troubleshooting Question

Samba/winbind access through UNC share from windows machine: Getting "access denied"

Avatar of cmaohio
cmaohioFlag for United States of America asked on
LinuxServer SoftwareWindows 7
2 Comments1 Solution886 ViewsLast Modified:
I'm running windows 7 and it must be that because a windows XP machine next to me is working just fine... keep that in mind when reading below.

I had this server working for months now but suddenly it's not working. The only thing I can think of is the machine was placed in the DMZ. However, I seem to remember this happening earlier. We also changed our IP schema a while ago so the two computers are on separate subnets now. I don't know if that has anything to do with it.

I tried opening up the DMZ temporarily to allow everything humanly possible between the two networks and it still doesn't work.

I'm simply trying to get to the server using the unc: \\servername\websites

if I purposefully give a bad user/password I get the proper "username/password doesn't match." or whatever.  but if I use the correct one, I get "access denied" so I know authentication is working fine. I also have double-checked all the permissions and the user should have permissions. Here's the relevant sections:

Here is my smb.conf, et all.
SMB.CONF file:
[global]

   workgroup = MYDOMAIN
   server string = linux box
   security = ads
   load printers = no
   log file = /var/log/samba/%m.log
   max log size = 50
   password server = *
   realm = MYDOMAIN.COM
   passdb backend = tdbsam
   interfaces = 10.0.13.11
   local master = no
   preferred master = no
   wins server = 10.0.0.10 10.0.0.11
   dns proxy = no

   idmap uid = 600-20000
   idmap gid = 600-20000
   inherit acls = yes
   encrypt passwords = yes
   winbind use default domain = Yes
   winbind enum users = Yes
   winbind enum groups = Yes
   winbind nss info = rfc2307
   winbind nested groups = Yes
   template shell = /bin/bash
   winbind separator = +


#============================ Share Definitions ==============================

[websites]
comment = Websites
path = /var/www
valid users = @"MYDOMAIN+Information Technology Department"
writable = yes
browsable = yes


Permissions on directories:
var:
drwxr-xr-x  26 hostmaster root  4096 Aug  5  2008 var
www:
drwxrwxr-x 15 hostmaster information technology department 4096 Aug 31 14:50 www
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 2 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros