[Samba] samba-4.12.9 standalone server : problems with one user only
Stefan G. Weichinger
lists at xunil.at
Tue Apr 27 11:03:24 UTC 2021
I could need some brainstorming here.
I run a samba-server at a customer for many years now.
That server started in the days of samba-3.0.x, maybe even 2.x ... would
have to research.
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
log file = /var/log/samba/%M.log
logon home =
logon path =
max log size = 100000
username map = /etc/samba/smbusers
usershare allow guests = Yes
workgroup = SOMEGROUP
idmap config * : backend = tdb
veto files = /.Trash/
create mask = 0775
directory mask = 0775
force group = users
path = /mnt/revision
read only = No
valid users = sgw user1 user2 [..]
vfs objects = full_audit
recycle:directory_mode = 770
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .Trash
full_audit:failure = all
full_audit:success = all
full_audit:priority = NOTICE
full_audit:facility = LOCAL5
As you see, I disabled vfs_recycle some time ago (we had a thread around
that topic), so as far as I see only vfs_full_audit is enabled.
No Windows ACLs, no recycle-bin.
There are n= ~6 users, all local, created by smbpasswd.
They all access that server through thin clients, from office or via
VPNs from home office.
n-1 users have no issues. Permissions ok, connecting to two shares
("share1" and their $home) works OK. For months now.
They all have their .bat-file on the desktop, with the well-known:
net use x: /DEL /Y
net use y: /DEL /Y
net use x: \\\\samba\\share1 /user:SOMEGROUP\%benutzer% /persistent:no
net use y: \\\\samba\\%benutzer% /user:SOMEGROUP\%benutzer% /persistent:no
We have to use that because the upstream (think "hostile") company IT
doesn't roll that out via GPOs or so.
That *works* for yrs now.
One user has issues all the time over the last months.
Sometimes one drive connects, and the second fails (with "wrong
password" ... how could that be? same user/pw for all shares)
Now she gets some error mentioning quotas. We don't have quotas enabled,
at least I am not aware of.
I can access the share from my (linux) PC with her credentials, access
and create files and folders.
Is it possible that something has been messed up in her user-profile on
the terminal server she works from?
I can only imagine something is different for her user.
somehow the offline synchronisation was enabled in her session,
sometimes her windows toggles the drive to "offline" ...
Disabling that needs the domain-admin, which I have no access to.
To me it looks as if it's a problem on the client, or in her user profile.
Would it make any sense to recreate her samba-user on the samba-server?
new IDs or so ... ?
Yes, I could upgrade samba itself as well. So far I run 4.12.9 as it
works for the others, and is the "stable package" in Gentoo Linux (the
server runs gentoo).
thanks for any thoughts on this, the user is quite frustrated already
and the upstream support begins to reply with "the server isn't
administrated by us ... "
More information about the samba