NT_STATUS_ACCESS_DENIED

  • Hi,


    newbie here to OMV, although I've been working with Debian since the 90's (Slink?). Years ago I've gotten samba working by editing smb.conf, and then a few years after that with SWAT. Now I figured I would give OMV a try. For about 2 days I've been trying to get Samba working, I've been reading posts and tryng to RTFM, but no success, and I'm almost ready to go back to doing it the old fashioned way. Fresh install of OMV 2.2.3 (Stoneburner)

    From my Win7 box I can "net use" the share without error, then if I try to "DIR" I get "access denied".
    - I deleted my users and shares and recreated everything from scratch, just using permissions, not ACL's. NFS works OK, so I think my users/shares/permissions are OK.
    - I apt-get remove'd samba and installed it again.
    - Normally on all my machines my userid is "joe". I deleted "joe" and created "joseph" on OMV so the Windows and OMV box wouldn't match. It didn't help.
    - I've tried using userid "omv\joe" to avoid the credentials on windows, doesn't seem to matter.
    - I've made sure all my perms on /media/569.../* are root:users and 755 recursively. I've done setfacl -bR recursively to clean up any mess.
    - The one time I did get it working was by setting /media/569.../ owned by joe:root, it worked, but I know it's not right, so I changed it back.


    Here is what I see via smbclient


    m6300:~ $ smbclient \\\\omv\\data_joe -U joe -d3
    lp_load_ex: refreshing parameters
    Initialising global parameters
    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
    params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
    Processing section "[global]"
    added interface wlan0 ip=fe80::223:4eff:fe6d:34e1%wlan0 bcast=fe80::ffff:ffff:ffff:ffff%wlan0 netmask=ffff:ffff:ffff:ffff::
    added interface wlan0 ip=192.168.1.28 bcast=192.168.1.255 netmask=255.255.255.0
    Client started (version 3.6.25).
    Enter joe's password:
    tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: Permission denied
    tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: No such file or directory
    tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: Permission denied
    tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: No such file or directory
    resolve_lmhosts: Attempting lmhosts lookup for name omv<0x20>
    resolve_lmhosts: Attempting lmhosts lookup for name omv<0x20>
    resolve_wins: Attempting wins lookup for name omv<0x20>
    resolve_wins: WINS server resolution selected and no WINS servers listed.
    resolve_hosts: Attempting host lookup for name omv<0x20>
    tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: Permission denied
    tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: No such file or directory
    Connecting to 192.168.1.4 at port 445
    Doing spnego session setup (blob length=58)
    got OID=1.3.6.1.4.1.311.2.2.10
    got principal=NONE
    Got challenge flags:
    Got NTLMSSP neg_flags=0x608a8215
    NTLMSSP: Set final flags:
    Got NTLMSSP neg_flags=0x60088215
    NTLMSSP Sign/Seal - Initialising with flags:
    Got NTLMSSP neg_flags=0x60088215
    Domain=[DEBIAN_FANS] OS=[Unix] Server=[Samba 3.6.6]
    smb: \> ls
    NT_STATUS_ACCESS_DENIED listing \*
    smb: \> exit


    From reading posts across the web, I think the "tdb_open_ex" errors aren't what's killing me. It's the NT_STATUS_ACCESS_DENIED.
    here is syslog messages associated with above.


    May 15 13:13:09 omv smbd[27523]: [2016/05/15 13:13:09.985045, 2] auth/auth.c:309(check_ntlm_password)
    May 15 13:13:09 omv smbd[27523]: check_ntlm_password: authentication for user [joe] -> [joe] -> [joe] succeeded
    May 15 13:13:09 omv smbd[27523]: [2016/05/15 13:13:09.996623, 1] smbd/service.c:1114(make_connection_snum)
    May 15 13:13:09 omv smbd[27523]: m6300 (192.168.1.28) connect to service data_joe initially as user joe (uid=1000, gid=100) (pid 27523)
    May 15 13:13:14 omv smbd[27523]: [2016/05/15 13:13:14.134458, 1] smbd/service.c:1378(close_cnum)
    May 15 13:13:14 omv smbd[27523]: m6300 (192.168.1.28) closed connection to service data_joe


    Thanks,
    Joe

  • Read this and maybe it will give you an idea what you are doing wrong.


    <a href="http://forums.openmediavault.org/index.php/Thread/11270-How-to-make-a-good-Media-share-for-Emby-and-PlexMediaServer/">How to make a good Media share for Emby and PlexMediaServer</a>


    I saw that, and followed it step-by-step, that's when I deleted all my users and shares and recreating them as shown.

  • I "gave up" and tweaked the perms at the root of my shares, and it works of course. I've been working *nix for 20 years, and AFAIK we have always managed perms at the filesystem whether NFS or samba. This notion of an intermediate layer which handles permissions at the file system level (OMV and samba) is foreign to me. Yes, that's how applications like databases and document management systems work, but I've not seen it with filesystems. If you could point me to an explanation document, I'm open minded.


    PS: Why are we using Samba 3.6.6 from 2012? If not 4.x.x, why not at least 3.6.25? my ancient Ubuntu 12.04 box has 3.6.25.

    • Offizieller Beitrag

    The default root mounted volume is root:root 0755, for the shared folders below the root volume the default is root:users 2775
    all users created in Omv panel are part of the group "users".

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!