[Samba] change_to_user_impersonate
Epsilon Minus
theepsilonminus at gmail.com
Thu Sep 9 18:06:04 UTC 2021
El jue, 9 sept 2021 a las 11:45, Epsilon Minus
(<theepsilonminus at gmail.com>) escribió:
>
> Hi
>
> I have a problem with a samba as a member. When I want to access the
> folders with "normal users" it returns the following error.
>
> If I access with a Domain Admin user I can access without problem, and
> the strangest thing. At that moment I can access with the "normal
> user" only 1 time.
>
> Can you think what can it be?
>
> Thank you very much!
>
> This is the log when I can't log in with the normal user.
>
> [2021/09/09 14:33:51.268913, 4] ../../source3/smbd/vfs.c:805(vfs_ChDir)
> vfs_ChDir to /srv/samba/sistemas
> [2021/09/09 14:33:51.268968, 3]
> ../../source3/smbd/service.c:155(chdir_current_service)
> chdir (/srv/samba/sistemas) failed, reason: Permission denied
> [2021/09/09 14:33:51.269013, 0]
> ../../source3/smbd/uid.c:448(change_to_user_internal)
> change_to_user_internal: chdir_current_service() failed!
> [2021/09/09 14:33:51.269106, 3]
> ../../source3/smbd/smb2_server.c:3254(smbd_smb2_request_error_ex)
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_ACCESS_DENIED] || at
> ../../source3/smbd/smb2_server.c:2552
> [2021/09/09 14:33:51.274299, 5]
> ../../source3/smbd/uid.c:326(change_to_user_impersonate)
> change_to_user_impersonate: Skipping user change - already user
> [2021/09/09 14:33:51.274396, 4] ../../source3/smbd/vfs.c:805(vfs_ChDir)
> vfs_ChDir to /srv/samba/sistemas
> [2021/09/09 14:33:51.274445, 3]
> ../../source3/smbd/service.c:155(chdir_current_service)
> chdir (/srv/samba/sistemas) failed, reason: Permission denied
> [2021/09/09 14:33:51.274487, 0]
> ../../source3/smbd/uid.c:448(change_to_user_internal)
> change_to_user_internal: chdir_current_service() failed!
> [2021/09/09 14:33:51.274569, 3]
> ../../source3/smbd/smb2_server.c:3254(smbd_smb2_request_error_ex)
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_ACCESS_DENIED] || at
> ../../source3/smbd/smb2_server.c:2552
> [2021/09/09 14:33:51.296796, 5]
> ../../source3/smbd/uid.c:326(change_to_user_impersonate)
> change_to_user_impersonate: Skipping user change - already user
> [2021/09/09 14:33:51.296890, 4] ../../source3/smbd/vfs.c:805(vfs_ChDir)
> vfs_ChDir to /srv/samba/sistemas
> [2021/09/09 14:33:51.296939, 3]
> ../../source3/smbd/service.c:155(chdir_current_service)
> chdir (/srv/samba/sistemas) failed, reason: Permission denied
> [2021/09/09 14:33:51.296980, 0]
> ../../source3/smbd/uid.c:448(change_to_user_internal)
> change_to_user_internal: chdir_current_service() failed!
> [2021/09/09 14:33:51.297061, 3]
> ../../source3/smbd/smb2_server.c:3254(smbd_smb2_request_error_ex)
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_ACCESS_DENIED] || at
> ../../source3/smbd/smb2_server.c:2552
> [2021/09/09 14:33:51.307922, 5]
> ../../source3/smbd/uid.c:326(change_to_user_impersonate)
> change_to_user_impersonate: Skipping user change - already user
>
>
> smb.conf
>
> cat /etc/samba/smb.conf
> [global]
> security = ADS
> workgroup = LAN
> realm = LAN.GLAUX
> log file = /var/log/samba/%m.log
> log level = 5
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config LAN : backend = rid
> idmap config LAN : range = 10000-999999
> username map = /etc/samba/user.map
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
>
> [sistemas]
> path=/srv/samba/sistemas
> read only = no
The problem was very simple. In the parent folder where I had the
Samba shares there were no permissions to execute. They could not
access the folder.
The strange thing is that under certain conditions they could access
it. By adding read and execute to the parent folder where the samba
shared started to work.
It is fixed. I still found the behavior a little strange.
Regards.
More information about the samba
mailing list