[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Users cannot access their own share on Samba

Posted on 2012-03-19
3
Medium Priority
?
579 Views
Last Modified: 2012-03-25
Hi,

I am basically trying to implement the Abmas Accounting Office example from the "Samba by examples" book :
http://www.samba.org/samba/docs/man/Samba3-ByExample/simple.html#AccountingOffice

This implementation is kind of appealing to directors of small community organizations because they can look over the user's folder.

My setup is as follow :

Brand new machine with most recent Ubuntu server distribution and Samba 3.5.11
Mainly Windows 7 Enterprise workstations with some Windows XP Pro

Here is my smb.conf transcript tested with testparm :

------------------------------------------------------
heidegger@AEPP-Serveur:~$ testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Fichiers]"
Processing section "[principal]"
Processing section "[partage]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
        workgroup = ATELIERS

[Fichiers]
        comment = Dossiers utilisateurs
        path = /Fichiers/%U
        valid users = %S
        read only = No

[principal]
        comment = Dossier principal
        path = /Fichiers
        valid users = Direction
        read only = No

[partage]
        comment = Dossier partagé
        path = /partage
        read only = No
---------------------------------

Apart from discarding configuration of CUPS and creating a user folder for the main user "Direction" (who has full permission on main folder (/Fichiers) I followed instructions in chapter accordingly.

Whenever a user tries to access the main server he gets prompted for a username and pwd, he then gain view of available shares.

"/Partage" is intended for all users to share stuff, that one works fine.

The main folder "/Fichiers" prompt for username and pwd and is valid only works [as expected] for user "Direction"

"/Fichiers/%U" on the other hand does not even prompt for credentials and instead show the following message (translated freely from french) :

//Aepp-serveur/Fichiers cannot be accessed. You may not have required permissions to access this network resource. Contact your administrator (... the usual)

Should I also mentioned that despite the fact that user "Direction" has access to main folder and therefore to all other user's folder he cannot access his own folder through /Fichiers/%U no matter what.

What I did :

I change the SUID on /Fichiers by removing first the SUID at the group level and eventually at both user and group level with no success

I added valid users = %S in the [fichiers] section with the effect of this time prompting user for a credential but still, no success

I commented all [principal] section (intended in fact for the director) : that did not have any effect but to prevent access to any user folders.

I assumed that I have an obvious permission problem on the user's folder (/Fichiers/%U) and solution does reside somewhere around there. But I'm kind of short of solutions as to how I can implement this model.

Any help would be greatly appreciated. Note that this implementation if successful is simple and I want to keep it that way and so I don't want to implement any PDC like related solutions or at least not at this point in my Samba journey :-)

Thanks for your help !
0
Comment
Question by:asusxtian
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 37740631
Hi Asusxtian

I believe you used an old example, so that's why you see problems.

Change valid users to be
valid users = %U

as per the explanation on this bug in launchpad:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/668368

Hope This helps
Gabriel
0
 

Accepted Solution

by:
asusxtian earned 0 total points
ID: 37744782
I also found a workaround though by replacing the %U variable with %u. Also I could find nowhere sufficient explanations about the real usage of %U...

As for your valid users variable I will try it this evening (ET) and let you know !

Thanks !
0
 

Author Closing Comment

by:asusxtian
ID: 37762421
The question did not raise great response and I finally figured my way out by trying something that did in fact just did what I was expecting it to do.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question