Access to a Samba Share

Posted on 2009-07-11
Last Modified: 2012-05-07

Sorry if this has already been asked before, I've done a search but can't seem to find anything that focuses on the problem I'm experiencing at work.

We have a standalone SLES 10 server, which has a SAMBA share to a folder called RETAIL (/home/retail)  It's used to host an old DOS based program, which also provides telnet access (via DOSEMU) to multiple users.  It's an old stock system by the way.  A second machine has been created to duplicate this setup (in the case of the first one failing) and all was working fine.  The server was moved the other day onto the server shelf, and also to get it attached to a UPS.

However, now our SAMBA share to the RETAIL folder on the second redundant server doesn't work.  Previously browsing to the computer specified using the UNC showed the shares available, and then we could browse into the directory required (or in most cases had mapped drives for each user on the network who required access.)  After moving it, this seems to have stopped working.  Browsing to the server using it's UNC, asks for a password now, which it accepts when we enter the credentials of a user that's under the 'user management' part of YAST.  However trying to browse to the shares now asks for a password yet again, and nothing seems to work.

The contractor who does the majority of our server stuff, set it up using SWAT and I've been into that and re-submitted the settings it has but that hasn't changed anything.  I can confirm that the user we try to connect as (a main administrator account that we IT staff use) does have a user account, belongs to the right groups ('user' and 'retail by the way, the same as on the other server which does work) and that the smbpasswd has been added and enabled for that user.  Seeming as I had access before on my own account aswell, I complete removed it, killed off the smbpasswd entry and then re-added myself from scratch but to no avail.

I've checked the permissions for the RETAIL folder, which seem correct.  The owner is root, and the group is set to retail (which all the users on the server belong to) which has full permissions on the read, write etc... but I can't say that I know if they carry over to the SAMBA protocol for sharing.

I'd include the smb.conf from both servers but I'm at home at the moment.  I'll attach them when I'm next back at work.

Fyi, I'm not a complete Linux idiot but I've had little experience with changing permission on folders etc.  For example, I read in another post with a similar issue about using 'chmod' and had to spend 5 minutes Google'ing it!  So if anyone has an instructions to share, please be verbose :)

Many thanks in advance,
Question by:DaryllH
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5

Author Comment

ID: 24832191
Forgot to say, as reading it back to myself it sounds like I'm saying only 1 user can't access.  I've tested multiple users, and none of the credentials will work anymore.

LVL 14

Expert Comment

ID: 24838424
what does your smb.conf look like.....can you post it here?

Author Comment

ID: 24842487
Sorry not yet, I'm back at work tomorrow so I'll put it on then.
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.


Author Comment

ID: 24847851
Here's both the configuration files.

Lyekkasmb.txt is from the primary server which is working fine
stansmb.txt is from the redundant server which is producing the problem


Author Comment

ID: 24851536
Ok an update

I've rem'd out the following lines from the STAN server:

      valid users = @retail, @admin
      admin users = @admin, @retail
      force group = retail

And now I can get access.  However I'd imagine it's all anonymous, and that doesn't really suit us.  If I un-rem the 'valid users' part, it says "No such group exists" however looking in YAST user and groups, the retail and admin group are blaightently there.  Also all the users that are supposed to have access to the share are part of the RETAIL group.

LVL 19

Accepted Solution

Gabriel Orozco earned 500 total points
ID: 24854564
I see a problem in the [global] area on both servers. they are *very* different. and they are different in the way they manage users and groups. thus it should not surprise you have access problems.

on Lyekkas server, you use LDAP:
      ldap suffix = dc=example,dc=com
      ldap machine suffix = ou=Computers
      ldap idmap suffix = ou=Idmap

While on Stan server you do not. You just need to add the ldap settings in the correct setup to get Stan server back working.

here is a link that can help:

hope that help

Author Comment

ID: 24857504
Hi Redimido,

I saw that before and thought it was just an example text which could be changed, as it's a standalone server and not tied into our eDirectory.  I put the text in, and also un-rem'd the valid users lines but it still came up with the error.  

However leaving the ldap text in and rem'ing the valid users out now only lets people with valid user names, and smbpasswd to access it, so obviously it's doing something I don't understand!

Our external support was in last Tuesday when it broke, so all I can assume is that he change something by accident.

As far as I see it, this is all back to normal now.

Many thanks for your help,

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question