Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Access to a Samba Share

Posted on 2009-07-11
Medium Priority
Last Modified: 2012-05-07

Sorry if this has already been asked before, I've done a search but can't seem to find anything that focuses on the problem I'm experiencing at work.

We have a standalone SLES 10 server, which has a SAMBA share to a folder called RETAIL (/home/retail)  It's used to host an old DOS based program, which also provides telnet access (via DOSEMU) to multiple users.  It's an old stock system by the way.  A second machine has been created to duplicate this setup (in the case of the first one failing) and all was working fine.  The server was moved the other day onto the server shelf, and also to get it attached to a UPS.

However, now our SAMBA share to the RETAIL folder on the second redundant server doesn't work.  Previously browsing to the computer specified using the UNC showed the shares available, and then we could browse into the directory required (or in most cases had mapped drives for each user on the network who required access.)  After moving it, this seems to have stopped working.  Browsing to the server using it's UNC, asks for a password now, which it accepts when we enter the credentials of a user that's under the 'user management' part of YAST.  However trying to browse to the shares now asks for a password yet again, and nothing seems to work.

The contractor who does the majority of our server stuff, set it up using SWAT and I've been into that and re-submitted the settings it has but that hasn't changed anything.  I can confirm that the user we try to connect as (a main administrator account that we IT staff use) does have a user account, belongs to the right groups ('user' and 'retail by the way, the same as on the other server which does work) and that the smbpasswd has been added and enabled for that user.  Seeming as I had access before on my own account aswell, I complete removed it, killed off the smbpasswd entry and then re-added myself from scratch but to no avail.

I've checked the permissions for the RETAIL folder, which seem correct.  The owner is root, and the group is set to retail (which all the users on the server belong to) which has full permissions on the read, write etc... but I can't say that I know if they carry over to the SAMBA protocol for sharing.

I'd include the smb.conf from both servers but I'm at home at the moment.  I'll attach them when I'm next back at work.

Fyi, I'm not a complete Linux idiot but I've had little experience with changing permission on folders etc.  For example, I read in another post with a similar issue about using 'chmod' and had to spend 5 minutes Google'ing it!  So if anyone has an instructions to share, please be verbose :)

Many thanks in advance,
Question by:DaryllH
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5

Author Comment

ID: 24832191
Forgot to say, as reading it back to myself it sounds like I'm saying only 1 user can't access.  I've tested multiple users, and none of the credentials will work anymore.

LVL 14

Expert Comment

ID: 24838424
what does your smb.conf look like.....can you post it here?

Author Comment

ID: 24842487
Sorry not yet, I'm back at work tomorrow so I'll put it on then.
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.


Author Comment

ID: 24847851
Here's both the configuration files.

Lyekkasmb.txt is from the primary server which is working fine
stansmb.txt is from the redundant server which is producing the problem


Author Comment

ID: 24851536
Ok an update

I've rem'd out the following lines from the STAN server:

      valid users = @retail, @admin
      admin users = @admin, @retail
      force group = retail

And now I can get access.  However I'd imagine it's all anonymous, and that doesn't really suit us.  If I un-rem the 'valid users' part, it says "No such group exists" however looking in YAST user and groups, the retail and admin group are blaightently there.  Also all the users that are supposed to have access to the share are part of the RETAIL group.

LVL 19

Accepted Solution

Gabriel Orozco earned 2000 total points
ID: 24854564
I see a problem in the [global] area on both servers. they are *very* different. and they are different in the way they manage users and groups. thus it should not surprise you have access problems.

on Lyekkas server, you use LDAP:
      ldap suffix = dc=example,dc=com
      ldap machine suffix = ou=Computers
      ldap idmap suffix = ou=Idmap

While on Stan server you do not. You just need to add the ldap settings in the correct setup to get Stan server back working.

here is a link that can help:

hope that help

Author Comment

ID: 24857504
Hi Redimido,

I saw that before and thought it was just an example text which could be changed, as it's a standalone server and not tied into our eDirectory.  I put the text in, and also un-rem'd the valid users lines but it still came up with the error.  

However leaving the ldap text in and rem'ing the valid users out now only lets people with valid user names, and smbpasswd to access it, so obviously it's doing something I don't understand!

Our external support was in last Tuesday when it broke, so all I can assume is that he change something by accident.

As far as I see it, this is all back to normal now.

Many thanks for your help,

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question