[Samba] About error: 'Windows cannot access, you do not have permission to access'
L.P.H. van Belle
belle at bazuin.nl
Fri Dec 30 08:31:20 UTC 2016
>
> Lets start with the obvious:
>
> Your workgroup is:
>
> workgroup = H3C ONESTOR
>
> But you are trying to get users for another workgroup:
>
> idmap config ROOT:range = 2000000-2999999
> idmap config ROOT:backend = rid
>
> Why ??
>
> Rowland
>
You missed.. ;-)
workgroup = H3C ONESTOR
Spaces in workgroup names is not allowed, only alphanumeric characters.
https://msdn.microsoft.com/en-us/library/dd891456.aspx
a space is NOT an alphanumeric character.
So change that to (suggesting):
workgroup = H3C-ONESTOR
and a good thing to read :
Naming conventions in Active Directory for computers, domains, sites & OUs.
https://support.microsoft.com/en-us/kb/909264
Then change these to something like
> > idmap config *:backend = tdb2
> > idmap config *:range = 1000000-1999999
> > idmap config H3C-ONESTOR:range = 2000000-2999999
> > idmap config H3C-ONESTOR:backend = rid
Now as of this point try again.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny via
> samba
> Verzonden: donderdag 29 december 2016 10:43
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] About error: 'Windows cannot access, you do not
> have permission to access'
>
> On Thu, 29 Dec 2016 00:54:43 +0000
> Chenyehua <chen.yehua at h3c.com> wrote:
>
> > Thanks for your attention.
> > First, use local users at samba server, and client login success.
> >
> > [global]
> > workgroup = H3C ONESTOR
> > server string = %h server (Samba NAS)
> > dns proxy = no
> > log file = /var/log/samba/log.%m
> > max log size = 100000
> > log level = 10
> > syslog = 0
> > panic action = /usr/share/samba/panic-action %d
> > server role = standalone server
> > obey pam restrictions = yes
> > unix password sync = yes
> > passwd program = /usr/bin/passwd %u
> > passwd chat = *Enter\snew\s*\spassword:* %n\n
> > *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> > pam password change = yes usershare max shares = 100
> > usershare allow guests = yes
> > clustering = yes
> > ctdbd socket = /var/run/ctdb/ctdbd.socket
> > max protocol = SMB2
> > large readwrite = yes
> > idmap config *:range = 1000000-1999999
> > use sendfile = yes
> > store dos attributes = yes
> > acl_xattr:ignore system acls = yes
> > aio read size = 1024
> > oplocks = no
> > deadtime = 10
> > aio write behind = true
> > socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
> > vfs objects = acl_xattr
> > load printers = no
> > idmap config *:backend = tdb2
> > security = user
> > idmap config ROOT:range = 2000000-2999999
> > idmap config ROOT:backend = rid
> > restrict anonymous = 2
> >
> > then???it changed to use LADP, and restart smbd, so that samba server
> > close the connection.
> >
> > [global]
> > workgroup = H3C ONESTOR
> > server string = %h server (Samba NAS)
> > dns proxy = no
> > log file = /var/log/samba/log.%m
> > max log size =100000
> > log level = 10
> > syslog = 0
> > panic action = /usr/share/samba/panic-action %d
> > server role = standalone server
> > obey pam restrictions = yes
> > unix password sync = yes
> > passwd program = /usr/bin/passwd %u
> > passwd chat = *Enter\snew\s*\spassword:* %n\n
> > *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> > pam password change = yes usershare max shares = 100
> > usershare allow guests = yes
> > clustering = yes
> > ctdbd socket = /var/run/ctdb/ctdbd.socket
> > max protocol = SMB2
> > large readwrite = yes
> > idmap config *:range = 1000000-1999999
> > use sendfile = yes
> > store dos attributes = yes
> > acl_xattr:ignore system acls = yes
> > aio read size = 1024
> > oplocks = no
> > deadtime = 10
> > aio write behind = true
> > socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
> > vfs objects = acl_xattr
> > load printers = no
> > idmap config *:backend = tdb2
> > security = user
> > idmap config ROOT:range = 2000000-2999999
> > idmap config ROOT:backend = rid
> > restrict anonymous = 2
> > passdb backend = ldapsam:ldap://xxx
> > ldap admin dn = "xxx"
> > ldap suffix = "xxx"
> > ldap delete dn = no
> > ldap ssl = off
> >
> > Now???clent need to re-login because server has closed the connection.
> > Then try to access samba and report error:' Windows cannot access,
> > you do not have permission to access' I reboot client but it still
> > report this error.
> >
>
> Lets start with the obvious:
>
> Your workgroup is:
>
> workgroup = H3C ONESTOR
>
> But you are trying to get users for another workgroup:
>
> idmap config ROOT:range = 2000000-2999999
> idmap config ROOT:backend = rid
>
> Why ??
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list