samba 3.5 "force user" doesn't seem to be sticking
Posted
by
myCubeIsMyCell
on Super User
See other posts from Super User
or by myCubeIsMyCell
Published on 2012-11-30T04:35:47Z
Indexed on
2012/11/30
5:09 UTC
Read the original article
Hit count: 438
After installing a new OS with newer version of samba, I'm having trouble accessing my shares. I can browse to the specific share, but only to the top level. As best I can tell from the logs, it seems the "force user" in the samba config isn't sticking beyond the initial connection. Details below.
I installed a new version of CentOS on my storage server. My old CentOS (4?)install had samba version 3.0.33, new CentOS is using 3.5.10. No domain/AD involved ... just home workgroup. no real security... just some shares hidden & some defined as read-only. here's my config:
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
netbios name = luna
security = share
# logs split per machine
log file = /var/log/samba/log.%m
log level = 2
# max 50KB per log file, then rotate
max log size = 50
winbind use default domain = Yes
[strge]
comment = please
path = /storage
browseable = yes
read only = no
force user = windowsguest
force group = users
guest ok = yes
So... the problem I'm running into is that the 'force user' only seems to hold for the initial connection & I see all the top level folders fine. When I drill into a folder I get access denied - which appears to be due to my windows user info being sent (trys to authenticate xuser - a non-existant user to samba, so maps to nobody & fails). Here's the smb error msg:
[2012/11/29 14:30:27.326195, 2] auth/auth.c:314(check_ntlm_password)
check_ntlm_password: Authentication for user [xuser] -> [xuser] FAILED with error NT_STATUS_NO_SUCH_USER
[2012/11/29 14:30:27.326251, 2] auth/auth.c:314(check_ntlm_password)
check_ntlm_password: Authentication for user [nobody] -> [nobody] FAILED with error NT_STATUS_NO_SUCH_USER
Most of the top level directories are 755, some 777. Either way, can not access them. If I do a chown -R windowsguest.users ... no change... but if I do a chmod -R to 777 or 755 they become browsable... but still can't create files (even for 777 ones).
Not sure what role it plays if any... but had to recreate the user windowsguest under the new os install, uid & gid match old user.
Seems the main issue as far as I can tell is that samba isn't maintaining the 'force user' - but I could be wildly off base.
Client OS is win7 pro x64.
Thanks for any suggestions or advice!
© Super User or respective owner