Able to share some folders and not others smb folders

a2apple · 15 November 2020 17:51

global]

WORKGROUP = workgroup
security = user
#map to guest = bad user
server role = standalone server
server string = probook %v
netbios name = probook
log file = /var/log/samba/log%U.log
max log size = 100
log level = 5

server min protocol = SMB2_10
server max protocol = SMB3
client min protocol = SMB2
client max protocol = SMB3
security = user

ntlm auth = yes
sec ntlmv2

hosts allow = xx.x.x.x/xx
hosts deny = 0.0.0.0/0

[my share]
comment = share for all users
path = /usr/myshare/
available = yes
valid users = @sambashare
browsable = yes
writable = yes
read only = no

[Test share]
comment = share for all users
path = /home/omar/share/
available = yes
valid users = @sambashare
browsable = yes
writable = yes
read only = no

log
my log user1 from windows pc

[2020/11/15 18:16:52.414719, 3] …/…/source3/smbd/smb2_server.c:3861(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at …/…/source3/smbd/smb2_server.c:3147

when sharing a folder from usr/myashare I can share it with a windows pc without an issue

drwxrws— 2 root sambashare 4096 Nov 14 22:20 myshare

but trying to share this folder and windows 10 gives me the following error windows cannot access \xx.x.x.xx\share

drwxrws— 3 root sambashare 4096 Nov 12 23:24 share

I do not know what I am missing as others can access this folder using Linux.

Thank you again for your time and effort and look forward to resolving the issue .

best regard
omar

Aragorn · 15 November 2020 17:58

Please note that the /usr hierarchy is not the place for putting a share. Move it under /srv and modify the configuration file.

That directory is not owned by the root account. It is owned by user omar. That’s why the permissions don’t match.

Is user omar a member of the group sambashare?

a2apple · 15 November 2020 22:58

Yes the user is under sambashare that is why i am confused by the error message but i was wandering
2 what dose that represent

and i changed it to group just to see if it would make a difference

id omar
uid=1000(omar) gid=1000(omar) groups=1000(omar),998(wheel),991(lp),3(sys),90(network),98(power),965(sambashare),150(wireshark)

id kari
uid=1001(kari) gid=1003(kari) groups=1003(kari),965(sambashare)

as the only diffrence between the two is
drwxrws— 2 root sambashare 4096 Nov 14 22:20 myshare
drwxrws— 3 root sambashare 4096 Nov 12 23:24 share

thank you for giving me your time

Aragorn · 16 November 2020 12:23

Change ownership of ~/myshare to root. See if that will work.

sudo chown root:sambashare ~/myshare

linux-aarhus · 16 November 2020 15:08

SMB aka Samba aka Windows share on Linux is most likely to be a P.I.A.

There is no way you can predict how this works. It is all depending on the computer setup - and the user setup - and as the ‘raisin in the hotdog end’ - including how any user is allowed to connect

a2apple · 19 November 2020 00:40

yes that is true thank you for all your help i will still be investigating it and changing ownership did not work but as long as i have the one folder i am happy.did discover that there seem to be an issue with special permissions that seem to be throwing windows off but i will post my final results if i discover anything new.

thank you all very much for your time and effort in helping me out

best regard
omar

a2apple · 21 December 2020 23:49

I would like to thank every one for there support and encouragement. I
was finally able to fix the permissions issue by adding the following lines to smb.conf

WORKGROUP = workgroup
security = user
server role = standalone server
server string = xxxxxx %v
netbios name = xxxxx
log file = /var/log/samba/log%U.log
max log size = 100
log level = 5
(you can change this to level 2 or 3 )

server min protocol = SMB2_10
server max protocol = SMB3
client min protocol = SMB2
client max protocol = SMB3
security = user

ntlm auth = yes
sec ntlmv2

hosts allow = xxx.xxx.x.xxx/xx
hosts deny = 0.0.0.0/0

[share]
comment = share for all users
path = /srv/myshare/
available = yes
valid users = @sambashare
create mask = 770
directory mask = 770
browsable = yes
writable = yes
read only = no

create mask = 770
(this was my choice 770 which allows user and groups permission others have no access)
directory mask = 770
(this was my choice 770 which allows user and groups permission others have no access)

hope others will find it helpful
best regard
omar

system · 5 January 2021 23:49

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.