Access to a Samba Share


Sorry if this has already been asked before, I've done a search but can't seem to find anything that focuses on the problem I'm experiencing at work.

We have a standalone SLES 10 server, which has a SAMBA share to a folder called RETAIL (/home/retail)  It's used to host an old DOS based program, which also provides telnet access (via DOSEMU) to multiple users.  It's an old stock system by the way.  A second machine has been created to duplicate this setup (in the case of the first one failing) and all was working fine.  The server was moved the other day onto the server shelf, and also to get it attached to a UPS.

However, now our SAMBA share to the RETAIL folder on the second redundant server doesn't work.  Previously browsing to the computer specified using the UNC showed the shares available, and then we could browse into the directory required (or in most cases had mapped drives for each user on the network who required access.)  After moving it, this seems to have stopped working.  Browsing to the server using it's UNC, asks for a password now, which it accepts when we enter the credentials of a user that's under the 'user management' part of YAST.  However trying to browse to the shares now asks for a password yet again, and nothing seems to work.

The contractor who does the majority of our server stuff, set it up using SWAT and I've been into that and re-submitted the settings it has but that hasn't changed anything.  I can confirm that the user we try to connect as (a main administrator account that we IT staff use) does have a user account, belongs to the right groups ('user' and 'retail by the way, the same as on the other server which does work) and that the smbpasswd has been added and enabled for that user.  Seeming as I had access before on my own account aswell, I complete removed it, killed off the smbpasswd entry and then re-added myself from scratch but to no avail.

I've checked the permissions for the RETAIL folder, which seem correct.  The owner is root, and the group is set to retail (which all the users on the server belong to) which has full permissions on the read, write etc... but I can't say that I know if they carry over to the SAMBA protocol for sharing.

I'd include the smb.conf from both servers but I'm at home at the moment.  I'll attach them when I'm next back at work.

Fyi, I'm not a complete Linux idiot but I've had little experience with changing permission on folders etc.  For example, I read in another post with a similar issue about using 'chmod' and had to spend 5 minutes Google'ing it!  So if anyone has an instructions to share, please be verbose :)

Many thanks in advance,
Who is Participating?
Gabriel OrozcoConnect With a Mentor Solution ArchitectCommented:
I see a problem in the [global] area on both servers. they are *very* different. and they are different in the way they manage users and groups. thus it should not surprise you have access problems.

on Lyekkas server, you use LDAP:
      ldap suffix = dc=example,dc=com
      ldap machine suffix = ou=Computers
      ldap idmap suffix = ou=Idmap

While on Stan server you do not. You just need to add the ldap settings in the correct setup to get Stan server back working.

here is a link that can help:

hope that help
DaryllHAuthor Commented:
Forgot to say, as reading it back to myself it sounds like I'm saying only 1 user can't access.  I've tested multiple users, and none of the credentials will work anymore.

what does your smb.conf look like.....can you post it here?
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

DaryllHAuthor Commented:
Sorry not yet, I'm back at work tomorrow so I'll put it on then.
DaryllHAuthor Commented:
Here's both the configuration files.

Lyekkasmb.txt is from the primary server which is working fine
stansmb.txt is from the redundant server which is producing the problem

DaryllHAuthor Commented:
Ok an update

I've rem'd out the following lines from the STAN server:

      valid users = @retail, @admin
      admin users = @admin, @retail
      force group = retail

And now I can get access.  However I'd imagine it's all anonymous, and that doesn't really suit us.  If I un-rem the 'valid users' part, it says "No such group exists" however looking in YAST user and groups, the retail and admin group are blaightently there.  Also all the users that are supposed to have access to the share are part of the RETAIL group.

DaryllHAuthor Commented:
Hi Redimido,

I saw that before and thought it was just an example text which could be changed, as it's a standalone server and not tied into our eDirectory.  I put the text in, and also un-rem'd the valid users lines but it still came up with the error.  

However leaving the ldap text in and rem'ing the valid users out now only lets people with valid user names, and smbpasswd to access it, so obviously it's doing something I don't understand!

Our external support was in last Tuesday when it broke, so all I can assume is that he change something by accident.

As far as I see it, this is all back to normal now.

Many thanks for your help,
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.