Volker Lendecke wrote:
On Thu, Jan 25, 2007 at 08:25:25AM -0500, Marc Delisle wrote:
In syslog there are plenty of these:
Jan 23 09:46:34 localhost smbd[5672]: make_connection: connection to
IPC$ denied due to security descriptor.
I see a lot of those messages too. I don't have any problems connecting
to the share(s) though.
Someone has used Windows srvmgr.exe or an equivalent tool to
set a security descriptor for IPC$ in the file
share_info.tdb.
Not the case for me.
Either connect to the Samba server with
srvmgr.exe and set the correct permissions on IPC$, or if
all your access checks are done via 'valid users' and other
setings in smb.conf, then you can safely delete the file
share_info.tdb. But please be aware that this resets all
custom share security descriptor settings back to default.
My share in a ADS setup with domain QWERTY is defined like this in smb.conf:
[Test]
path = /nas/NASDisk-00015/Test
directory = /nas/NASDisk-00015/Test
valid users = root, QWERTY\Administrator
write list = QWERTY\Administrator
Here is the content of my share_info.tdb file:
# tdbdump share_info.tdb
{
key(13) = "INFO/version\00"
data(4) = "\02\00\00\00"
}
So are 'valid users' and possible other smb.conf share setting mutually
exclusive with whatever is in share_info.tdb? What should I change to
avoid the security descriptor messages?
Looks like there is some relationship between the share settings and
share_info.tdb, but I am not quite sure how it should be done. Can you
enlighten me or refer me to where this is documented?
I'm using Samba 3.0.23d.
--
Geir A. Myrestrand
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
