On Fri, 2021-01-29 at 04:40 +0000, Strahil Nikolov wrote:
I know from experience that you need to decide how you control access and you got 2 options:
- Linux directory is set to 777 and all control is in samba
- Linux directory is set as if unix user will access it and you use
the sam uid/gid for both client and server accounts (AD, FreeIPA, LDAP)
What is your settings right now ?
Best Regards, Strahil Nikolov
Strahil,
777 and ownership of /tank/Windows is nobody:nobody. It's actually an empty directory right now.
Not using AD/FreeIPA/LDAP.
--Robert Savage Fairview Heights, IL
On Thu, Jan 28, 2021 at 7:57, Robert G. (Doc) Savage via CentOS centos@centos.org wrote: On Tue, 2021-01-19 at 17:18 +0100, Götz Reinicke wrote:
Anything in the samba logs? May be SELinux/Firewall issues?
Götz,
Unfortunately, no.
The nmbd log verifies that the fileserver's samba service is the local master browser for WORKGROUP on both eth0 and virbr0.
[2021/01/17 19:02:22.190795, 0] ../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2 ) ***** Samba name server LIONSTORE is now a local master browser for workgroup WORKGROUP on subnet 192.168.1.20 ***** [2021/01/17 19:02:22.191085, 0] ../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2 ) ***** Samba name server LIONSTORE is now a local master browser for workgroup WORKGROUP on subnet 192.168.122.1 *****
The samba smbd log simply reports the connection denials:
[2021/01/17 23:07:40.304626, 0] ../../lib/util/access.c:371(allow_access) Denied connection from 192.168.1.30 (192.168.1.30 There's nothing in the SELinux logs for that date.
I checked firewall-config on the storage server and verified that the samba service is allowed (but not samba-client or samba-dc).
Is there a really comprehensive setup checklist available for setting up samba on CentOS? The partial how-tos I've been able to find are obviously not enough. I'm looking for completer smb.conf setup, firewall settings, required services, directory permissions, accounts, and anything else that's required. I'm running up against very unhelpful roadblocks that seem to indicate a critical permissions problem but nothing specific.
V/R --Doc Savage Fairview Heights, IL
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On Jan 28, 2021, at 10:49 PM, Robert G. (Doc) Savage via CentOS centos@centos.org wrote:
On Fri, 2021-01-29 at 04:40 +0000, Strahil Nikolov wrote:
I know from experience that you need to decide how you control access and you got 2 options:
- Linux directory is set to 777 and all control is in samba
- Linux directory is set as if unix user will access it and you use
the sam uid/gid for both client and server accounts (AD, FreeIPA, LDAP)
What is your settings right now ?
Best Regards, Strahil Nikolov
Strahil,
777 and ownership of /tank/Windows is nobody:nobody. It's actually an empty directory right now.
Not using AD/FreeIPA/LDAP.
--Robert Savage Fairview Heights, IL
On Thu, Jan 28, 2021 at 7:57, Robert G. (Doc) Savage via CentOS centos@centos.org wrote:
On Tue, 2021-01-19 at 17:18 +0100, Götz Reinicke wrote:
Anything in the samba logs? May be SELinux/Firewall issues?
Götz,
Unfortunately, no.
The nmbd log verifies that the fileserver's samba service is the local master browser for WORKGROUP on both eth0 and virbr0.
[2021/01/17 19:02:22.190795, 0]
../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2 )
Samba name server LIONSTORE is now a local master browser for workgroup WORKGROUP on subnet 192.168.1.20
[2021/01/17 19:02:22.191085, 0]
../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2 )
Samba name server LIONSTORE is now a local master browser for workgroup WORKGROUP on subnet 192.168.122.1
The samba smbd log simply reports the connection denials:
[2021/01/17 23:07:40.304626, 0] ../../lib/util/access.c:371(allow_access) Denied connection from 192.168.1.30 (192.168.1.30
There's nothing in the SELinux logs for that date.
I checked firewall-config on the storage server and verified that the samba service is allowed (but not samba-client or samba-dc).
Is there a really comprehensive setup checklist available for setting up samba on CentOS? The partial how-tos I've been able to find are obviously not enough. I'm looking for completer smb.conf setup, firewall settings, required services, directory permissions, accounts, and anything else that's required. I'm running up against very unhelpful roadblocks that seem to indicate a critical permissions problem but nothing specific.
V/R --Doc Savage Fairview Heights, IL
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
I’m not exactly sure if this may be the same issue I experienced but Google smb1 and windows10 . Apparently Microsoft removed support for Ann version 1 from windows 10 after one of the release updates
https://go.Microsoft.com/fwlink/?linkid=852747
Chris
On Fri, 2021-01-29 at 06:32 -0600, Chris Weisiger wrote:
I’m not exactly sure if this may be the same issue I experienced but Google smb1 and windows10 . Apparently Microsoft removed support for Ann version 1 from windows 10 after one of the release updates
Chris,
I added the following line to [global], but it didn't fix the problem.
server max protocol = SMB2
--Doc
I could never connect to my smb shares . So I browsed directly to a shared folder when I received the message that directed me to the link of which I sent earlier. I’m not sure how to tell what protocol version samba uses but it may be that it’s using the ver 1. I haven’t looked into trying to fix mine as I’m going to be redoing my Linux server and then after that I’ll be seeing if I can connect with my win10 pc. Don’t feel like adding any unnecessary patches to my win 10 machine unless I have to after I update my Linux box.
Might want to do more research and see what actual protocol version the smb server is using
Sent from my iPhone
On Jan 29, 2021, at 12:02 PM, Robert G. (Doc) Savage dsavage@peaknet.net wrote:
On Fri, 2021-01-29 at 06:32 -0600, Chris Weisiger wrote:
I’m not exactly sure if this may be the same issue I experienced but Google smb1 and windows10 . Apparently Microsoft removed support for Ann version 1 from windows 10 after one of the release updates
Chris,
I added the following line to [global], but it didn't fix the problem.
server max protocol = SMB2
--Doc
-
Chris Weisiger -
Robert G. (Doc) Savage