Need Help Configuring My Samba Server

Hi All

I have been racking my brains for the past 15 hours or so trying to know why my AD users can't actually login to the share which i have assigned.

This is my smb.conf below:

Quote:
[global]
workgroup = EXAMPLE
security = ads
realm = EXAMPLE.GROUP
domain master = no
local master = no
preferred master = no
printcap name = /etc/printcap
load printers = no
idmap backend = tdb
idmap uid = 10000-99999
idmap gid = 10000-99999
idmap config EXAMPLE:backend = rid
idmap config EXAMPLE:range = 10000-9999
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind nested groups = yes
winbind refresh tickets = yes
winbind offline logon = true
template homedir = /home/%D/%U
template shell = /bin/false
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
log file = /var/log/samba/samba.log
log level = 2
valid users = any
[Research]
comment = Research
path = /sharing/research
valid users = EXAMPLE\user1
force group = "domain users"
writable = yes
read only = no
force create mode = 0660
create mask = 0777
directory mask = 0777
force directory mode = 0770
access based share enum = yes
hide unreadable = yes
[Admin]
comment = Admin Area
path = /var/www/html/cmsmadesimple
browseable = yes
writable = yes
read only = no
inherit acls = yes
inherit permissions = yes
create mask = 700
directory mask = 700
valid users = user1

When i do wbinfo -u or wbinfo -g i can see the usernames and groups in my AD.

Also when i do : id username it actually gives me the information for that user in my domain.

I have done net ads login -U and joined the domain.

I have set the pam auth modifications and the krb5 and nsswitch.conf files.

So i do not get why i can't have the user i have assigned to that share access it?

I can only imagine i have something wrong in my smb.conf?

Please any helps would be appreciated.

Thanks

Hey guys, I got samba working and I am able to access my files, however I am now trying to learn security with it. i am pretty much trying to allow certain groups access certain files. if you look at samba group you can see that I have @sambausers group to access sambagroup directory.

I have a user called sambatest01. the user can access "samba users only" but the user can access all of the other files as well. what is a correct set up on the other smb.conf to prevent users from accessing this? I cant seem to find a proper set up


[drivers]
path = /files/drivers
browseable = yes
read only = no
guest ok = no
guest only = no


[samba users only]
path = /files/sambagroup
browseable = yes
read only = no
guest ok = no
guest only = no
write list = @sambausers
valid users = @sambausers

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:

Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:

[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:

total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Hello

I want to share a folder on my Fedora linux pc with a Windows 8 pc in the same network.

I have followed this guide : http://www.labtestproject.com/config...rver_on_fedora

but I am not able to see my share on my Fedora linux pc from the other Windows 8 PC.

This is my /etc/samba/smb.conf :

Code:

[global]
        workgroup = mygroup
        server string = HP Samba
;       netbios name = MYSERVER

;       interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
;       hosts allow = 127. 192.168.12. 192.168.13.

;       max protocol = SMB2
[My-Documents]
        path = /home/Jonas/Desktop/My-Documents
        read only = no
;       browseable = yes
        guest ok = yes

The workgroup name is the same as the workgroup name on the Windows PC.

Firewall on Fedora linux pc is down.

I do get the following output when restarting smb :
Code:

apr 27 12:27:49 jonashp.domain.local systemd[1]: Starting Samba SMB Daemon...
apr 27 12:27:49 jonashp.domain.local smbd[4324]: [2015/04/27 12:27:49.686796,  0] ../source3/param/loadparm.c:3034(lp_set_enum_parm)
apr 27 12:27:49 jonashp.domain.local smbd[4324]: WARNING: Ignoring invalid value 'share' for parameter 'security'
apr 27 12:27:49 jonashp.domain.local smbd[4324]: [2015/04/27 12:27:49.687187,  0] ../source3/smbd/server.c:1286(main)
apr 27 12:27:49 jonashp.domain.local smbd[4324]: standard input is not a socket, assuming -D option
apr 27 12:27:49 jonashp.domain.local systemd[1]: Started Samba SMB Daemon.

I thought it would be that simple...

I banging my head, I am unable to mount samba share. Here is the info
Samba share is in RHEL 6.5
# vi /etc/samba/smb.conf
[sambashare]
comment = samba share
path = /smbdemo
guest ok = yes
browseable = yes

# ls -dZ /smbdemo/
drwxrwxrwx. root root system_ubject_r:samba_share_t:s0 /smbdemo/

# getsebool -a | grep samba
samba_create_home_dirs --> on
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> on
samba_export_all_rw --> on
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off


Accessing this share from another Red Hat Box 6.4 (samba-client)
# smbclient -L 192.168.1.10 -U don [Works perfectly]

Now, when I try to mount the share as:

# mount.cifs //192.168.1.9/smbdemo /opt/test/ -o user=don
Password:
Retrying with upper case share name
mount error(6): No such device or address
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

# smbclient //192.168.1.9/smbdemo -U don
Enter don's password:
Domain=[BARNES] OS=[Unix] Server=[Samba 3.6.23-14.el6_6]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

I searched in google but no avail.

trying to set up a simple NAS using Raspian on RaspberryPi2.
installed ntfs-3g and samba.
followed various methods to set it up.
found one that allows me access to my drives.
PROBLEM.....

As a test I edited a simple text file using my laptop (windows7), however when trying to save I receive "access denied"
same occurred on our other computers.

My setup....
in fstab

added...
UUID=DBE6-7AC0 /media/Lexar vfat defaults.noatime 0 2
UUID=F21843B31843756F /media/OurFiles ntfs defaults,noatime0 3


in samba config set security = user and encrypt passwords = yes in Authentication Section, then added the following at the end of file:
[Lexar]
comment this is the Lexar (vfat)
path = /media/Lexar
available = yes
read only = no
browsable = yes
public = yes
writable = yes
create mask = 0775

[OurFiles]
comment this is the OurFiles (ntfs)
path = /media/OurFiles
available = yes
read only = no
browsable = yes
public = yes
writable = yes
create mask = 0775

I would be very grateful for any assistance....thank you

Having trouble mastering this environment, please bear with me,

OK this is kinda long, so I will shorten it as much as I can, as to not be long-winded.

My current network at home:
1 - CentOS 7 desktop (server)
1 - Ubuntu 14.04 desktop
1 - Fedora 21 laptop
2 - Windows 7 desktops
some other various windows boxes also that don't get used regularly, but are on the network.

My 2 Linux desktops (which I use as servers, but they really aren't) have shared folders on them, which I share to the network via Samba (CIFS). I use Samba because Linux is smarter than Windows and Windows won't read NFS, so I share them as Samba so all devices can see them.

Generally speaking, if I share the folders on each box as 0777, I have no issues. But lately I have been wanting to implement some better security, so I wanted to SETGID and chown the shared folders from the local machine to a specific group, then change the folders to 2774.

My problem is that I keep getting permissions errors when trying to connect from the other Linux machines, and sometimes the Windows machines also. My main question is: do I CHMOD 2774 the local mount-point before mounting it? Or so I CHMOD 2774 the shared folder on the other server, then mount it locally to a folder whose permissions are different? Or do I CHMOD both of them the same?

basically the uis and gid ownerships change on a local folder when I mount a shared drive to that folder, so when I try to write or sometimes read that local folder, I get permissions errors.

I can provide any additional info needed.

I'm not sure if this should be in the newbie section, but I am somewhat of a newbie, so here goes:

In a home network, I have an Xubuntu file server with a Samba share that has me as the owner and authorizes me to access the share.

On another computer, I have Mint running and providing various services, including webdav on Apache with SSL. In the var/www/webdav directory of the Mint computer, I have the Xubuntu Samba share mounted. This is supposed to allow me to access the Samba share from the public internet.

Everything works fine except for one big problem: Apache requires the owner of the webdav directory to be user "www-data," and I can't figure out how to give www-data access to the Samba share, since www-data is not a user on the Xubuntu computer, and moreover I don't know the password for user www-data.

Can anyone figure out how to get around this problem? In particular, is there a way to configure the Samba share on the Xubuntu computer so that user www-data on the Mint computer can have access to it?

(Incidentally, I have my reasons for using two computers, one as a file server and one as a web server. Also, I am thinking about switching to NFS instead of Samba, but I'm not sure if even that would solve my problem.)

- I have samba server and ldap server both on different machine. I want to authenticate all the ldap user on samba share to giving access permission for user's on share. I have refer too many document for that but I am unable to access share with ldap user's username and password. I have referred below link

https://wiki.samba.org/index.php/Samba_&_LDAP

http://www.unixmen.com/setup-samba-d...-ubuntu-13-04/

How to troubleshoot for user authentication on samba share?

I have written a script to start a virtual machine through pass through mode and port number.

I start the guest linux through Run command from windows
telnet <baseIP> <portNUm>

Then after connecting to that guest machine,

each enter taking twice.

Any help will be greatful