那些遇到过的问题

Samba 配置,状态[NT_STATUS_ACCESS_DENIED],

Geo*_*rge 5 linux samba linux-networking centos7

我正在尝试使用 centos7 配置 samba,以便从 Windows 10 客户端访问。

日志级别 = 1我在重新安装 centos 后使用了来自同一服务器的以前工作的 smb.conf。

log level = 10 您实际上可以跳过阅读此内容,其级别为 10 的详细信息。

开始

我对配置 linux 服务器很陌生,我熟悉基本的 linux 命令ls chmod chown ...

我按照这篇文章在 wlan 网络上配置了一个安全共享,然后和同事一起测试,一切正常,除了他没有共享的执行权限,路径是/home/CompanyFiles/All

所以我执行了 cd /home/

然后 chmod -R 777 /

然后我成功更改了整个centos文件的权限并破坏了centos安装。

经过一番谷歌搜索后,我决定重新安装 centos 比尝试从 chmod 命令中恢复要好,这是可行的,因为我只在其上安装了 samba,所以我将 smb.conf 复制到另一台机器上,重新安装了 centos 并重新安装了 samba,然后我使用了旧的 smb.conf。

结尾

smb.conf: 

[global]
        workgroup = WORKGROUP
        security = user
        map to guest = Bad User
        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw
        log level = 4
        #ntlm auth = yes
        passdb backend = tdbsam
        netbios name = adServer

[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browsable = No
        read only = No
        inherit acls = Yes
[CompanyFiles]
        path = /home/CompanyFiles
        guest ok = yes
        browsable = no
        writable = yes

[All]
        comment = Company Access
        path = /home/CompanyFiles/All
        guest ok = no
        browsable = yes
        writable = yes
        #access based share enum = yes
Run Code Online (Sandbox Code Playgroud)

文件夹的权限是:

drwxrwx--x. 3 everyad adusers 17 Feb 26 09:32 CompanyFiles

drwxrwx--x. 2 everyad adusers 42 Feb 26 11:43 All

其中所有用户都是 aduser 组的成员。

尝试访问的用户也是在 smb 上创建的 smbpasswd -a username

但是当我尝试从 Windows 10 访问服务器时出现以下错误

您无权访问服务器...

请不要因为我删除了 samba 并重新安装了它而没有成功。

将日志级别设置为 4 时,我收到status[NT_STATUS_ACCESS_DENIED],但级别较低时,我没有收到错误消息。

[2018/03/07 12:16:46.480678,  4] ../source3/smbd/uid.c:384(change_to_user)
  Skipping user change - already user
[2018/03/07 12:16:46.480788,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.480835,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.480864,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.480913,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.481098,  4] ../source3/smbd/uid.c:384(change_to_user)
  Skipping user change - already user
[2018/03/07 12:16:46.481145,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.481172,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.481202,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.481244,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.481407,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.481671,  4] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
  Create of internal pipe srvsvc requested
[2018/03/07 12:16:46.485044,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.485191,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.485232,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.485286,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.485387,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.485519,  4] ../source3/smbd/uid.c:384(change_to_user)
  Skipping user change - already user
[2018/03/07 12:16:46.485564,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.485593,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.485617,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.485662,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.486887,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.647037,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.647199,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.647244,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.647280,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.647399,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.647849,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.648141,  3] ../source3/rpc_server/srv_pipe.c:732(api_pipe_bind_req)
  api_pipe_bind_req: srvsvc -> srvsvc rpc service
[2018/03/07 12:16:46.648192,  3] ../source3/rpc_server/srv_pipe.c:355(check_bind_req)
  check_bind_req for srvsvc context_id=0
[2018/03/07 12:16:46.648242,  3] ../source3/rpc_server/srv_pipe.c:398(check_bind_req)
  check_bind_req: srvsvc -> srvsvc rpc service
[2018/03/07 12:16:46.762983,  4] ../source3/smbd/uid.c:384(change_to_user)
  Skipping user change - already user
[2018/03/07 12:16:46.807647,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.807736,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.807758,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.807777,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.807808,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.816357,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.816537,  4] ../source3/smbd/sec_ctx.c:217(push_sec_ctx)
  push_sec_ctx(1006, 1014) : sec_ctx_stack_ndx = 1
[2018/03/07 12:16:46.816566,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 1
[2018/03/07 12:16:46.816606,  4] ../source3/rpc_server/srv_pipe.c:1434(api_rpcTNP)
  api_rpcTNP: srvsvc op 0x10 - api_rpcTNP: rpc command: SRVSVC_NETSHAREGETINFO
[2018/03/07 12:16:46.816664,  4] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx)
  pop_sec_ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.845244,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.845361,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.845381,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.845393,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.845409,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.845461,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.859382,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.859442,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.859458,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:46.859467,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:46.859482,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2449
[2018/03/07 12:16:46.859547,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:46.859580,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_FS_DRIVER_REQUIRED] || at ../source3/smbd/smb2_ioctl.c:309
[2018/03/07 12:16:48.603901,  4] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1006, 1014) - sec_ctx_stack_ndx = 0
[2018/03/07 12:16:48.604057,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:48.604105,  4] ../source3/smbd/vfs.c:874(vfs_ChDir)
  vfs_ChDir to /home/CompanyFiles/All
[2018/03/07 12:16:48.604171,  3] ../source3/smbd/service.c:102(set_current_service)
  chdir (/home/CompanyFiles/All) failed, reason: Permission denied
[2018/03/07 12:16:48.604228,  3] ../source3/smbd/smb2_server.c:3097(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c
Run Code Online (Sandbox Code Playgroud)

在线搜索总是导致 selinux 的东西、防火墙或权限:

selinux 是宽容的

firewalld 被禁用

仍然遇到同样的问题

Geo*_*rge 3

我终于设法解决了这个问题。

首先,我使用net use * /delete命令行删除了 Windows 10 中的现有连接,因为凭据已保存,并且我在服务器上更改了它们

另外由于某种原因我必须smbpasswd在 /etc/samba/smb.conf:部分passdb backend = smbpasswd中指定[global]

另外 /home 权限也是错误的,我的所有共享都在 /home 中,所以我将权限重置为 755:chmod -R 755 /home

然后我根据我的需要重置所有共享权限和组访问权限。

归档时间:

查看次数:

36187 次

最近记录:

5 年,10 月 前
相关归档
如何撤消 apt-get remove? 23
如何将默认 /tmp 更改为 /home/user/tmp 18
无法删除 GRE 隧道 16
php5-fpm.log 中什么都没写 6
macOS 上的 SMB 速度非常慢 6
如何在不使用堆栈跟踪器的情况下检查进程在 linux 中是否非阻塞? 5
PPTP/GRE 多转发 NAT IPTables 示例 4
允许 PHP 写入文件而不需要 777 4
生产环境中的 Linux 软件 RAID-1 3
我改了/etc/apt/sources.list后...为什么不生效? 1
难疑归档
ls -l 权限末尾的 + 是什么意思? 173
我应该为 openvpn 使用 tap 还是 tun? 104
我需要在防火墙中打开哪些端口才能使用 NFS? 94
您是否需要在 nginx 中使用单独的 IPv4 和 IPv6 侦听指令? 86
Windows 服务器多久需要重启一次? 79
Puppet 不应该管理什么? 70
高流量站点如何为超过 65535 个 TCP 连接提供服务? 67
使用 aws cli 从 Amazon S3 下载时导致拒绝访问的原因是什么? 60
在 IIS 上,如何修补 SSL 3.0 POODLE 漏洞 (CVE-2014-3566)? 53
PECL 命令产生一长串错误 52