1

I have a friend who works at a business where the IT guy has passed away and I am trying to help them until they can hire someone else. It is a workgroup networked with a Linux server. They recently hired a new employee who is needing access to their file share. I have never used Linux but tried to create a user but he can not access the file share.

When he tried to access the server \server1 he of course can not connect to it.

Here is where I'm at so far.

I created a user on their server name chris and added him to what I believe are the groups.

The user cary is set up correctly and can access the file share so I am trying to copy his access.

The following is the id chris and id cary and what I think may be the issue.

uid=1010(cary) gid=100(users) groups=100(users),101(cad),1005(samba) uid=1035(chris) gid=1035(chris) groups=1035(chris),100(users),101(cad),1005(samba)

I see chris has the first gid of 1035 so I'm assuming it needs to be changed to 100. He then has groups=1035(chris) that shouldn't be there at all?

Any help would be appreciated! Thanks!

Improve this question

2 Answers 2

Reset to default
1

What should the group of a user in Linux be to access samba?

  • it should be of the group that makes sense admin-wise to protect files on the linux [samba] server, and it will be in the simple context of folder & file permissions as they are set in Linux, as is drwxrwxrwx when you do an ls -l
  • once samba authentication successfully happens from client to server, then the linux file system permissions are in effect, that's it, so apply group permissions to files/folders in Linux as you see fit but then the user needs to have access to see them - this is no different whether you are logged directly into Linux at the terminal or over a Samba connection
  • you did not mention what version of Linux, but if selinux is in affect then the samba_share_t selinux label needs to be applied to the folder that is the share on the samba server, otherwise will be able to first connect to the samba server but then you will be denied access into the folder
    • doing setenforce 0 at the prompt and seeing if samba access immediately then works, is an easy way to diagnose the problem if it is selinux causing it; and setenforce 1 to turn back on if it was; first do sestatus to see what's what.
    • setsebool -P samba_enable_home_dirs on see /etc/samba/smb.conf.example for explanation.

if a user cannot initially connect to the samba [linux] server from a windows pc (client), such as by doing just \\192.168.1.1 (*or whatever the samba server ip address is) then check to make sure the windows user account name matches the linux account name as listed in /etc/passwd and then if /etc/samba/smb.conf has passdb backend = tdbsam then for any user they need to have a samba password set via smbpasswd -a <username> which you can verify by seeing their account name show up from a pdbedit -L. When the samba password matches the windowsNT password (not a windows pin) then the samba server grants access.

Improve this answer
0

I would suggest change the primary group of the user chris like this

usermod -g users chris

This will change the primary group of chris from chris(1035) to users(100)

As I have no idea on how samba is configured, that is all I can suggest, you can always switch back to original config as follows.

usermod -g chris chris

Also ensure that user logs out and log in again after you make any changes in the groups.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.