Mandrake 9.1 Samba 3.0, windows2000 pro sp4.There are 4 possible issues, your problem could reside in one, or all of them:
I finally got Samba 3.0 working thanks to G�mes G�za. Now I am having another issue as outlined below:
1)There are 2 users on the Linux pc, markw (regular user) and root. Both have valid samba passwords.
2)I have a share called: [data] path = /test valid users = markw, root read only = No browseable = yes
3)I am able to map the share with the user markw.
4)Right click on the share and choose properties>>security>>add, the dialog box tells me that "you are logged on with an account that does not have access to HOME. Enter a name and password, which I do: markw + password. Error message the credentials supplied conflict with an existing set of credentials.
5)Ok, so I enter in root as the name and password and get the exact same error message.
6) disconnect the mapped drive and log on the share as root, and same problem occurs..
7) Rebooting the win pc does not help.
I read through the samba how-to until my eyes bled...
My question is what is causing these error messages in the logs?? Please see the attached log.
Regards, Mark
workgroup = HOME netbios name = GREPLINUX interfaces = eth0 192.168.0.203 bind interfaces only = Yes encrypt passwords = Yes time server = Yes domain logons = Yes os level = 65 preferred master = Yes domain master = Yes follow symlinks = No passdb backend = smbpasswd, guest log level = 1
[homes] read only = No browseable = No
[data] path = /test valid users = markw, root read only = No browseable = yes
[netlogon] path = /var/lib/samba/netlogon guest ok = Yes share modes = No
------------------------------------------------------------------------
[2003/10/04 20:18:12, 0] smbd/server.c:main(747) smbd version 3.0.0 started. Copyright Andrew Tridgell and the Samba Team 1992-2003 [2003/10/04 20:18:19, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user markw (uid=501, gid=501) (pid 15388) [2003/10/04 20:18:19, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user markw (uid=501, gid=501) (pid 15388) [2003/10/04 20:18:19, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:18:23, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user markw (uid=501, gid=501) (pid 15388) [2003/10/04 20:18:23, 1] smbd/fake_file.c:open_fake_file_shared1(45) access_denied to service[test] file[$Extend/$Quota:$Q:$INDEX_ALLOCATION] user[markw] [2003/10/04 20:18:25, 0] rpc_server/srv_util.c:get_domain_user_groups(371) get_domain_user_groups: primary gid of user [root] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2003/10/04 20:18:30, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:18:40, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user markw (uid=501, gid=501) (pid 15388) [2003/10/04 20:18:40, 1] smbd/fake_file.c:open_fake_file_shared1(45) access_denied to service[test] file[$Extend/$Quota:$Q:$INDEX_ALLOCATION] user[markw] [2003/10/04 20:18:41, 0] rpc_server/srv_util.c:get_domain_user_groups(371) get_domain_user_groups: primary gid of user [root] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2003/10/04 20:18:47, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:18:57, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:19:14, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user root (uid=0, gid=0) (pid 15388) [2003/10/04 20:19:14, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user root (uid=0, gid=0) (pid 15388) [2003/10/04 20:19:14, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:19:18, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user root (uid=0, gid=0) (pid 15388) [2003/10/04 20:19:18, 1] smbd/fake_file.c:open_fake_file_shared1(45) access_denied to service[test] file[$Extend/$Quota:$Q:$INDEX_ALLOCATION] user[root] [2003/10/04 20:19:19, 0] rpc_server/srv_util.c:get_domain_user_groups(371) get_domain_user_groups: primary gid of user [root] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2003/10/04 20:19:23, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:19:29, 1] smbd/service.c:make_connection_snum(698) win2000 (192.168.0.200) connect to service test initially as user root (uid=0, gid=0) (pid 15388) [2003/10/04 20:19:29, 1] smbd/fake_file.c:open_fake_file_shared1(45) access_denied to service[test] file[$Extend/$Quota:$Q:$INDEX_ALLOCATION] user[root] [2003/10/04 20:19:31, 0] rpc_server/srv_util.c:get_domain_user_groups(371) get_domain_user_groups: primary gid of user [root] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2003/10/04 20:19:38, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test [2003/10/04 20:19:42, 1] smbd/service.c:close_cnum(880) win2000 (192.168.0.200) closed connection to service test
1. You are using Mandrake 9.1 (so am I), and the kernel shipped with it lacks acl support :-( If you have acl installed: urpmi acl, you could give it a try:
getfacl somefile
setfacl -m u:someuser:somerights somefile
if the latter gives you an error, then you are in case 1 or 2
a workaround for 1. would be, to aply the kernel patch attached, or use the kernel shipped with Mandrake 9.0 (so I did, but had to recompile it to have ACPI support)
2. You aren't using an acl enabled filesystem:
XFS supports them out of the box, for ext2/ext3, you have to specify acl in your /etc/fstab, and remount it.
3. Your samba3 was compiled on a machine without acl support. This could happen if it was compiled without having libacl-devel installed, or having %define acl-support 0 somwhere in the specfile in the case of a rpm build.
4. ACL modifying is as follows: You are allowed to it, if -You are the owner of the file -You are in posession of the CAP_FOWNER perogative (currently only root)
Another thing: from your logs it seem to be advisable, to try to map your groups: net3 groupmap as root
Good Luck!
Geza Gemes
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
