# backup on a fbsd samba server: access denied



## tamia (Jul 5, 2018)

hi all 

I'm trying to setting up a FreeBSD backup server on a Windows network. All's fine (install, configuration...) but since this morning i have trouble:

First of all, how it's work

- The Windows PC's (Win 7 x86_64 SP1) have a little batch script, very simple, like


```
echo backup on server started
 
xcopy  "D:\Documents\*.*"  \\BACKUP\documents\*.*  /e /c /f /h /y 
 
time /t 
pause
```

On the server side, here's the configuration

/usr/local/etc/smb4.conf

```
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
netbios name = backup
wins support = yes
security = user
passdb = tdbsam
domain master = Yes

[documents]
path = /usr/home/$user/documents
writable = yes
browsable = yes
read only = no
guest ok  = no
public = no
create mask = 0666
directory mask = 0755
```


Yesterday all was fine, the backup was running successful. Today, when the batch file is launched (after the clients are shutting down), it's says "access refused" (even when pf and the windows firewall are disabled)... but i can access manually to the shared folder on server

On rc.conf

```
samba_server_enable="YES"
```

On pf.conf

```
# allowed ports 
tcp_services = "{137:139, " $ssh_port " }"
```


What could be wrong ? It's the first time that i use FBSD for a backup server... so maybe it's a "noob" mistake  

Thanks in advance 

Regards


----------



## SirDice (Jul 5, 2018)

Ports 137 to 139 are the old NetBIOS ports, you really should stop using those. Everything runs on TCP port 445 nowadays.


----------



## VladiBG (Jul 5, 2018)

If you can access the share "\\BACKUP\documents" under that user the backup script that your are using must be run with the same user credentials to be able to connect the share. Other method is to first to map the share as a network drive with user/pass then to backup the files to that mapped drive.

Also you may consider start using robocopy with mir option.


----------



## tamia (Jul 5, 2018)

SirDice said:


> Ports 137 to 139 are the old NetBIOS ports, you really should stop using those. Everything runs on TCP port 445 nowadays.



i didn't know, thank you, added to pf.conf and 137:139 removed 



VladiBG said:


> If you can access the share "\\BACKUP\documents" under that user the backup script that your are using must be run with the same user credentials to be able to connect the share. Other method is to first to map the share as a network drive with user/pass then to backup the files to that mapped drive.
> 
> Also you may consider start using robocopy with mir option.



I've restarted the setup of clients with mapping the share as a network drive and then added to the batch script  "net use $drive".  It work (for now...), even after multiple shutdown of clients. I didn't know about robocopy, it's look like interesting, i'll try it...

Thanks for your answer & help


----------

