On Fri, 2021-01-29 at 04:40 +0000, Strahil Nikolov wrote:
> I know from experience that you need to decide how you control access
> and you got 2 options:
>
> - Linux directory is set to 777 and all control is in samba
> - Linux directory is set as if unix user will access it and you use
> the sam uid/gid for both client and server accounts (AD, FreeIPA,
> LDAP)
>
> What is your settings right now ?
>
> Best Regards,
> Strahil Nikolov
Strahil,
777 and ownership of /tank/Windows is nobody:nobody. It's actually an
empty directory right now.
Not using AD/FreeIPA/LDAP.
--Robert Savage
Fairview Heights, IL
>
> > On Thu, Jan 28, 2021 at 7:57, Robert G. (Doc) Savage via CentOS
> > <centos@xxxxxxxxxx> wrote:
> > On Tue, 2021-01-19 at 17:18 +0100, Götz Reinicke wrote:
> > >
> > > Anything in the samba logs? May be SELinux/Firewall issues?
> >
> > Götz,
> >
> > Unfortunately, no.
> >
> > The nmbd log verifies that the fileserver's samba service is the
> > local
> > master browser for WORKGROUP on both eth0 and virbr0.
> >
> > [2021/01/17 19:02:22.190795, 0]
> >
> > ../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2
> > )
> > *****
> > Samba name server LIONSTORE is now a local master browser for
> > workgroup
> > WORKGROUP on subnet 192.168.1.20
> > *****
> >
> > [2021/01/17 19:02:22.191085, 0]
> >
> > ../../source3/nmbd/nmbd_become_lmb.c:397(become_local_master_stage2
> > )
> > *****
> > Samba name server LIONSTORE is now a local master browser for
> > workgroup
> > WORKGROUP on subnet 192.168.122.1
> > *****
> >
> > The samba smbd log simply reports the connection denials:
> >
> > [2021/01/17 23:07:40.304626, 0]
> > ../../lib/util/access.c:371(allow_access)
> > Denied connection from 192.168.1.30 (192.168.1.30
> >
> > There's nothing in the SELinux logs for that date.
> >
> > I checked firewall-config on the storage server and verified that
> > the
> > samba service is allowed (but not samba-client or samba-dc).
> >
> > Is there a really comprehensive setup checklist available for
> > setting
> > up samba on CentOS? The partial how-tos I've been able to find are
> > obviously not enough. I'm looking for completer smb.conf setup,
> > firewall settings, required services, directory permissions,
> > accounts,
> > and anything else that's required. I'm running up against very
> > unhelpful roadblocks that seem to indicate a critical permissions
> > problem but nothing specific.
> >
> > V/R
> > --Doc Savage
> > Fairview Heights, IL
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
