Samba Error: NT_STATUS_ACCESS_DENIED listing \*

Issues related to applications and software problems
Post Reply
jvantslot
Posts: 2
Joined: 2015/06/17 01:08:18

Samba Error: NT_STATUS_ACCESS_DENIED listing \*

Post by jvantslot » 2018/08/18 22:53:04

I'm pulling my hair out with this one. New to Samba 4 so I'm sure I'm missing something. I've got Samb 4.71 installed on a CentOS 7.5.1804 server. I have unix groups users, operations and facilities setup with the appropriate users in them.

When I connect to the Samba share as anyone in those groups I'm getting a "NT_STATUS_ACCESS_DENIED listing \*" error. The home dirs and public dir behaves appropriately. Users can access the share and add, modify and delete files and directories.

However the facilities and operations shares give the error NT_STATUS_ACCESS_DENIED listing \*

SELINUX has been disabled and the server rebooted, but I still get the error.

It doesn't seem to matter if I use valid user = +groupname or @groupname. Users are unable to list or modify, add or delete files and directories.

Any ideas what is mis-configured here?

Code: Select all

[global]
        logon drive = H:
        ntlm auth = true
        username map = /etc/samba/username.map
        domain master = yes
        logon home = \\%L\%U
        passdb backend = tdbsam
        netbios name = srv1
        logon script = %U.bat
        local master = yes
        workgroup = MYDOMAINNAME
        logon path = \\%L\Profiles\%U
        os level = 60
        security = user
        add machine script = /usr/sbin/useradd -d /dev/null -g 1010 -s /sbin/nologin -M %u
        preferred master = yes
        domain logons = yes
        log level = 3
        
        [homes]
        comment = Home Directories
        browseable = no
        writable = yes

        [printers]
        comment = All Printers
        path = /var/spool/samba
        browseable = no
        guest ok = no
        writable = no
        printable = yes
        
        [netlogon]
        comment = Network Logon Service
        path = /home/share/netlogon
        writable = no
        public = no
        browseable = no
        root preexec = /home/share/netlogon/bin/logonscript.pl %U %M %L %h
        root postexec = /home/share/netlogon/bin/logoutscript.pl %U %M %m

        [Profiles]
        path = /home/share/profiles
        writable = Yes
        browseable = No
        create mode = 0644
        directory mode = 0755
        csc policy = disable
        guest ok = yes

        [public]
        comment = Public Share
        path = /home/share/public
        public = yes
        writable = yes
        printable = no
        write list = +users
        force group = users
        create mask = 0660
        directory mask = 0770

       [facilities]
        comment = Facilities Share
        path = /home/share/facilities
        write list = +facilities
        force group = facilities
        create mask = 0660
        directory mask = 0770

       [operations]
        comment = Operations Share
        hide files = /~*/
        path = /home/share/operations
        write list = +operations
        force group = operations
        create mask = 0660
        directory mask = 0770


Post Reply