[Samba] Intermittent permission denied when accessing share

Lorenzo Milesi maxxer at yetopen.it
Mon May 18 13:42:50 UTC 2020

> You missed that using a DC as a fileserver isn't recommended.

It was between the lines of "I followed all the guidelines for doing things correctly in this specific situation" :)

> From reading the samba log, it looks like Samba logons are not working,
> but ldap connections are.

This means Win clients are logging in via LDAP?
Can this be related to the inaccessible shares problem?

>> [homes]
>>          path = /home/CONDIVISI/personali
> No, you do not use 'path =' with '[homes]', change '[homes]' to '[home]'

How will it work then? I cannot find a documentation page on the wiki about [home].

> You say that you ran a workgroup, did your clients leave the workgroup
> before joining the domain ?

I was mistaken, it was a NT4 domain.
But yes we moved the clients from the old to the new domain using Forensit Migration Tool

While doing other maintenance I found krb5-kdc system service being in error. Trying to start throws:
Cannot open DB2 database '/etc/krb5kdc/principal': No such file or directory - while initializing database for realm WDC.MYDOMAIN.IT

Is this a problem? During installation I don't recall any reference to this service, and /etc/krb5.conf doesn't mention this path.

Lorenzo Milesi - lorenzo.milesi at yetopen.it

YetOpen S.r.l. - https://www.yetopen.it/
Via Salerno 18 - 23900 Lecco - ITALY -
Tel +39 0341 220 205 - Fax +39 178 6070 222

Think green - Non stampare questa e-mail se non necessario / Don't print this email unless necessary

-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile.

Confidentiality notice: this email message including any attachment is for the sole use of the intended recipient and may contain confidential and privileged information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or distribution
is prohibited. If you are not the intended recepient please delete this message without copying, printing or forwarding it to others, and alert us as soon as possible.
Thank you.

More information about the samba mailing list