Ubuntu
samba package

  1. Bug #1292548
  2. Comment #9

Comment 9 for bug 1292548

Revision history for this message
Raoul Bhatia (raoul-bhatia) wrote : Re: Standalone Server: Update from Samba 2:3.6.18-1ubuntu3.1 (saucy) to 2:4.1.3+dfsg-2ubuntu3 (trusty) breaks access to the server

Hi Robie,

Yes, there is a "valid users = %S" line present in the smb.conf file.
When I comment it out, smbclient -L works as expected.

What i did:
1) Comment out "valid users = %S", see the diff:
> root@ubuntu:/etc/samba# diff -u ~/smb.conf.old smb.conf
> --- /root/smb.conf.old 2014-04-01 18:19:16.880909594 +0200
> +++ smb.conf 2014-04-01 18:19:40.065312095 +0200
> @@ -211,7 +211,7 @@
> # The following parameter makes sure that only "username" can connect
> # to \\server\username
> # This might need tweaking when using external authentication schemes
> - valid users = %S
> +; valid users = %S
>
> # Un-comment the following and create the netlogon directory for Domain Logons
> # (you need to configure Samba to act as a domain controller too.)

2) Restart samba:
> root@ubuntu:/etc/samba# service samba restart

3) Test the connectivity:
> root@ubuntu:/etc/samba# smbclient -L \\localhost -U ubuntu
> Enter ubuntu's password:
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.3-Ubuntu]
>
> Sharename Type Comment
> --------- ---- -------
> IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu))
> print$ Disk Printer Drivers
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.3-Ubuntu]
>
> Server Comment
> --------- -------
> UBUNTU ubuntu server (Samba, Ubuntu)
>
> Workgroup Master
> --------- -------
> WORKGROUP UBUNTU

There are a number of other options which IMHO are placed under [homes] but are commented in:

Here the full, unchanged default smb.conf file (read only, create mask, directory mask, valid users):
---------------------------- c u t ----------------------------
#======================= Share Definitions =======================

# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user's home directory as \\server\username
;[homes]
; comment = Home Directories
; browseable = no

# By default, the home directories are exported read-only. Change the
# next parameter to 'no' if you want to be able to write to them.
   read only = yes

# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
   create mask = 0700

# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
   directory mask = 0700

# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.
# The following parameter makes sure that only "username" can connect
# to \\server\username
# This might need tweaking when using external authentication schemes
   valid users = %S

# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
;[netlogon]
; comment = Network Logon Service
; path = /home/samba/netlogon
; guest ok = yes
; read only = yes

# Un-comment the following and create the profiles directory to store
# users profiles (see the "logon path" option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
;[profiles]
; comment = Users profiles
; path = /home/samba/profiles
; guest ok = no
; browseable = no
; create mask = 0600
; directory mask = 0700

[printers]
   comment = All Printers
---------------------------- c u t ----------------------------

Also, i compared this with to the smb.conf from samba 2:4.1.6+dfsg-1 which i took from Debian Jessie and applied on my Ubuntu 14.04 "Ubuntu Trusty Tahr (development branch)". In this configuration, everything below "[homes]" is commented out.

Cheers,
Raoul