Author Topic: Users cannot access shared folders on Zentyal 6.1  (Read 515 times)

hermano.correia

  • Zen Apprentice
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Users cannot access shared folders on Zentyal 6.1
« on: February 24, 2020, 02:22:56 pm »
Hi

After changing last friday the administrator password, today all my users except the ones with admin permissions, no longer can access the shared folders mapped. By browsing the server shared folders are visible but cannot access to the folders.

As anyone had this kind of error? Is there any suggestion?

Thanks in advance for any help.

Regards
Hermano Correia

doncamilo

  • Zen Samurai
  • ****
  • Posts: 377
  • Karma: +99/-1
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #1 on: February 25, 2020, 02:04:31 pm »
 :)

Code: [Select]
# Login as root
sudo su -
# Assuming you uses the default location for shares
cd /home/samba/shares
# Getting the data about permissions for each one of the shares
for a in *;do getfacl $a;done;

Give us the output of this command, please.

I've never known about the kind of behaviour that you are reporting.

Cheers!
"Tanta salud goces como bondad abrigues en tu corazón"

Don Camilo.

"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

hermano.correia

  • Zen Apprentice
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #2 on: February 25, 2020, 05:35:57 pm »
Thank you very much for your support.

I have been using for several years Linux systems and Zentyal since version 4.1, and never had this kind of symptoms. I have tryed several kind of troubleshooting, but I cannot figured out what can be wrong.

Here is the output of the command:

Code: [Select]
root@spzn01:/home/samba/shares# for a in *;do getfacl $a;done;
# file: assuncao_helena
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134andre:rwx
user:SPZN\134posto3:rwx
user:SPZN\134posto4:rwx
user:SPZN\134posto2:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134posto3:rwx
default:user:SPZN\134posto4:rwx
default:user:SPZN\134posto2:rwx
default:group::rwx
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:mask::rwx
default:other::---

# file: atp
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134alberto:rwx
user:SPZN\134presidente:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134alberto:rwx
default:user:SPZN\134presidente:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: backup_relogio
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134domain\040users:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134domain\040users:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: cert
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:group::rwx
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:rwx
default:mask::rwx
default:other::---

# file: contab
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134contabilidade:rwx
user:SPZN\134alberto:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134domain\040users:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134contabilidade:rwx
default:user:SPZN\134alberto:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134domain\040users:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: contab_manuela
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134andre:rwx
user:SPZN\134contabilidade:rwx
user:SPZN\134contabilidade3:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134contabilidade:rwx
default:user:SPZN\134contabilidade3:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: contab_vanessa
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134andre:rwx
user:SPZN\134contabilidade2:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134contabilidade2:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: contencioso
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134contencioso3:rwx
user:SPZN\134contencioso2:rwx
user:SPZN\134contencioso:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134contencioso3:rwx
default:user:SPZN\134contencioso2:rwx
default:user:SPZN\134contencioso:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: contencioso_carina
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134contencioso3:rwx
user:SPZN\134contencioso2:rwx
user:SPZN\134contencioso:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134contencioso3:rwx
default:user:SPZN\134contencioso2:rwx
default:user:SPZN\134contencioso:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: contencioso_cecilia
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134andre:rwx
user:SPZN\134contencioso2:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134contencioso2:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: fix
# owner: root
# group: adm
user::rwx
user:root:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::rwx
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:rwx
default:mask::rwx
default:other::---

# file: geral
# owner: root
# group: adm
user::rwx
user:root:rwx
group::rwx
group:adm:rwx
group:users:r-x
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::rwx
default:group:adm:rwx
default:group:users:r-x
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:rwx
default:mask::rwx
default:other::---

# file: global
# owner: root
# group: adm
user::rwx
user:root:rwx
group::rwx
group:adm:rwx
group:users:r-x
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::rwx
default:group:adm:rwx
default:group:users:r-x
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:rwx
default:mask::rwx
default:other::---

# file: infologia
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134posto2:rwx
user:SPZN\134contabilidade2:rwx
user:SPZN\134contabilidade:rwx
user:SPZN\134alberto:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134posto2:rwx
default:user:SPZN\134contabilidade2:rwx
default:user:SPZN\134contabilidade:rwx
default:user:SPZN\134alberto:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: inf_salarios
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134posto2:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134posto2:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: multileis
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134informacoes2:rwx
user:SPZN\134informacoes:rwx
user:SPZN\134contencioso2:rwx
user:SPZN\134contencioso:rwx
user:SPZN\134presidente:rwx
user:SPZN\134lmanuela:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134informacoes2:rwx
default:user:SPZN\134informacoes:rwx
default:user:SPZN\134contencioso2:rwx
default:user:SPZN\134contencioso:rwx
default:user:SPZN\134presidente:rwx
default:user:SPZN\134lmanuela:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: outlook_fernanda
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134andre:rwx
user:SPZN\134fernanda:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134fernanda:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: outlook_nefelicio
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:SPZN\134andre:rwx
user:SPZN\134nefelicio:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134nefelicio:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: relogio
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: scanner
# owner: root
# group: adm
user::rwx
user:root:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134domain\040users:rwx
group:SPZN\134spzn:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::rwx
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134domain\040users:rwx
default:group:SPZN\134spzn:rwx
default:mask::rwx
default:other::---

# file: ta
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: tacf
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---

# file: tesouraria
# owner: root
# group: adm
user::rwx
user:root:rwx
user:SPZN\134andre:rwx
user:SPZN\134posto3:rwx
user:SPZN\134aida:rwx
user:SPZN\134posto4:rwx
user:SPZN\134posto2:rwx
user:SPZN\134fernandag:rwx
user:SPZN\134contabilidade2:rwx
user:SPZN\134posto6:rwx
user:SPZN\134jfernandes:rwx
user:SPZN\134tesouraria:rwx
user:SPZN\134jdfernandes:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134posto3:rwx
default:user:SPZN\134aida:rwx
default:user:SPZN\134posto4:rwx
default:user:SPZN\134posto2:rwx
default:user:SPZN\134fernandag:rwx
default:user:SPZN\134contabilidade2:rwx
default:user:SPZN\134posto6:rwx
default:user:SPZN\134jfernandes:rwx
default:user:SPZN\134tesouraria:rwx
default:user:SPZN\134jdfernandes:rwx
default:group::rwx
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:mask::rwx
default:other::---

# file: teste_andre
# owner: SPZN\134administrator
# group: adm
user::rwx
user:root:rwx
user:SPZN\134andre:rwx
user:SPZN\134posto6:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:SPZN\134andre:rwx
default:user:SPZN\134posto6:rwx
default:group::rwx
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:mask::rwx
default:other::---

# file: tp
# owner: SPZN\134administrator
# group: adm
user::rwx
user:SPZN\134administrator:rwx
user:3000002:rwx
group::rwx
group:adm:rwx
group:SPZN\134domain\040admins:rwx
group:SPZN\134spzn:r-x
group:NT\040AUTHORITY\134system:rwx
mask::rwx
other::---
default:user::rwx
default:user:SPZN\134administrator:rwx
default:user:3000002:rwx
default:group::---
default:group:adm:rwx
default:group:SPZN\134domain\040admins:rwx
default:group:SPZN\134spzn:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:mask::rwx
default:other::---


The problem is really strange because even if I enable the guest user and allow connection to the share folder without authentication, I still cannot access to the folder. With all this problem I still have access to backup_relogio and scanner folder. All the other ones can only be accessed with admin group users.

I appreciate any help or suggestion.

Regards
Hermano Correia
« Last Edit: February 25, 2020, 07:46:06 pm by hermano.correia »

doncamilo

  • Zen Samurai
  • ****
  • Posts: 377
  • Karma: +99/-1
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #3 on: February 26, 2020, 06:01:12 pm »
 :)

I would use smbclient from a Linux machine to study where the issue is caused:

These are the acls of a shared resource of mine:

Code: [Select]
root@pusa:/home/samba/shares# getfacl eriador/
# file: eriador/
# owner: TIERRAMEDIA\134administrator
# group: adm
user::rwx
user:TIERRAMEDIA\134administrator:rwx
user:TIERRAMEDIA\134gimli:rwx
user:TIERRAMEDIA\134elrohir:rwx
user:TIERRAMEDIA\134elladan:rwx
group::rwx
group:adm:rwx
group:TIERRAMEDIA\134domain\040admins:rwx
mask::rwx
other::---
default:user::rwx
default:user:TIERRAMEDIA\134administrator:rwx
default:user:TIERRAMEDIA\134gimli:rwx
default:user:TIERRAMEDIA\134elrohir:rwx
default:user:TIERRAMEDIA\134elladan:rwx
default:group::rwx
default:group:adm:rwx
default:group:TIERRAMEDIA\134domain\040admins:rwx
default:mask::rwx
default:other::---

In a Linux machine connected to the network use the smbclient tool to check if you can access the share with the users who should be able to access it ("gimli%gimli" it means name of the user, '%' character as separator and password of the user "gimli" -in this case that I'm in a test machine- "gimli" too):

Code: [Select]
borax@BoraxPc:~$ smbclient //10.5.20.127/eriador -U gimli%gimli
WARNING: The "syslog" option is deprecated
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Fri Feb 21 13:45:02 2020
  ..                                  D        0  Fri Feb 21 13:37:38 2020
  NIS-263.md                           N      373  Thu Jan 23 11:21:47 2020
  NIS-1229.md                          N     7421  Tue Jan 28 13:44:25 2020
  powershell-domain-settings.png      N    17047  Wed Feb 19 12:14:09 2020
  01-bckp.png                         N    80989  Wed Feb 12 16:36:13 2020
  NIS-1236.md                          N    35138  Wed Feb  5 10:21:41 2020
  NIT-297.md                        N      901  Tue Feb 11 12:50:14 2020
  NIT-257.md                        N     1940  Wed Jan 22 12:52:28 2020
  1178 Beda                         D        0  Fri Feb 21 13:44:13 2020
  NIS-1250.md                          N     1284  Tue Feb 11 11:41:49 2020
  NIS-1254.md                          N     3669  Thu Feb 20 13:21:52 2020
  NIS-1245.md                          N     8238  Thu Feb 20 18:04:14 2020
  NIS-1246.md                          N     4816  Wed Feb 12 18:06:55 2020
  NIT-282.md                        N     2969  Thu Feb  6 15:48:43 2020
  NIS-1240.md                          N     4783  Thu Feb 13 12:50:46 2020
  NIS-1199.md                          N     5303  Thu Feb  6 17:57:49 2020
  NIS-1231.md                          N    18735  Wed Feb 12 11:33:26 2020
  NIS-1209.md                          N     2773  Tue Jan 14 14:40:18 2020

Check if you can access the shares with the users who have the needed permissions this way

Cheers!



"Tanta salud goces como bondad abrigues en tu corazón"

Don Camilo.

"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

hermano.correia

  • Zen Apprentice
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #4 on: February 28, 2020, 10:06:06 am »
Thank you. I will try this weekend to install a virtual machine with Linux to test.

I will let you know the result of this test.

Regards

hermano.correia

  • Zen Apprentice
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #5 on: March 01, 2020, 10:44:22 pm »
Hi again

The problem remains using a Linux Client with smbclient. The users have the same behaviour as I have reported for the Windows 10 clients.

Any other suggestion? I am about to consider a reinstall of the samba... :-[

Thanks in advance for any clue.

Regards

doncamilo

  • Zen Samurai
  • ****
  • Posts: 377
  • Karma: +99/-1
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #6 on: March 03, 2020, 02:03:05 pm »
 :)

Run this command to check the health of the samba database (run this while it will exists some error)

Code: [Select]
sudo samba-tool dbcheck --cross-ncs --fix --yes

Cheers!
"Tanta salud goces como bondad abrigues en tu corazón"

Don Camilo.

"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

hermano.correia

  • Zen Apprentice
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #7 on: March 03, 2020, 09:59:15 pm »
Hi again

I have already tried to run this command but no errors were found:

Code: [Select]
root@spzn01:~# sudo samba-tool dbcheck --cross-ncs --fix --yes
Checking 3687 objects
Checked 3687 objects (0 errors)
root@spzn01:~#

Any idea?

Thanks

wittich

  • Zen Apprentice
  • *
  • Posts: 20
  • Karma: +3/-0
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #8 on: March 10, 2020, 11:03:59 am »
I had a similar problem. For me was the problem, that the root (/home/samba/shares/) folder didn't have the correct group rights.

So to solve the problem I checked the right from the user eg.

Code: [Select]
id user1
# uid=65541(MYDOMAIN\user1) gid=3109(MYDOMAIN\domain users) groups=3109(MYDOMAIN\domain users),3000009(BUILTIN\users)

Then I moved the profiles folder and checked the right of itself as well as the shared folder eg.

Code: [Select]
cd /home/samba/shares/
getfacl ./
getfacl ./Sharefolder
# They should both have something like:
# group: MYDOMAIN\134domain\040users

If both have correct rights you can check if you get access if you change the console user eg.

Code: [Select]
cd /home/samba/shares/
su user1
ls -lah
# Should show you all shared folders
ls -lah Sharesfolder
# Should show you the content of that shared folder

If the folder has not the correct rights you can set them using eg.

Code: [Select]
setfacl -m g:"MYDOMAIN\Domain Users":rwx ./
setfacl -m g:"MYDOMAIN\Domain Users":rwx ./Sharesfolder

Hoped that helps...

« Last Edit: March 10, 2020, 11:06:47 am by wittich »

Thanatos

  • Zentyal Staff
  • Zen Apprentice
  • *****
  • Posts: 10
  • Karma: +8/-0
    • View Profile
Re: Users cannot access shared folders on Zentyal 6.1
« Reply #9 on: March 10, 2020, 11:29:38 am »
Please, give to the community some feedback about the proposed fix

Thank you.
« Last Edit: March 10, 2020, 11:31:35 am by Thanatos »
“THERE'S NO JUSTICE, said Mort. JUST US.”