Samba Question -- Users cannot access home directories-- FOLLOWUP

Paul Howarth paul at city-fan.org
Thu Feb 24 11:55:01 UTC 2005 

Tim Holmes wrote:
>>Tim Holmes wrote:
>>
>>>After restarting samba, I can now browse to the tholmes folder, as
> 
> well
> 
>>>as the two other shares (html and www), but I cannot write to any of
>>>the, nor can I FTP files into them -- I think we are making
> 
> progress,
> 
>>>and I suspect that at this point we have a permission problem that
> 
> needs
> 
>>>to be resolved
>>
>>Try running the "smbstatus" command on your samba server after
>>connecting to it. It'll show the current list of connections,
> 
> including
> 
>>the usernames it is using. Check to see that it's got the right
> 
> username
> 
>>and isn't using the guest account (e.g. "smbnobody").
>>
>>Paul.
> 
> [Tim Holmes wrote] 
> 
> Paul:
> 
> Here is the output of the command
> 
> smbstatus
> WARNING: The "only user" option is deprecated
>  
> Samba version 3.0.10-1.fc2
> PID     Username      Group         Machine
> -------------------------------------------------------------------
>  7964   MCASCHOOL\tholmes  MCASCHOOL\Domain Users  192.168.0.133
> (192.168.0.133)
>  
> Service      pid     machine       Connected at
> -------------------------------------------------------
> tholmes       7964   192.168.0.133  Thu Feb 24 06:42:05 2005
>  
> No locked files
> 
> 
> That was run from the root prompt via a vnc connection to my samba box
> -- If you need me to do it a different way, please let me know

The samba server has authenticated you as user "MCASCHOOL\tholmes". This 
is different from the username "tholmes", so by default it will not be 
able to write to the home directory of user "tholmes".

One way to work around this is to use a username map 
(/etc/samba/smbusers) containing lines like this:

tholmes = MCASCHOOL\tholmes

This would handle the authentication for MCASCHOOL\tholmes but then use 
the account tholmes instead of creating a new one for MCASCHOOL\tholmes.

You'd need to do that for all users that have a home directory on your 
server that you want them to be able to access. There's almost certainly 
a much better way of doing it (e.g. by auto-creating home directories 
for users such as MCASCHOOL\tholmes when they connect), but I don't know 
what it is.

Paul.

More information about the fedora-list mailing list