I have problems seting up SMB server in Solaris 11.3.
I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly.
I have imported the previous zfs pool with share.smb set to on for the applicable file systems.
I have tried following the instructions in the Oracle documentation "Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.3" to setup the SMB server service (not SAMBA).
This is a home server so I do not use a AD or LDAP server and have tried setting it up using workgroups.
Added "password required pam_smb_passwd.so.1 nowarn" to /etc/pam.d/other
Reset password to populate /var/smb/smbpasswd
Code:
# passwd username
# smbadm join -w myworkgroup
The server shows up in the "Network places" and at one point I could log in to it using root, but I have not been able to open any shares using my normal user or root.
I have tried setting winnames in idmap aswell without success. Restarted the service and computer a couple of times but to no use.
At the moment the server shows up but I cannot log in to it in any way via SMB.
I have tried looking in /var/adm/messages and the most helpful error message I have seen is "access denied: guest disabled".
Enabling guest for the shares in zfs enabled me to open one of the shares but no files where then visible, so I turned the guest option off again.
Please help me get to the bottom of this. I feel like I have missed some mundane detail but I cannot figure out what.
Moderator's Comments:
Please use CODE tags as required by forum rules!
Added/Changed CODE tags.
Last edited by RudiC; 10-30-2016 at 03:48 PM..
Reason: Added CODE tags.
First, sorry for forgetting code tags. Will try to remember those in the future.
Just to make sure. I tried to restart the service. I have also restarted the computer earlier after trying to make things work.
Still not working.
I tried to log in to the machine from my windows computer and then looked in /var/adm/messages and had these entries:
Code:
Oct 30 22:52:27 Solaris smbd[3704]: [ID 702911 daemon.notice] service shutting down
Oct 30 22:52:27 Solaris smbd[3704]: [ID 702911 daemon.notice] service terminated
Oct 30 22:52:27 Solaris smbd[4057]: [ID 702911 daemon.notice] dyndns: failed to get domainname
Oct 30 22:52:27 Solaris smbd[4057]: [ID 702911 daemon.notice] service initialized
Oct 30 22:52:55 Solaris smbd[4057]: [ID 812811 daemon.notice] logon[windowscomputer\username]: LOGON_FAILURE
Oct 30 22:52:56 Solaris last message repeated 1 time
Oct 30 22:55:17 Solaris gdm-simple-greeter[3795]: [ID 702911 daemon.warning] atk-bridge-WARNING: AT_SPI_REGISTRY was not started at session startup.
Oct 30 22:57:28 Solaris smbd[4057]: [ID 812811 daemon.notice] logon[windowscomputer\username]: LOGON_FAILURE
I can login to Solaris both thru desktop/GNOME and ssh with my user. Using that same user without elevation of root I can access and view the folder shares locally aswell so it should not be a access problem, but you never know.
I tried creating a new filesystem as you suggested (tank/smbtest) including the following steps with setting up sharing over smb but that did unfortunately not change anything.
I tried in a stroke of desperation to login thru my android surfpad, and it would show all the shares unlike my windows computer, but it would not login. So I tried in my windows computer to enter the path to the newly created share and a music share with 774 but could not login.
I even tried entering the music share in my sonos but it would not have it either.
last entries in /var/adm/messages after my tries as follows
Code:
Oct 31 20:58:28 Ugglan smbsrv: [ID 421734 kern.notice] NOTICE: [NT Authority\Anonymous]: tank_smbtest access denied: IPC only
Oct 31 20:58:28 Ugglan last message repeated 1 time
Oct 31 21:04:08 Ugglan smbsrv: [ID 421734 kern.notice] NOTICE: [UGGLAN\guest]: Audio access denied: guest disabled
Oct 31 21:04:09 Ugglan last message repeated 7 times
Oct 31 21:04:09 Ugglan smbsrv: [ID 421734 kern.notice] NOTICE: [NT Authority\Anonymous]: Audio access denied: IPC only
Oct 31 21:04:09 Ugglan last message repeated 1 time
Oct 31 21:04:09 Ugglan smbsrv: [ID 421734 kern.notice] NOTICE: [UGGLAN\guest]: Audio access denied: guest disabled
Oct 31 21:04:09 Ugglan last message repeated 3 times
Oct 31 21:04:24 Ugglan smbd[4057]: [ID 812811 daemon.notice] logon[UGGLAN\user1]: LOGON_FAILURE
Oct 31 21:04:24 Ugglan last message repeated 4 times
Oct 31 21:04:24 Ugglan smbsrv: [ID 421734 kern.notice] NOTICE: [NT Authority\Anonymous]: Audio access denied: IPC only
Oct 31 21:04:24 Ugglan last message repeated 1 time
Oct 31 21:04:24 Ugglan smbsrv: [ID 421734 kern.notice] NOTICE: [UGGLAN\guest]: Audio access denied: guest disabled
Oct 31 21:04:24 Ugglan last message repeated 3 times
Oct 31 21:35:38 Ugglan smbd[4057]: [ID 812811 daemon.notice] logon[Wombat\user1]: LOGON_FAILURE
Ugglan is the name of the Solaris server, Wombat is the windows laptop. Username changed to user1 as I'm not sure how safe it is to include usernames in an open forum like this.
The different behaviour of the surfpad led me to think if it might have anything to do with me having the same username on the windows computer and in solaris? On the other hand, it did work fine with same usernames in both computers before the reinstall.
Can I have messed something up in my initial setup of the SMB server? Can I somehow start over from scratch and try again from a clean slate?
Do the SMB server itself have any logs to look in or am I stuck with looking in messages?
Please tell me if there are any log or any information that I can try to provide to find a solution to this mystery.
I tried following a similar troubleshooting guide in the document mentioned in my first post but I will go through the one you provided as well when I get home.
Just to make sure I haven't set everything up with wrong assumptions, what would be the best "mode" for smb to run in?
As mentioned earlier this is a home server connected to a normal home router. For smb, it is mainly serving a windows computer, some music players and the occasional surfpad or mobile phone. I do not have or use any AD server or LDAP. So the Solaris machine is very much a stand alone server.
I have assumed that I should run smb in workgroup mode and use idmu.
Is this correct or should my approach be different?
How should I go about/what strategy should I have configuring smb in my use case?
Skickat från min D5803 via Tapatalk
---------- Post updated at 09:19 PM ---------- Previous update was at 09:13 PM ----------
SOLVED!
directory_based_mapping shall NOT be set to idmu, but to none for my usecase as a stand alone server.
and then restarted idmap and smb and everything worked as it should immediately.
For reference to others:
I compared the smb manifest and method files against a backup of the previous installation and they were as far as I could tell an exact match.
That together with the problem seeming to revolve around credentials got me to start reading up on how smb handles logins, samba security modes and identity mapping and found a quite good samba manual/guide in the docs section at samba.org that mentioned that idmap was not relevant when running a stand alone server using workgroups.
And after that things worked itself out relatively quickly.
Thanks for the help and things to try, it really helped me look for the right clues leading up to the solution!
All I'm running an OpenSolaris system (Nexenta). When doing a svcs I see that/network/smb/server is in maintenance mode.
I have run a clear on the service and restarted. I see the same service show online* for a bit but then, enters maintenance every time.
In the service log I... (2 Replies)
Hi,
I am in the process FTPing some of my report files from my production server to another FTP server through batch/Shell Script.
This is working fine with the password less authentication.
Once i place all my report files in the ftp server the end users need to download ... (3 Replies)
Hi All,
While I was trying to login to the console of my machine I got the following error messages ::
body { margin: 0 0 0 0; padding:0 0 0 0 }td,div { font-family:Tahoma;font-size:8pt;vertical-align:top }/* Copyright IBM Corp. 2011 All Rights Reserved. */body { margin:... (2 Replies)
Hi,
I am facing strange problem in solaris 10.
My requirement is that on server A using user test, any user which is created on Server B will be able to login wihtout password (ssh) from Server A
All the users which are on Server B are able able to login from Server A using test user.
... (8 Replies)
Hi,
Please could someone advise I'm trying to use winscp from a Window server 2008 R2, but i need to add the authentication key to access the linux rh 5.4 servers ?
What is the best way of approaching this ?
If there are any web links that could help me do this, that would be good.
... (1 Reply)
Hi,
When I am trying to do ssh to a server it shows below error.
Key setup is all good and it used to work well few days back. Now suddenly I am getting this error.
ssh -i <private_key> <id>@<hostname>
Received disconnect from <hostname> Account is locked or login administratively... (1 Reply)
Hi,
I am trying to install Oracle 11g R2 on Oracle Enterprise Linux (5.4 version, which is basically some Redhat version).
I have created oracle user, when I tried installing, the installer erred out saying there is no enough space. I logged out and when I logged in back, user oracle was... (2 Replies)
I have a problem on a SCO Unix504 box where no user with a setr password is allowed to login.
When you enter a username with-out a password and press enter you are allowed to login, when using a name with a password it skips the password entry line and gives the message Incorrect password.
This... (0 Replies)
10-30-2016
