[Samba] About error: 'Windows cannot access, you do not have permission to access'
Rowland Penny
rpenny at samba.org
Thu Dec 29 09:43:05 UTC 2016
On Thu, 29 Dec 2016 00:54:43 +0000
Chenyehua <chen.yehua at h3c.com> wrote:
> Thanks for your attention.
> First, use local users at samba server, and client login success.
>
> [global]
> workgroup = H3C ONESTOR
> server string = %h server (Samba NAS)
> dns proxy = no
> log file = /var/log/samba/log.%m
> max log size = 100000
> log level = 10
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> server role = standalone server
> obey pam restrictions = yes
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes usershare max shares = 100
> usershare allow guests = yes
> clustering = yes
> ctdbd socket = /var/run/ctdb/ctdbd.socket
> max protocol = SMB2
> large readwrite = yes
> idmap config *:range = 1000000-1999999
> use sendfile = yes
> store dos attributes = yes
> acl_xattr:ignore system acls = yes
> aio read size = 1024
> oplocks = no
> deadtime = 10
> aio write behind = true
> socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
> vfs objects = acl_xattr
> load printers = no
> idmap config *:backend = tdb2
> security = user
> idmap config ROOT:range = 2000000-2999999
> idmap config ROOT:backend = rid
> restrict anonymous = 2
>
> then,it changed to use LADP, and restart smbd, so that samba server
> close the connection.
>
> [global]
> workgroup = H3C ONESTOR
> server string = %h server (Samba NAS)
> dns proxy = no
> log file = /var/log/samba/log.%m
> max log size =100000
> log level = 10
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> server role = standalone server
> obey pam restrictions = yes
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes usershare max shares = 100
> usershare allow guests = yes
> clustering = yes
> ctdbd socket = /var/run/ctdb/ctdbd.socket
> max protocol = SMB2
> large readwrite = yes
> idmap config *:range = 1000000-1999999
> use sendfile = yes
> store dos attributes = yes
> acl_xattr:ignore system acls = yes
> aio read size = 1024
> oplocks = no
> deadtime = 10
> aio write behind = true
> socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
> vfs objects = acl_xattr
> load printers = no
> idmap config *:backend = tdb2
> security = user
> idmap config ROOT:range = 2000000-2999999
> idmap config ROOT:backend = rid
> restrict anonymous = 2
> passdb backend = ldapsam:ldap://xxx
> ldap admin dn = "xxx"
> ldap suffix = "xxx"
> ldap delete dn = no
> ldap ssl = off
>
> Now,clent need to re-login because server has closed the connection.
> Then try to access samba and report error:' Windows cannot access,
> you do not have permission to access' I reboot client but it still
> report this error.
>
Lets start with the obvious:
Your workgroup is:
workgroup = H3C ONESTOR
But you are trying to get users for another workgroup:
idmap config ROOT:range = 2000000-2999999
idmap config ROOT:backend = rid
Why ??
Rowland
More information about the samba
mailing list