Apologies, I know it’s a long post. But I’ve done a TON of troubleshooting here and am at a standstill. Security issues aside for the moment… I’m having difficulty with logging onto certain shares from one machine to the next and/or editing things on the network.
3 Machines on a home network. Well there’s actually 4 but if we can get 3 working the 4th should be a breeze. 
Machine1 generally allows access to it’s entire tree which is what I want to accomplish for the other 2 machines.
But only want USER1 to have that level of access. I want full read/write access for USER1 everywhere.
Have chown and chmod so that essentially all “shares” are owned by USER1 and permissions RWX set for USER1 on the “shares” for both Machine2 and Machine3. So those are less of a problem generally.
But obviously I can’t do that for the entire tree on any machine so not sure what to do to allow USER1 complete read/write control of all machines.
Since Machine1 allows at least read access to all of it’s content, I duplicated the entire [global] stanza from Machine1 to the smb.conf file of the other 2 machines for the most part. Also have created similar wide open shares on the other 2 machines similar to the one that does work with some slight differences for testing.
All USERs have been defined via the terminal in the smbpasswd files on all three machines.
Have been beating my brains out trying to get this to work like I want for better than a week and cannot resolve.
The wife is nagging badly now about the time I’ve consumed with this.
The ultimate goal is to allow USER1 complete access to all machines FROM any of the other machines.
Firewalls were down for all these tests with many restarts of systems and samba
Machine1 opensuse 13.2 Linux 3.16.7-29-desktop Samba vers. 4.1.21-18.1-x86_64
I don’t find a “smbpasswd” password file on this system…I think they’re saved in passdb.tdb but not sure why that is different here. I’m seeing different files in each system’s /etc/samba path.
/etc/samba/smb.conf
/etc/samba/smbusers
/etc/samba/lmhosts
/etc/samba/passdb.tdb
/etc/samba/secrets.tdb
/etc/samba/cifstab
Machine1 is due some updates but I’ve hesitated to allow them as this is the ONE machine that allows access to the entire tree.
Machine1 also has a printer attached that I access from the other machines which I think is why ports are defined in the global stanza here.
from Machine1 USER1 CAN see, CAN read from but NOT write to Machine2 [Shared].
from Machine1 USER1 CAN see, but can NOT access the [MACHINE2] share. Prompts for password but is rejected.
from Machine1 USER1 CAN see, but can NOT access the [MACHINE3] share. Prompts for password but is rejected.
from Machine1 USER1 CAN see, CAN read, but NOT write to any path of Machine3 [Shared].
Machine1 smb.config file:
[global]
workgroup = GROUPW
server string = Samba Mama
map to guest = Bad User
syslog only = Yes
log file = /usr/local/samba/var/log.%m
max log size = 50
smb ports = 139, 445
name resolve order = bcast, host, lmhosts, wins
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
load printers = yes
use client driver = yes
domain master = No
usershare owner only = No
inherit acls = Yes
[MACHINE1]
comment = full access
path = /
valid users = USER1, USER2, USER4, USER3
read only = No
guest ok = Yes
write list = @ntadmin, root
[printers]
comment = All Printers
path = /var/tmp
create mask = 0700
guest ok = Yes
printable = Yes
print ok = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
create mask = 0664
force group = ntadmin
directory mask = 0775
Machine2 opensuse 13.2 Linux 3.16.7-35-desktop Samba vers. 4.1.22-26.1-x86_64
path to smbpasswd file: /etc/samba
Contents of /etc/samba is different from either of the other machines.
/etc/samba/lmhosts
/etc/samba/passdb.tdb
/etc/samba/schannel_store.tdb
/etc/samba/secrets.tdb
/etc/samba/smb.conf
/etc/samba/smbpasswd
/etc/samba/smbusers
from Machine2 USER1 CAN see, CAN read from, all of Machine1 folders as defined in the [MACHINE1] stanza.
But I CAN NOT write to anything but /home/USER1 on Machine1.
from Machine2 USER1 CAN see, CAN read from, but NOT write to any Machine3 [Shared] path.
from Machine2 USER1 CAN see the [MACHINE3] share on Machine3 but CAN NOT access. Prompts for password but rejects access.
Just do not understand that at all.
Machine2 smb.config file:
[global]
workgroup = GROUPW
server string = I would gladly pay you Tuesday...
map to guest = Bad User
syslog only = Yes
log file = /usr/local/samba/var/log.%m
max log size = 50
smb ports = 139, 445
name resolve order = bcast, host, lmhosts, wins
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
load printers = yes
use client driver = yes
domain master = No
inherit acls = Yes
usershare owner only = No
idmap config *
[MACHINE2]
comment = full share
path = /
valid users = USER1, USER2, USER4, USER3
read only = no
guest ok = yes
force user = USER1
write list = @ntadmin
[Shared]
comment = common shared files
path = /home/Shared
valid users = USER1, USER2, USER4
force user = USER1
guest ok = yes
[printers]
comment = All Printers
path = /var/tmp
create mask = 0700
guest ok = Yes
printable = Yes
print ok = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775
Machine3 Leap 42.1 Linux 4.1.15-8-default Samba vers. 4.2.4-9.2-x86_64
path to smbpasswd file: /var/lib/samba/private
Contents of /etc/samba much different from Machine1
/etc/samba/lmhosts
/etc/samba/smb.conf
/etc/samba/smbusers
from Machine3 USER1 CAN see, CAN read, CAN NOT write EXCEPT to /home/USER1 on Machine1 [MACHINE1].
Can open all of files from any folder. Just limited in writing/modifying.
from Machine3 USER1 CAN see the [MACHINE2] share on Machine2 but CAN NOT access it at all. Get prompted for the password but it’s not letting me in.
from Machine3 USER1 CAN see, CAN read, CAN NOT write the [Shared] share defined in Machine2’s smb.config file.
I have noted that on Machine3 for the path /Shared (and all subfolders/files) the permissions are drwxr-xr-x
But when accessing the share from Machine2 it shows /Shared with only dr-xr-xr-x
What’s modifying that? I suppose that is what’s keeping me from writing anything on the /Shared path of Machine2.
Can’t understand why I can’t access [MACHINE2] share at all.
Machine3 smb.config file:
[global]
workgroup = GROUPW
server string = Welcome to The Machine...
map to guest = Bad User
syslog only = Yes
log file = /usr/local/samba/var/log.%m
max log size = 50
smb ports = 139, 445
name resolve order = bcast, host, lmhosts, wins
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
load printers = yes
use client driver = yes
domain master = No
usershare owner only = No
[MACHINE3]
comment = All data
path = /
valid users = USER1, USER4, USER3, USER2
read only = No
guest ok = Yes
force user = USER1
write list = USER1
[Shared]
comment = all shared
path = /shares
valid users = USER1, USER2, USER4, USER3
read only = No
guest ok = Yes
force user = USER1
write list = USER1
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
Thanks for reviewing and any help!