NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Having trouble with user homedir shares on CIFS
Running ROS 6.4.1 and Mac OS X 10.11
I was having trouble connecting to some CIFS shares after recent ROS and Mac updates. I managed to resolve all the regular share access by resetting file ownership and flipping SMB status in the admin UI. But with homedirs, nothing I've tried so far works. After looking at the /etc/samba/smb.conf and files in /etc/frontview/samba, everything looks like it should work from what I can tell -- and I have some experience running Samba outside ReadyNAS. *But* when I attempt to log into the user share (even after successfully connecting to other shares as that user) I get "permission denied."
I confirmed this running smbclient on the NAS itself.
# smbclient -W DOMAIN -U user //nas/user password Domain=[DOMAIN] OS=[Windows 6.1] Server=[Samba 4.2.4] tree connect failed: NT_STATUS_ACCESS_DENIED
I successfully used this CLI to access other shares as the user and indeed was able to connect as admin to //nas/home and browse the users' homedirs. So... not exactly sure what is afoot here.
The tail of the smb.conf contains:
include = /etc/frontview/samba/smb.conf.%a include = /etc/frontview/samba/smb.conf.overrides include = /etc/frontview/samba/Shares.conf include = /etc/frontview/samba/Shares.conf.%U include = /etc/frontview/samba/addons/addons.conf [homes] browseable = 0 writeable = 1 public = 0 valid users = %D\%S
The recently updated files in /etc/frontview/samba are:
-rw-r--r-- 1 admin admin 303 Jan 2 03:27 Shares.conf.admin -rw------- 1 admin admin 2991 Jan 2 03:37 Shares.conf -rw-r--r-- 1 admin admin 0 Jan 2 03:37 dfs.conf
Based on this, nothing seems amiss... but I've avoided making any manual adjustments so far.... just using the levers in the admin UI. I have looked at the /home/ directory permissions and all looks well there too. And, sadly, nothing seems to be popping up in the samba logs on the NAS that give any indications of the permission denial.
You could try renaming the users then renaming them back.
If that does not resolve it perhaps try 6.4.2 Beta?: ReadyNASOS 6.4.2-T59 (Beta 1)Did you change the NAS hostname a while back?
12 Replies
Replies have been turned off for this discussion
So the NAS is connected to a domain? Which AD Level?
Is this with your 516?
- No domain. Local accounts. Yes with the 516. What else would I be running ROS 6 on, and expect to be supported? ;) :D
- Oh if the -W DOMAIN bit was confusing above that's my fault. Just workgroup here, not domain.
Are the affected users in the "users" group or a different one?
If you create a new user does it also have this problem?
Same group. Default users group. I'll need to try a new user again. At the time I did it I was chasing s different issue. Will reply again once I'm back home to try it.
Created a new user, in same group. smbclient test worked fine with them. Looked at passwd entry, homedir permissions, etc and can't really see any particular difference between them. Well, except for one thing that I noticed earlier but now realize is a difference between the users...
The is an /etc/samba/smbpasswd file that hasn't been touched since 2014 and has encrypted passwords for some but not all users. I'll try taking the "problem" user's entry out of there and see if that helps (after taking a backup of course). ;)
Nope... updated smbpasswd, did reload on smb.service (since there are active connections, didn't want to restart it), and tried smbclient on problem user. Still get access denied.
- Yeah, I can confirm that my 516 has never been renamed since install. But interesting to note that there is a fix for the underlying cause. :) I might wait until a later beta though. 6.4's been a rocky ride.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
