[Samba] NT_STATUS_ACCESS_DENIED listing \* on Samba AD - out of the blue
s.arcus at open-t.co.uk
Mon Mar 12 16:10:59 UTC 2018
On 12/03/18 14:28, Rowland Penny via samba wrote:
> On Mon, 12 Mar 2018 13:17:19 +0000
> Sebastian Arcus via samba <samba at lists.samba.org> wrote:
>> On 12/03/18 12:56, Rowland Penny via samba wrote:
>>> I don't think this is your main problem though, did the problem
>>> start after a windows update ?
>>> I think your clients are possibly trying to connect with NTLMv2
>> If that was the case, shouldn't smbclient continue to work? I can't
>> list the contents of the shares even using smbclient.
> OK, I ran some tests on one of my DCs:
I feel like a complete idiot. My Samba shares are under /srv/samba, and
after 8 hours of troubleshooting, I discovered that /srv was missing the
execute bit for 'other' - so regular users didn't have the permission to
traverse the tree any more. Friday towards the end of the day I must
have copied something under /srv, which unbeknownst to me, reset the
permissions on /srv. From that moment on all regular users lost access
to their shares. I can't believe I have pretty much taken this server
apart, upgraded and downgraded kernels, upgraded and downgraded Samba
packages and did all sorts of troubleshooting - yet I never spotted the
missing permissions! It is true the the /srv/samba path was never
explicitly mentioned in the logs, but still - I am sorry for the noise.
Thank for all the suggestions in the message above.
More information about the samba