[Samba] samba-4.12.9 standalone server : problems with one user only
Rowland penny
rpenny at samba.org
Tue Apr 27 11:14:10 UTC 2021
On 27/04/2021 12:03, Stefan G. Weichinger via samba wrote:
>
> I could need some brainstorming here.
>
> I run a samba-server at a customer for many years now.
>
> That server started in the days of samba-3.0.x, maybe even 2.x ...
> would have to research.
>
> It's standalone:
>
> # testparm
>
> Load smb config files from /etc/samba/smb.conf
>
> Loaded services file OK.
>
> Server role: ROLE_STANDALONE
>
>
>
> Press enter to see a dump of your service definitions
>
>
>
> # Global parameters
>
> [global]
>
> log file = /var/log/samba/%M.log
>
> logon home =
>
> logon path =
>
> max log size = 100000
>
> username map = /etc/samba/smbusers
>
> usershare allow guests = Yes
>
> workgroup = SOMEGROUP
>
> idmap config * : backend = tdb
>
> veto files = /.Trash/
>
>
>
>
>
> [share1]
>
> comment =
>
> create mask = 0775
>
> directory mask = 0775
>
> force group = users
>
> path = /mnt/revision
>
> read only = No
>
> valid users = sgw user1 user2 [..]
> vfs objects = full_audit
>
> recycle:directory_mode = 770
>
> recycle:versions = yes
>
> recycle:keeptree = yes
>
> recycle:repository = .Trash
>
> full_audit:failure = all
>
> full_audit:success = all
>
> full_audit:priority = NOTICE
>
> full_audit:facility = LOCAL5
>
> -
>
> As you see, I disabled vfs_recycle some time ago (we had a thread
> around that topic), so as far as I see only vfs_full_audit is enabled.
>
> No Windows ACLs, no recycle-bin.
>
> -
>
> There are n= ~6 users, all local, created by smbpasswd.
>
> They all access that server through thin clients, from office or via
> VPNs from home office.
>
> n-1 users have no issues. Permissions ok, connecting to two shares
> ("share1" and their $home) works OK. For months now.
>
> They all have their .bat-file on the desktop, with the well-known:
>
> net use x: /DEL /Y
>
> net use y: /DEL /Y
>
> net use x: \\\\samba\\share1 /user:SOMEGROUP\%benutzer% /persistent:no
>
> net use y: \\\\samba\\%benutzer% /user:SOMEGROUP\%benutzer%
> /persistent:no
>
> We have to use that because the upstream (think "hostile") company IT
> doesn't roll that out via GPOs or so.
>
> That *works* for yrs now.
>
> -
>
> One user has issues all the time over the last months.
>
> Sometimes one drive connects, and the second fails (with "wrong
> password" ... how could that be? same user/pw for all shares)
>
> Now she gets some error mentioning quotas. We don't have quotas
> enabled, at least I am not aware of.
>
> I can access the share from my (linux) PC with her credentials, access
> and create files and folders.
>
> -
>
> Is it possible that something has been messed up in her user-profile
> on the terminal server she works from?
>
> I can only imagine something is different for her user.
>
> Another observation:
>
> somehow the offline synchronisation was enabled in her session,
> sometimes her windows toggles the drive to "offline" ...
>
> Disabling that needs the domain-admin, which I have no access to.
>
> -
>
> To me it looks as if it's a problem on the client, or in her user
> profile.
>
> Would it make any sense to recreate her samba-user on the samba-server?
>
> new IDs or so ... ?
>
>
One problem I see, testparm isn't reporting the '[homes]' share.
Rowland
More information about the samba
mailing list