx<file:///\\xxxxxx> You
> do not have permission to access \\xxxxx<file:///\\xxxxx>.... From
> server’ log, the client login with old user and password which saved
> by last time success login. But why the client can’t tell the wrong
> user or password,and it need to be re-login. From google,I know
> restart service->workstation it can be useful to re-login.but it’s not
> kind to user or client. Is there any helpful parameter in smb.comf to
> avoid the errors and client can reconnect without any operations such
> as restart workstation. Or someone can tell me why client report this
> error.
>
> Hope someone help, Thanks!
I am sorry, but I think from the little amount of info you have given, it is virtually impossible to decide what is wrong. You will have to give us a lot more info, lets start with the smb.conf
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
-------------------------------------------------------------------------------------------------------------------------------------
本邮件及其附件含有杭州华三通信技术有限公司的保密信息,仅限于发送给上面地址中列出
的个人或群组。禁止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、
或散发)本邮件中的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本
邮件!
This e-mail and its attachments contain confidential information from H3C, which is
intended only for the person or entity whose address is listed above. Any use of the
information contained herein in any way (including, but not limited to, total or partial
disclosure, reproduction, or dissemination) by persons other than the intended
recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender
by phone or email immediately and delete it!
More information about the samba
mailing list