I am basically trying to implement the Abmas Accounting Office example from the "Samba by examples" book :
This implementation is kind of appealing to directors of small community organizations because they can look over the user's folder.
My setup is as follow :
Brand new machine with most recent Ubuntu server distribution and Samba 3.5.11
Mainly Windows 7 Enterprise workstations with some Windows XP Pro
Here is my smb.conf transcript tested with testparm :
heidegger@AEPP-Serveur:~$ testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Fichiers]"
Processing section "[principal]"
Processing section "[partage]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
workgroup = ATELIERS
comment = Dossiers utilisateurs
path = /Fichiers/%U
valid users = %S
read only = No
comment = Dossier principal
path = /Fichiers
valid users = Direction
read only = No
comment = Dossier partagé
path = /partage
read only = No
Apart from discarding configuration of CUPS and creating a user folder for the main user "Direction" (who has full permission on main folder (/Fichiers) I followed instructions in chapter accordingly.
Whenever a user tries to access the main server he gets prompted for a username and pwd, he then gain view of available shares.
"/Partage" is intended for all users to share stuff, that one works fine.
The main folder "/Fichiers" prompt for username and pwd and is valid only works [as expected] for user "Direction"
"/Fichiers/%U" on the other hand does not even prompt for credentials and instead show the following message (translated freely from french) :
//Aepp-serveur/Fichiers cannot be accessed. You may not have required permissions to access this network resource. Contact your administrator (... the usual)
Should I also mentioned that despite the fact that user "Direction" has access to main folder and therefore to all other user's folder he cannot access his own folder through /Fichiers/%U no matter what.
What I did :
I change the SUID on /Fichiers by removing first the SUID at the group level and eventually at both user and group level with no success
I added valid users = %S in the [fichiers] section with the effect of this time prompting user for a credential but still, no success
I commented all [principal] section (intended in fact for the director) : that did not have any effect but to prevent access to any user folders.
I assumed that I have an obvious permission problem on the user's folder (/Fichiers/%U) and solution does reside somewhere around there. But I'm kind of short of solutions as to how I can implement this model.
Any help would be greatly appreciated. Note that this implementation if successful is simple and I want to keep it that way and so I don't want to implement any PDC like related solutions or at least not at this point in my Samba journey :-)
Thanks for your help !