# [solved] samba share visible - data not accessible

## Elleni

Hello, 

I have a prob in getting the proper permissions for a share that should be accessible with a windows client. I followed the howtos and succeded in getting a connection showing share with smb. 

But when trieing to access the share it doesnt work, not on the windows machine and neither when I try to connect via firefox or konqueror on localhost. Error message indicates that the folder doesnt exist or the networkpath is not found or permissions error. 

As succeding in seeing the share I suppose what my prob is to set the proper permissions. Now I tried making the user I created for samba the owner of the folder which should be shared and gave him rights to write too, but this seems to be ignored. I can connect to pc seeing shares and whatever I try it recjects any access to the share...  :Sad: 

in /var/log/samba/log.smbd I found: smbd/negprot.c:reply_nt1(316)

  reply_nt1: smb signing is incompatible with share level security !Last edited by Elleni on Wed Mar 28, 2007 3:22 am; edited 2 times in total

----------

## deface

please paste your smb.conf file

----------

## Elleni

Thanks for the quick reply  !  :Smile: 

[global]

security = share

restrict anonymous = no

domain master = no

preferred master = no

max protocol = NT

acl compatibility = winnt

ldap ssl = No

server signing = Auto

printcap name = cups

paranoid server security = no

[printers]

comment = All printers

path = /var/spool/samba

browseable = no

printable = yes

guest ok = yes

printer name = Deskjet_F380

[temp]

path = /mnt/data-hd/temp/

guest ok = yes

read only = no

case sensitive = no

strict locking = no

msdfs proxy = no

guest account = testking

username = testking

[test]

case sensitive = no

strict locking = no

msdfs proxy = no

path = /home/userid/testLast edited by Elleni on Tue Mar 27, 2007 9:26 pm; edited 2 times in total

----------

## deface

Think you over-edited

Below is mine.

--

```
#======================= Global Settings =====================================

[global]

   log file = /var/log/samba/log.%m

   load printers = no

   name resolve order = wins lmhosts bcast

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

   interfaces = 10.0.0.0/24

   map to guest = bad user

   hosts allow = 10.0.0.

   encrypt passwords = yes

   printer admin = @adm

   wins support = true

   dns proxy = no 

   netbios name = Firewall

   printing = cups

   workgroup = SOLUTIONS

   os level = 20

   printcap name = cups

   preferred master = no

   max log size = 50

#============================ Share Definitions ==============================

[homes]

   comment = Home Directories

   browseable = no

   writable = yes

[printers]

   comment = All Printers

   path = /var/spool/samba

   browseable = no

   guest ok = yes

   writable = no

   printable = yes

   create mode = 0700

   print command = lpr-cups -P %p -o raw %s -r   # using client side printer drivers.

[print$]

   path = /var/lib/samba/printers

   browseable = yes

   read only = yes

   write list = @adm root

   guest ok = yes

[www]

 comment = Website

 path = /var/www/localhost/

 valid users = root deface

 public = no

 writable = yes

 printable = no

 create mask = 0755

[DropBox]

 comment = DropBox

 path = /home/dropbox

 public = yes

 writable = yes
```

In your case - remove

security = share 

max protocol = NT

acl compatibility = winnt

ldap ssl = No

server signing = Auto 

paranoid server security = no

----------

## Elleni

Hello, 

I removed all you suggested and restarted samba service. No success. Though I dont think this settings were the problem as I succeded in seeing the shares when accessing http://ip-of-samba-server

Btw. did not add all this stuff myself but was added via kcontrol I think. 

But after that when trying to klick on a share there is still the error indicating permission error or path not found. That lets me think that it has to do with the access rights on the folder. 

Could you tell me how to give everyone change rights on the folder by console ?Last edited by Elleni on Tue Mar 27, 2007 8:02 pm; edited 1 time in total

----------

## deface

chmod -R 777 /path/to/folder

----------

## Elleni

Hm, doesnt help eather...

----------

## deface

 *Elleni wrote:*   

> Hello, 
> 
> I removed all you suggested and restarted samba service. No success. Though I dont think this settings were the problem [b]as I succeded in seeing the shares when accessing http://ip-of-samba-server
> 
> 

 

Why are you trying to use http://? samba is not an http protocol.

How are you trying to browse the samba share?

----------

## Elleni

ups, sorry misspelling

On windows client I use \\ip

On konqueror and firefox I use smb:// (on the samba box)Last edited by Elleni on Tue Mar 27, 2007 8:07 pm; edited 1 time in total

----------

## jmbsvicetto

Hi.

 *Elleni wrote:*   

> 
> 
> in /var/log/samba/log.smbd I found: smbd/negprot.c:reply_nt1(316)
> 
>   reply_nt1: smb signing is incompatible with share level security !

 

Try using security = server and check if it works.

----------

## Elleni

*deleted*Last edited by Elleni on Wed Mar 28, 2007 2:53 am; edited 1 time in total

----------

## deface

 *Elleni wrote:*   

> Hope I tried correctly: 
> 
> [global]
> 
> restrict anonymous = no
> ...

 

and you've disabled all share/smb signing? whats your new .conf look like?

----------

## Elleni

Thats the complete one now: 

[global]

restrict anonymous = no

domain master = no

preferred master = no

printcap name = cups

security = server

[printers]

comment = All printers

path = /var/spool/samba

browseable = no

printable = yes

guest ok = yes

printer name = Deskjet_F380

[temp]

path = /mnt/data-hd/temp/

guest ok = yes

read only = no

case sensitive = no

strict locking = no

msdfs proxy = no

[test]

case sensitive = no

strict locking = no

msdfs proxy = no

path = /home/userid/test

The exact error message of konqueror is the file or folder doesnt exist..Last edited by Elleni on Tue Mar 27, 2007 9:29 pm; edited 2 times in total

----------

## jmbsvicetto

Do you get any other errors on the logs? Have you tried connecting through smbclient? Have you added any user to the backend with smbpasswd?

----------

## deface

I still think your over-editing, or kcontrol is rather. you need to strip it down to bare minimum - either look at mine, or the smb.conf.example in /etc/samba/

----------

## jmbsvicetto

Can you also do an ls -l for each part of /home/ar1s/test? Look in particular to the home dir.

----------

## Elleni

I had added the newly created useraccount with smbpasswd, but now when trying to 

smbclient -L localhost

I get asked for password. I remember before it worked with both smbuser or root pw, but now it doesnt not even with root password. 

Error is session setup failed: NT_STATUS_LOGON_FAILURE

----------

## Elleni

ls -l /home/userid/test

insgesamt 0

(its an empty folder just for testing.)

ls -l /mnt/data-hd/temp (the other share)

insgesamt 1076794

-rw-rw-rw- 1 testking userid  367388196 25. Mär 03:56 Lost - 311 - Enter 77.avi

-rw-rw-rw- 1 testking users     39619 13. Mär 00:52 Lost - 311 - Enter 77.srt

-rw-rw-rw- 1 testking userid  366362548 16. Mär 00:26 Lost - 312 - Par Avion.avi

-rw-rw-rw- 1 testking userid      43991 15. Mär 23:14 Lost - 312 - Par Avion.srt

-rwxrwxrwx 1 testking userid  367671296 25. Mär 03:43 Lost - 313 - The Man From Tallahassee.avi

-rw-rw-rw- 1 testking userid      45667 25. Mär 01:33 Lost - 313 - The Man From Tallahassee.srt

testking is the account created and added to smbpasswd.

I had added testking = testking in /etc/samba/smbusers but deleted it again as it did not seem to help anything.Last edited by Elleni on Tue Mar 27, 2007 9:30 pm; edited 2 times in total

----------

## Elleni

Errors in var/log/samba/log.smbd: 

  smbd version 3.0.24 started.

[2007/03/27 22:34:38, 1] auth/auth_server.c:server_cryptkey(61)

  Password server loop - disabling password server *

[2007/03/27 22:34:38, 0] auth/auth_server.c:server_cryptkey(83)

  password server not available

[2007/03/27 22:34:39, 1] auth/auth_server.c:server_cryptkey(61)

  Password server loop - disabling password server *

[2007/03/27 22:34:39, 0] auth/auth_server.c:server_cryptkey(83)

  password server not available

[2007/03/27 22:34:39, 1] auth/auth_server.c:check_smbserver_security(252)

  password server is not connected (cli not initilised)Last edited by Elleni on Wed Mar 28, 2007 2:55 am; edited 1 time in total

----------

## deface

I've answered your question. Continue to play with your current config, and you wont get anywhere. its too "strict"

----------

## Elleni

I dont get it I mean I deleted what you suggested didnt I ?

And as seeing the share (this does work) I started thinking it has to do with permissions. 

So lets try to simplyfie as much as possible.Last edited by Elleni on Wed Mar 28, 2007 2:56 am; edited 2 times in total

----------

## deface

Yeah, those were just a few. there are others in there that are not necessary

----------

## Elleni

ok, tried following smb.conf: 

[temp]

path = /mnt/data-hd/temp/

[test]

case sensitive = no

strict locking = no

path = /home/ar1s/test

Seems to work on the local machine  :Smile: 

Will try on the w$ machine too, and then proceed further with adding options. 

But prob is solved for me, thanks for pointing it out twice so I finally got it   :Embarassed:   and for beeing so awesome quick in responding. Will do some testing and report back.Last edited by Elleni on Wed Mar 28, 2007 2:57 am; edited 1 time in total

----------

## Elleni

After some testing I found the bad setting causing this trouble: 

msdfs proxy = no - without thisone shares work as intended. And it is added by kcontrol  :Wink: 

In the meantime I also managed to access cups usb printer via samba from the winxp client. For being able to print from winxp client I had to create an account in winxp which is named like the one I added by smbpasswd to the sambaserver. Is this normal ? How would I enable another winxp user account to print to this samba device ? 

I am using this smb.conf now. I need samba only to comunicate with winxp client, so is this setup ok or would you recommend some changes ?

[global]

security = user

server string = Samba Server

hosts allow = my subnet 127.0.0.0/8

encrypt passwords = yes

socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192

hide unreadable = yes

printcap name = cups

printing = cups

cups options = "raw"

[printers]

comment = All Printers

path = /var/spool/samba

browseable = no

guest ok = no

writable = no

printable = yes

public = yes

printer name = Deskjet_F380

[sharename]

path = /path to share

case sensitive = no

strict locking = no

read only = no

Many thanks for valuable support ! Very nice  :Smile: 

PS. Come from trying to access share and printer from another subnet (changed virtual lan from bridged mode in vmware) and now I still can get onto the share by typing \\ipofsambaserver, so is the hostallow setting obsolet or do I just dont understand it ? It does not connect by \\hostname of sambaserver and thats how it should be. But why does it connect by "ip of sambaserver" as winxp now is obviously in another subnet ?

Or does this happen only because of the test beeing done on virtual devices (vmware) ?

----------

## deface

is vmware running on the local machine? would work regardless w/ the localhost/127.0.0.X line.

Glad you figured it out, please mark as SOLVED if so.

----------

