SMB Newbie: Accessing Linux Share

I have my /etc/samba/smb.conf set up like so:
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# For a step to step guide on installing, configuring and using samba,
# read the Samba HOWTO Collection.
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
workgroup = WORKGROUP
# server string is the equivalent of the NT Description field
server string = Samba Server
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the HOWTO Collection for details.
security = user
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = yes
# you may wish to override the location of the printcap file
; printcap name = /etc/printcap
# on SystemV system setting printcap name to lpstat should allow
# you to automatically obtain a printer list from the SystemV spool
# system
; printcap name = lpstat
# It should not be necessary to specify the print system type unless
# it is non-standard. Currently supported print systems include:
# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
; printing = cups
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
password server = *
# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
; realm = MY_REALM
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
; passdb backend = tdbsam
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
# this line. The included file is read at that point.
; include = /usr/local/samba/lib/smb.conf.%m
# Most people will find that this option gives better performance.
# See the chapter 'Samba performance issues' in the Samba HOWTO Collection
# and the manual pages for details.
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \%LProfiles%U
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
dns proxy = no
# These scripts are used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
; add user script = /usr/sbin/useradd %u
; add group script = /usr/sbin/groupadd %g
; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
; delete user script = /usr/sbin/userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
; delete group script = /usr/sbin/groupdel %g
#============================ Share Definitions ==============================
[public]
comment = Public Stuff
path = /home/samba
public = yes
writable = yes
printable = no
Whenever I try to login from a windows XP machine, access is always denies.  How can I set up permissions for anyone to access the share?

Ok, did you look at that page I recommended?  It gives you the steps.
You don't have to create the file, just do, if the windows user is john, and has a password on the MS box of 1234
smbpasswd -a john
It'll ask for his  password, type in 1234, it'll ask for confirmation and type it in again.
On the MS box, user john might have to log off and logon.
However, again, I recommend taking a look at that page, trying the nbtstat and such.  Actually, I hadn't realized how dated that page is, I have to redo it, but the tips there should still be useful.

Similar Messages

  • Permissions for Linux user accessing Leopard share

    We have a very simple networking setup at our video post production facility. Basically, files are shared everywhere and to everyone. No open directory or DNS serving. Just AFP and SMB.
    Our Linux based Smoke/Flame/Lustre system needs access to the files severed/shared by an Xserve with a big attached RAID. It has no problem connecting or seeing the files. However, it typically is denied write permissions. When the Smoke operator creates a folder on the share he can't access the folder until I grant the Others/Everyone group read and write perms. The Linux user logs in with the same user account that everyone else uses.
    Some time ago, the always smashing Gerrit DeWitt gave me some terminal commands to set ACLs for users/groups of this shared RAID. They work beautifully and I have had no permissions issues since applying them. Except for this Linux system.
    Would it be good practice to use this command to set the Everyone group permissions for this share?
    sudo chmod -R +ai "group:everyone allow readattr,readextattr,readsecurity,\
    list,search,read,execute,writeattr,writeextattr,delete,\
    append,write,deletechild,add_file,addsubdirectory,\
    fileinherit,directoryinherit" "/Volumes/RAIDH/Smoke_InfernoStorage"
    Also, is there some configuration change I could make to the Linux system to make it a little more Mac compatible in this area?
    Thanks

    It's worth checking into - let us know what you find. What you describe certainly sounds like a problem with permission propagation settings for SMB / Samba since the AFP side works fine.
    I've seen other posts about problems that crop up because of differences in the versions of Samba employed between systems, so that's a possibility as well. And I'd have no suggestions for you in that regard other than some searching of the web for clues as to how to work with that issue.
    -Doug

  • Window 8.1 system unable to access network shares via VPN connection

    Is there something inherent to Windows 8.1 that prevents it from accessing shares on a domain?
    I know that it cannot join a domain, but does that also mean that it cannot access shares which are on a domain?
    My problem is that I have several user that are running windows 8.1 that are connecting to our network via a VPN.
    The users have domain accounts but their computers as windows 8.1 cannot joined to the domain.
    So to access network shares they have to use their domain credentials to create a VPN connection.
    Once connected the user can RDP to systems on the domain using their domain accounts, so I know that their user names/passwords and permissions are correct. They can access these systems using the computer name, so I don't feel that I have a DNS issue.
    They can see the shares on our file server, but when they try to access their departments shared file, they receive an access denied message. There are a few shares that are completely wide open, shared to all users and all departments but they cannot access
    those shares either.
    You can ping the file server, from the the client when they are connected to the VPN but you just cannot access any of the shares.
    So...
    I am thinking that it has something to do with windows 8.1 and not being able to join a domain, but I cannot find anything to explicitly support this thought.
    Other users running a variety different OS (windows 7, OSX, Linux) can all access the shares without any problems via the VPN, so I am a little stumped.

    I have done some more testing and oddly enough I can map a drive if I use the IPaddress, but not the computer name, when checking the check box "connect using different credentials"and providing they users domain credentials.
    This seems to point to a DNS issue, one would think, but I can hit the file share server by name \\fileserver.dev.lan
    I can see all the shares, so dns seems to be fine right?
    So I don't understand why I can map a drive using do the IPaddress and not the machine name, but yet I can see and ping the server by name?
    When I try to create a mapped drive by machine name I receive the following message:
    Windows cannot access \\fileserver.dev.lan\all
    You do not have permissions to access \\fileserver.dev.lan. contact your network administrator  to request access.
    But if I use the \\x.x.x.x\all using the very same user and password I get connected with no problem.
    This only seems to happen on windows 8.1, which leads me to think that has something to do with OS. 
    I am thinking about upgrading to windows 8.1 pro, but I don't want to go though the hassle and expanse is the OS is not the problem.

  • Cannot access network shares on AD domain

    I've joined my mac to an AD domain (over vpn tunnel). I used the Directory Access app and when I did a "bind" to the domain all seemed to go well.
    However when I try to access a network share using the "Connect to Server" menu item:
    smb://server/share
    I get this error:
    The Finder cannot complete the operation because some data in...could not be read or written. (Error code -36)
    Ok I've tried googling this error message. Could someone tell me what this means? Could you point me to documentation on how to do what I'm doing?

    Can you access the share while in the office?
    Can you access the share by using the servers IP address instead of name?

  • Cant Access external shares from my admin account

    Hi,
    the title says it all.
    No matter if I try to connect via smb or afp. If I try to log in from the admin account to external afp or smb shares the login is refused cause of permissions.
    IF I do switch to a user other than the system admin account, the access to external shares works like a charm.
    In my case its an external NAS from Buffalo (Linkstation Duo).
    Also from other Lion machines ... no problem when trying to access that share.
    Im aware of the DHCAST128 changes but as you can read above it seems that this is not the issue.
    Any hints or suggentions?
    Thanks!
    Andrew

    Hi-
    You can use the account that you use daily, as SuperDuper will clone the entire drive, which includes all accounts, applications and data. SD will require an administrator password to run the cloning, but this can be done from any account.

  • SQL server can't access network share

    Hello,
    I am facing an issue where the SQL server can't access the network share. The network share is mounted by  a domain user who is also configured as Administrator on the server.
    Through SQL Server management studio as well as PoweShell script when i try to access the share in order to attach the database contained within the share, i get the error "Unable to find the file specified". I can't mention the network drive to
    the SQL management GUI file browser too if i try to attach the database through GUI.
    For all SQL services, I changed the service log on account to be the same account which mounts the network share.
    As work around - 
    I launched a command prompt under NT Authority \ SYSTEM (LocalSystem) account and mounted the drive to the same location which lead to adding one more connection but under local system account. With this change, the SQL server was able to access the network
    share!
    I couldn't understand whey SQL expects the network share to be mounted under local system account even if all the SQL services are running under domain account ? I want SQL to be able to access the network share without opting for above work around.

    Hello,
    I couldn't understand whey SQL expects the network share to be mounted under local system account even if all the SQL services are running under domain account ? I want SQL to be able to access the network share without opting for above work around.
    It doesn't have to be. The workaround is only a temporary fix and is certainly not a good idea. I would not use mounted folders with SQL Server, at all, period.
    The reason you're having difficulty is that when the folder is mounted, it's mounted for YOUR session not ALL sessions. SQL Server has already started its services and is running under its' own session and is not privy to the things you do to change the
    environment. For example, if you changed a system or user variable (for example, a SET variable) SQL Server would have no idea about this because when it started, that variable either didn't exist or was something else. This is not SQL Server's fault but how
    Windows works (this information is stored in the Process Environment Block [PEB]) for any windows process.
    As other's have said, don't use mounted drives - use a UNC path. UNC paths are 100% supported on 2012+ as well as running databases on a SMB 3.x share (UNC pathed of course).
    If you absolutely must use a mounted drive, enabled xp_cmdshell access (through sp_configure) and run the net use command through xp_cmdshell. I, once again, would highly advise not doing this and using an UNC path.
    -Sean
    The views, opinions, and posts do not reflect those of my company and are solely my own. No warranty, service, or results are expressed or implied.

  • Problems accessing windows share folders with iMac joined to the domain

    Hi,
    Following the Apple Seminar (http://seminars.apple.com/seminarsonline/addamac/apple/index.html?s=300) I've joined an iMac (10.6.2) to a Windows Domain successfully and I can login with my windows account.
    The problem arises when I try to mount a share folder. Mac ask me if I want to access as a guest or as a registered user, and it's really weird since the folder belongs to the windows user. It seems like Mac doesn't use the login account to access the share folders...
    Regards,

    Hi,
    I'm trying to use the Connect to Server > smb://ipaddressoftheserver (smb://192.168.100.1/implementaciones) but it ask me for the authentication again....
    It seems there is a problem with Snow Leopard and AD with .local domains. I've trying this solution:
    http://www.edugeek.net/forums/mac/43879-snow-leopard-ad-integration-woes.html#po st549033
    Regards,

  • New Mac user, need help accessing windows shares

    Hi All,
    I have a new MBP 13" and want to be able to easly access shared folder on my PC network. None of the PC's appear under the 'Shared' left menu in the finder, not even my aging eMac.
    I have successfully used connect to server and smb the pc name, but this seems to wok once, then when I go to reuse it, i can not access it again. deleting the save server favourite and rebooting works occasionally, however for the most part it is bery hit and miss. My thoery is that if you can access it once, you should be able to again and again.
    Obviously none of my pc's have any issues accessing the shares, it is just the mac . I have input the windows workgroup in the WINS section of Network Settings as well as my router ip address.
    Can anyone advise how to get the pc's to appear under the shared tab in the finder.
    At the moment, I am starting to regret buying the Macbook Pro, and really thought this type of issue would have been sorted out on the Mac side by now. But alas, it seems that I will just use windows 7 on the macbook pro until I can get this sorted. I can't not have access to windows data stores.
    Any help will be appreciated. I have tried to resolve this by viewing similar threads, but have not found a reliable solution yet.
    GeekGuy

    Really ... no-one can shed some light on this situation?
    Can someone at least recommend a forum where I can get some help.

  • Easy Way to allow Mac Users to Access Windows Shares

    I have a client that runs a mix of macs and pcs.
    They have a seperate domain for macs running on an xserve with 10.2.8 server and a domain of windows 2000 servers for the pcs
    My question is, is there an easy way to allow the mac users to be authenticated to shares that are available on the windows 2000 network without having to be prompted with a different login? ie access the shares with there current mac login username and password?

    Hi
    If your mac clients can 'see' the windows domain then simply add a single generic user account on the Windows Server. Most people create a single account called macuser with the same password.
    Mac clients should now be able to command+K from the Go Menu and key in smb://windowserver'sIPaddress. They should be prompted for the user name and password.
    If you want to use the same account details as available on the Mac Server then you could export users from the local Node and import them into the Windows Server. Passwords are not retained using this method but if you don't have a lot of mac users you can simply re-key their passwords or use a password common to all and use a password policy forcing users to change them at next log-in. You could consider using something like Passenger which does retain passwords. Depending on which Windows Server it is I'm not sure how successful it would be reading imported account from such an old server version?
    Again if you don't have a lot of mac users simply key them all in.
    Tony

  • Access Denied trying to access file shares with correct credentials

    I am getting the Access Denied message when trying to connect to network shares from Windows 10 (9926)
    When trying to access a network share, I get the username and password prompt, and it always fails.
    Using the same credentials on a Windows 8.1 machine to connect to the same shares and it will work.
    Shares can be hosted on Windows Server 2012 R2, Windows 8.1, Linux Samba, NAS, or even \\127.0.0.1 and all will fail with the same message.
    But you can access the shares hosted on the the windows 10 machine from other remote machines.
    Credentials have been entered in the format of: domain\username,
    machinename\username, and just username
    All machines are on the same workgroup\domain
    NOTE: Typing in an invalid machine name will also bring up the credential prompt.
    I.e. entering \\QWERTY will still ask you for your username and password and fail immediately.
    The same shares worked in the version before 9926
    Peter Taylor
    Red Planet Programming Ltd

    I have the same problem, and I figured out that my windows is installed in french, and every users groups are created in french also, groups like Everyone don't exists and i can't change by console.
    Regards, Roberto Borges please remember to mark the replies as answers if they help and unmark them if they provide no help.

  • Smbntefs probelm accessing windows shares

    Hello,
    I followed the wiki guide about smbnetfs and the output informations after smbnetfs installation. The shares are automatically mounted in /mnt/smbnet and I can see them,
    but when i double click a share
    (through Thunar - Xfce4) I take the following message:
    Failed to open directory "PC_SHARE"
    Software caused connection abort
    Is the problem caused because of file permissions?
    Can anyone tell me in detail what chmod I have to do and where?
    Also which files must be in ~/.smb? (and the permissions of that folder)
    (At the past I had no problem accessing the shares with the same tool and without conserning about the permissions of that folders)

    Have you tried simply disconnecting from the Windows share and reconnecting? Rebooting may be overkill
    The Mac network browser seems to be relatively static or lazy, and often needs a bit of prodding to recognize changes on the other systems, esp. a Windows share.
    I would not call it a bug, but it is something to be aware of.
    Sometimes the Windows share on my Mac remains in the Finder window long after I have shut down the Windows box.

  • Domain machine Can't access administrative shares c$ admin$ on windows 7 x64 network path was not found

    Hello,
    I'm unable to access admin shares on a windows 7 pro x64 domain machine, i've tried the following:
    . Disable IPV6
    . LocalAccountTokenPolicy (32 and 64 bits set to 1 or zero with restart)
    . Disable UAC
    . Disable firewall
    . LmCompatibilityLevel set to 1
    I can ping the machine, remote desktop and everything BUT access any shares on it, i've created additional shares for testing and still can't access it, by name or ip, even using the 127.0.0.1. Please help as this issue is driving me nuts.
    PS: Windows 7 Enterprise doesn't have this problem

    Believe it or not, it's UAC causing the blockage of accessing any hidden $ drive share in Windows 7. At least, for me.
    For a new PC built here I tried everything I could find. Disable antivirus, firewall, defender... changing network share settings.. nothing worked.
    Thing is, its been working on multiple old PCs so I tracked down network profile and other differences between new and old, only one I found was that I'd disabled UAC on the old PCs (all win7 pro). Disabled UAC on the new PC, rebooted as required to completely
    turn it off, bam! can now access root drive shares via the hidden $ as always.
    More advanced admins could probably track down the specific registry settings changed by UAC and isolate the one blocking LAN connecting to hidden drive $ shares. I'm not delving any deeper.
    Oh, btw, turned firewall, antivirus etc back on and it still allows access over a LAN.
    (UAC - User Account Control for those not familiar with the acronym)

  • I am trying to allow guests on windows to connect to shares on my Lion server but it keeps asking for a password for guest. I have allow guest users to access this share enabled but it still does not work.

    I am trying to allow guests on windows to connect to shares on my Lion server but it keeps asking for a password for guest. I have allow guest users to access this share enabled but it still does not work.

    Ditto. Guest accounts shouldn't have a password. No way to enter one in System Prefs...

  • I can't access folder share in WIndows Server 2012 R2 from windows 8.1

    i have a strange case:
    I have a Windows Server 2012 R2 machine with a shared folder. Accessing this folder using a Win7, Win8,
    Win 2008 R2 machine using \\servername  works fine but form windows 8.1 or windows
    2012 r2 i can't so any one can help me. 

    Hi,
    Would you please let me know the complete error message that you can find, when can’t access to the share folder
    that host in the Windows Server 2012 R2?
    If you logon the Windows 8.1 (or server 2012 r2) with administrator account, will encounter the same issue?
    Meanwhile, please access the share folder via \\server’s IP address\share folder. Then please check if this issue still persists.
    In addition, there is a similar thread. Please refer to and check if can help you.
    Can't
    access UNC share on Windows Server 2012 R2
    Hope this helps.
    Best regards,
    Justin Gu

  • Unable to access CIFS shares using SSL Web portal

    Hello,
    i have deployed Cisco Clientless Web VPN on my ASA5515.
    I'm having an issue when I try to browse a file server (access CIFS shares) from the WEB VPN portal.   I am prompted for login, and after logging in  I get the "Error contacting host" immediately. it's seem like a bug on ASA ? i saw that on Cisco Web site : bug CSCsl94183
    I already DONE those things :
    1- reload the ASA
    2- upgrade to the latest software release
    3- test different web browser ( Firefox, IE, Chrome)
    1- ASA Platform is 5515 running  latest software release (9.1.4)
    2- File  server running Windows 2008 R2
    3- Clients is using Firefox.
    4- When I establish SSL VPN connection using Cisco AnyConnect I  have no problems accessing files or folders on the same server.
    NOTE :  I have 2 other CIFS server running  Window 2003 and there is no issue.  the issue is happening ONLY  with the server running Window 2008 R2

    I've also seen this exact problem. We have several Windows 2008 R2 servers, one of our Domain controllers has been migrated to 2008 R2. I can access shares on the Windows 2008 R2 domain controller, but not a deicated (member) file share server. 

Maybe you are looking for

  • New Logic Board = Significanlty Slower Mac

    Recently I had my Macbook Pro shipped off for repairs for a number of problems I've had with it, and they ended up replacing the battery, superdrive, logic board, and display wiring. Since I've gotten back, my mac is noticeably slower. Boot up time h

  • Sending '?' in XML tag to Oracle Stored Procedure

    I have a situation that I cannot find the answer to why it is happening. I am sending an XML data type to an oracle stored procedure. In one of the fields, I need to allow the '?' character to be sent. <ADDITIONALINFO>This is where I want ? to be</AD

  • HR Module various fields unknown?

    Hi all, I am working on the HR module of sap. I have a report to make where some of the fields are unknown . Can u help me out?? Unknown fields are : 1. Employee Joining Date 2. Branch 3. Region 4. BU ( Business Unit may be) 5. Last CTC 6. reporting

  • DWF to pdf conversion

    When I try to convert a DWF file to pdf, only part of the document prints. If I open the document and print it with adobe, the entire document prints. How can I get the entire document to convert without opening it?

  • Add multiple contacts to Backup Assistant online

    Is it possible to import more than one contact vcard at one time. I want to add several contacts and doing it one at a time is tedious. Thanks