When setting up a Samba share on CentOS 5.2 (Samba 3.0.33-3.29), I encountered persistent "Permission denied" errors despite seemingly correct configurations. The share was configured in /etc/samba/smb.conf as follows:

[upload]
        comment = upload folder
        path = /upload
        valid users = kevin root
        public = yes
        writable = yes
        browsable = yes
        create mask = 0777
        directory mask = 0777
        guest ok = yes

Before diving deeper, let's validate the fundamental requirements:

# Check directory permissions
ls -ld /upload
# Should show kevin as owner
drwxrwxrwx 2 kevin root 4096 Jul 2 17:00 /upload

# Verify Samba user exists
sudo pdbedit -L | grep kevin
# Should list kevin:XXX:XXXXXXXXX

The key evidence came from /var/log/samba/smbd.log:

[2010/07/02 16:56:10, 0] smbd/service.c:make_connection_snum(1013)
  '/upload' does not exist or permission denied when connecting to [upload] Error was Permission denied

This indicates either:

1. SELinux is blocking access
2. Filesystem permissions are insufficient despite the 777 masks
3. Parent directory permissions are restrictive

1. SELinux Context Configuration

For CentOS systems, SELinux often interferes with Samba shares:

# Check current SELinux context
ls -Z /upload
# Apply proper context
sudo chcon -t samba_share_t /upload
# Make it persistent
sudo semanage fcontext -a -t samba_share_t "/upload(/.*)?"
sudo restorecon -R -v /upload

2. Filesystem Permission Verification

Even with 777 permissions, parent directories matter:

# Check all parent directory permissions
namei -l /upload
# Should show at least rx permissions for all components

3. Samba Configuration Tweaks

Try adding these parameters to your share definition:

[upload]
        force user = kevin
        force group = kevin
        inherit permissions = yes
        inherit acls = yes

4. Windows Client Configuration

For Windows 7 clients, ensure these registry settings:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LmCompatibilityLevel"=dword:00000001

When basic fixes don't work, try these diagnostic commands:

# Test Samba configuration
testparm -s

# Check smbd process capabilities
sudo getcap /usr/sbin/smbd

# Enable verbose logging in smb.conf
log level = 3 auth:5 auth_audit:5

# Test share access manually
smbclient //localhost/upload -U kevin

Remember that older Samba versions (like 3.0.x) may have compatibility issues with newer Windows clients. Consider upgrading Samba if possible.

---

When your Windows machine throws error code 0x80070035 while trying to access a Samba share on CentOS, it typically indicates one of three things:

• Permission issues at either the filesystem or Samba level
• Configuration problems in smb.conf
• Authentication protocol mismatches

The error log clearly shows "/upload does not exist or permission denied". Let's verify the directory exists and has correct permissions:

# Check directory existence and permissions
ls -ld /upload
# Expected output:
# drwxrwxrwx 2 kevin root 4096 Jul 10 10:00 /upload

# If permissions are incorrect:
chown kevin:root /upload
chmod 2777 /upload  # 2 for SGID bit if needed

The sticky bit (1777) might be necessary if multiple users need to maintain ownership of their files.

Your current smb.conf has potential conflicts that need resolution:

[upload]
    comment = upload folder
    path = /upload
    valid users = kevin root
    public = yes       # Conflicts with 'valid users'
    writable = yes
    browsable = yes
    create mask = 0777 # Consider more restrictive like 0770
    directory mask = 0777
    guest ok = yes     # Conflicts with authentication requirements
    force user = kevin # Ensures files are owned by kevin
    force group = root

Windows 7 and CentOS 5.2 might have NTLM version mismatches. Add these to your smb.conf global section:

[global]
    client ntlmv2 auth = yes
    client use spnego = yes
    ntlm auth = yes
    lanman auth = no

Test basic connectivity before troubleshooting Samba:

# From Windows command prompt:
ping cos-01
nbtstat -A 172.17.3.90

# From CentOS:
testparm -s
smbclient -L localhost -U kevin

CentOS 5.2 might have these blocking access:

# Check SELinux context:
ls -Z /upload

# If needed:
chcon -t samba_share_t /upload

# Firewall rules:
iptables -I INPUT -p tcp --dport 139 -j ACCEPT
iptables -I INPUT -p tcp --dport 445 -j ACCEPT
service iptables save

When basic fixes don't work, try these diagnostic commands:

# Monitor Samba access in real-time:
tail -f /var/log/samba/log.smbd

# Test share access directly:
smbclient //cos-01/upload -U kevin -d 3

# Verify name resolution:
nmblookup cos-01