Why is samba denying me access to my share?
Solution 1
Is SELinux active? If it is, then you can make it accessible by setting the type to public_content_t. If samba should be able to write to it, then set the type to public_content_rw_t. Note that if you do the latter, you will also need to tell SELinux about this; my system-config-selinux has a boolean for this: Allow Samba to write files in directories labeled public_content_rw_t
Solution 2
There's some additional information you will need to provide to answer this question.
I chown'd the
/uploadfolder to my account 'kevin' and checked that I could create files and folders via the shell.
- Did you do this
chownas root, or as kevin, or as some other account? - What is the group currently assigned to the directory?
- What is the directory's mode? Is the execute bit set for the user and group?
I can browse to the machine from Windows 7, authenticate as 'kevin' and see my home directory share and the upload share but I can't access them.
- Is your Windows 7 machine a member of the same workgroup as the Samba server?
- Is the server a member of a domain, is it a domain controller, or is it a stand-alone server? If your Windows 7 machine is in a domain you'll want to consider joining the server to the domain as well. While not necessary, it will help with authentication.
- What is the
security =setting currently at in/etc/samba/smb.conf? If your Samba server is a member of a domain it should probably besecurity = ads; if your Samba server is stand-alone it should probably be eithersecurity = userorsecurity = share. - Do you have an entry for
client signing = no? (You may needyesinstead when connecting with newer Windows clients) - Do you have an entry for
client use spnego = no? (You may needyesinstead when connecting with newer Windows clients) - Is
winbindrunning? If your server is not a domain member or a domain controller this may cause a bit of confusion while running; stand-alone servers do not need this service.
Related videos on Youtube
03 : 38
24 : 24
03 : 00
![[SOLUTION] Windows 10 can't connect to Samba share (Guest access)](https://i.ytimg.com/vi/e53tueIdvrE/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLA5W9l4RYSztHjmLPaH_HW_MdEmXw)
01 : 00
03 : 36
Kev
###Actively looking for freelance work ###About Me: I'm a professional software developer and have spent my time building provisioning and web based self-service systems for IIS, Apache and Citrix XenServer, amongst other things. My Curriculum Vitae can be viewed on Stack Overflow Careers (might be a bit out of date). Stuff I like to listen to at last.fm You can get in touch here: kevin.e.kenny #@# gmail.com (you know what to do with the # and spaces). No Survey Emails Please. Also not ashamed to admit I like trains, mostly diesels, late Era 8 (BR Sectorisation) and Era 9 onwards :) I'm also interested in signalling if anyone from Network Rail is looking this far down ;)
Updated on September 17, 2022Comments
-
Kev over 1 year
On my CentOS 5.2 box running Samba (3.0.33-3.29) I created a folder called
/upload.In samba I configured a share like this:
[upload] comment = upload folder path = /upload valid users = kevin root public = yes writable = yes browsable = yes create mask = 0777 directory mask = 0777 guest ok = yesI
chown'd the/uploadfolder to my account 'kevin' and checked that I could create files and folders via the shell.I can browse to the machine from Windows 7, authenticate as 'kevin' and see my home directory share and the
uploadshare but I can't access them.Windows reports:
Network Error Windows cannot access \\cos-01\upload Check the spelling of the name. Otherwise, there might be a problem with your network. To try to identify and resolve network problems, click Diagnose. Error code: 0x80070035 The network path was not found.
This is a check list of what I've done:
- the account
kevinwas added to samba usingsmbpasswd -a kevinand setting my password at the same time. The samba and centos passwords are both the same. - the server name
cos-01is in the/etc/hostsfile i.e.
172.0.0.1 localhost localhost.localdomain 172.17.3.90 cos-01
- I've also set the netbios name in
/etc/samba/smb.conf - I configured Windows 7's LAN Manager authentication level to "Send LM & NTLM - use NTLMv2 session security if negotiated"
Update:
I tried accessing the share by both IP address and server name i.e. \cos-01\upload or \172.16.3.90\upload. In both cases I get the same error as detailed above.
I checked the
/var/log/samba/smbd.loglogfile and see lots of:[2010/07/02 16:56:10, 0] smbd/service.c:make_connection_snum(1013) '/upload' does not exist or permission denied when connecting to [upload] Error was Permission denied
- the account
-
Kev almost 14 yearsHi Martin - I just updated my question with answers to your suggestions. Cheers.
-
Kev almost 14 yearsHi Kevin - SELinux is enabled (enforcing/targeted). I don't seem to have a
system-config-selinuxtool though. Can I set this usingsetsebool allow_smbd_anon_write 1, is that the same? -
Kev almost 14 yearsOk...needed to yum install policycoreutils-gui to get system-config-selinux...however this is a server and I'm guessing this is a gui based tool?
-
fxmtor almost 14 yearssystem-config-selinux is indeed a gui based tool. If I run that on my server and toggle the option, I find that
getsebool allow_smbd_anon_writereturns toggled results. So I would run that command and see if it does work. -
orangephoenix almost 14 yearsHello Kev, sorry for my late react, I wasn't here for a while. Is the configuration correct (try command
testparm)? Have you tried to mount the share from linux (viasmbmount)? -
Kev almost 14 yearsthanks for the answer, I'll check this out when I get a moment to turn my attentions back to this.
-
Joshua Enfield over 13 years
setenforce 0- will test if it's SELinux causing the problem. A restart orsetenforce 1will turn it back on. -
Lucas Kauffman about 12 yearsPlease include the relevant pieces of info of the link in your answer.The link might go dead one day and then your answer will be useless. -
Moshe over 11 yearsLike it has? ...
-
HopelessN00b over 11 years@Moshe Maybe pay attention to the edit date and the date of the comment?
