symlinks not accessible from samba

Dear Experts:

Recently configured suse enterprise linux as samba domain controller with ldap as passwd backend. Everything is working fine but when created a symlink for the directory with the rwx for the user orange like below
# ln -s /users/Company_Secretarial/ /home/orange
user orange getting an error "Location not availble and Access denied", when clicked on Company_Secretarial link which is available in his home directlory. user has rwx permission for the directory Company_Secretarial .
Also tried the by adding the below lines:
follow symlinks = yes
wide links = yes
unix extensions = no
and restart the smb services still the same problem.

Please help




D_wathiAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Look at the permissions on /users/Company_Secretarial/ does user orange have rights there?

Do you have selinux enabled? What is the context on the /users/Company_Secretarial/
Are there any events recorded in /var/log/messages /var/log/audit/audit.log?
how about samba logs?
0
D_wathiAuthor Commented:
Sir,Thanks for the reply.
Permission for the user orange for the directory is set with rwx also when the the user orange does login through the terminal with
su - orange
user orange is able to cd to the Company_Secretarial and create files or directory and delete as well.
But while accessing from the samba share of his home directory he is unable to access the soflink directory.
As this is an suse enterprise linux iam not finding selinux.

attached sambaconfig and auditlog for your reference below posted var/logmessages
Jan  1 15:00:55 ldap slapd[3210]: <= bdb_equality_candidates: (sambaSIDList) not indexed
Jan  1 15:00:55 ldap slapd[3210]: <= bdb_equality_candidates: (sambaSIDList) not indexed
Jan  1 15:00:55 ldap slapd[3210]: <= bdb_equality_candidates: (sambaSIDList) not indexed
Jan  1 15:00:55 ldap slapd[3210]: <= bdb_equality_candidates: (sambaGroupType) not indexed
Jan  1 15:00:55 ldap slapd[3210]: <= bdb_equality_c




Please help
sambaconfig.txt
0
D_wathiAuthor Commented:
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

arnoldCommented:
Add the follow symlinks and wide links into the[users] definition block.

The difficulty might be that /user/Company has no meaning to the system where the share is mounted.

What about the samba log?  The audit logs reflects errors dealing with samba, but does not seem that it is in any way interfering with the partition traversal.
0
D_wathiAuthor Commented:
Sir, Thank you very much. Now it is working but the problem is users are able to delete the symlink which is created under their home directory however data is safe in the orginal path still i want to restrict the user deleting the symlink. Please help
0
arnoldCommented:
You could define the location as its own share and have the user's access it directly versus going through the create link(/etc/skel) and run into the possibility that a user would delete the link.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.