asked on Users cannot access their own share on Samba
Hi,
I am basically trying to implement the Abmas Accounting Office example from the "Samba by examples" book :
http://www.samba.org/samba/docs/man/Samba3-ByExample/simple.html#AccountingOffice
This implementation is kind of appealing to directors of small community organizations because they can look over the user's folder.
My setup is as follow :
Brand new machine with most recent Ubuntu server distribution and Samba 3.5.11
Mainly Windows 7 Enterprise workstations with some Windows XP Pro
Here is my smb.conf transcript tested with testparm :
--------------------------
heidegger@AEPP-Serveur:~$ testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Fichiers]"
Processing section "[principal]"
Processing section "[partage]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = ATELIERS
[Fichiers]
comment = Dossiers utilisateurs
path = /Fichiers/%U
valid users = %S
read only = No
[principal]
comment = Dossier principal
path = /Fichiers
valid users = Direction
read only = No
[partage]
comment = Dossier partagé
path = /partage
read only = No
--------------------------
Apart from discarding configuration of CUPS and creating a user folder for the main user "Direction" (who has full permission on main folder (/Fichiers) I followed instructions in chapter accordingly.
Whenever a user tries to access the main server he gets prompted for a username and pwd, he then gain view of available shares.
"/Partage" is intended for all users to share stuff, that one works fine.
The main folder "/Fichiers" prompt for username and pwd and is valid only works [as expected] for user "Direction"
"/Fichiers/%U" on the other hand does not even prompt for credentials and instead show the following message (translated freely from french) :
//Aepp-serveur/Fichiers cannot be accessed. You may not have required permissions to access this network resource. Contact your administrator (... the usual)
Should I also mentioned that despite the fact that user "Direction" has access to main folder and therefore to all other user's folder he cannot access his own folder through /Fichiers/%U no matter what.
What I did :
I change the SUID on /Fichiers by removing first the SUID at the group level and eventually at both user and group level with no success
I added valid users = %S in the [fichiers] section with the effect of this time prompting user for a credential but still, no success
I commented all [principal] section (intended in fact for the director) : that did not have any effect but to prevent access to any user folders.
I assumed that I have an obvious permission problem on the user's folder (/Fichiers/%U) and solution does reside somewhere around there. But I'm kind of short of solutions as to how I can implement this model.
Any help would be greatly appreciated. Note that this implementation if successful is simple and I want to keep it that way and so I don't want to implement any PDC like related solutions or at least not at this point in my Samba journey :-)
Thanks for your help !
I am basically trying to implement the Abmas Accounting Office example from the "Samba by examples" book :
http://www.samba.org/samba/docs/man/Samba3-ByExample/simple.html#AccountingOffice
This implementation is kind of appealing to directors of small community organizations because they can look over the user's folder.
My setup is as follow :
Brand new machine with most recent Ubuntu server distribution and Samba 3.5.11
Mainly Windows 7 Enterprise workstations with some Windows XP Pro
Here is my smb.conf transcript tested with testparm :
--------------------------
heidegger@AEPP-Serveur:~$ testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Fichiers]"
Processing section "[principal]"
Processing section "[partage]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = ATELIERS
[Fichiers]
comment = Dossiers utilisateurs
path = /Fichiers/%U
valid users = %S
read only = No
[principal]
comment = Dossier principal
path = /Fichiers
valid users = Direction
read only = No
[partage]
comment = Dossier partagé
path = /partage
read only = No
--------------------------
Apart from discarding configuration of CUPS and creating a user folder for the main user "Direction" (who has full permission on main folder (/Fichiers) I followed instructions in chapter accordingly.
Whenever a user tries to access the main server he gets prompted for a username and pwd, he then gain view of available shares.
"/Partage" is intended for all users to share stuff, that one works fine.
The main folder "/Fichiers" prompt for username and pwd and is valid only works [as expected] for user "Direction"
"/Fichiers/%U" on the other hand does not even prompt for credentials and instead show the following message (translated freely from french) :
//Aepp-serveur/Fichiers cannot be accessed. You may not have required permissions to access this network resource. Contact your administrator (... the usual)
Should I also mentioned that despite the fact that user "Direction" has access to main folder and therefore to all other user's folder he cannot access his own folder through /Fichiers/%U no matter what.
What I did :
I change the SUID on /Fichiers by removing first the SUID at the group level and eventually at both user and group level with no success
I added valid users = %S in the [fichiers] section with the effect of this time prompting user for a credential but still, no success
I commented all [principal] section (intended in fact for the director) : that did not have any effect but to prevent access to any user folders.
I assumed that I have an obvious permission problem on the user's folder (/Fichiers/%U) and solution does reside somewhere around there. But I'm kind of short of solutions as to how I can implement this model.
Any help would be greatly appreciated. Note that this implementation if successful is simple and I want to keep it that way and so I don't want to implement any PDC like related solutions or at least not at this point in my Samba journey :-)
Thanks for your help !
Linux NetworkingWindows 7File Sharing Software
Last Comment
asusxtian
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
The question did not raise great response and I finally figured my way out by trying something that did in fact just did what I was expecting it to do.
I believe you used an old example, so that's why you see problems.
Change valid users to be
valid users = %U
as per the explanation on this bug in launchpad:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/668368
Hope This helps
Gabriel