I am making some guesses...
Read the man page on idmap_rid. That might make the idmap stuff a
little simpler (it doesn't apply to my environment so I am not 100% sure.)
Does "wbinfo -u" and "wbinfo -g" list the AD domain users and groups?
Does "getent passwd" and "getent group" list those users? Do you have
/etc/nsswitch.conf configured to handle users and groups from
winbind? The Solaris OS has so have some way of dealing with
"Windows" users.
Is your idmap backend TDB or ldap? Do you see idmap entries in the
IDMAP DB?
On 09/27/2010 07:29 AM, RegioGis wrote:
I'm desperately looking for an example of a working smb.conf file for solaris
10 using zfs ?
I've been trying so many possible combinations of the available options, but
I can not get it working properly.
I want to mimic simple NT acls, including inheritance, and the possibility
to add AD groups.
I often get stuck on deny aces being generated as the first aces in the acl.
Environment : solaris 10 with zfs, AD integration via kerberos enabled,
samba 3.0.35
smb.conf ( one of the many try-outs ... )
---------
[global]
workgroup = X
realm = X.Y.Z
netbios name = GISSMBD
server string = GIS DEV Samba Server
security = ADS
auth methods = winbind
server signing = auto
preferred master = No
local master = No
dns proxy = No
ldap timeout = 86400
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = yes
...
[share1]
path = /path/to/share1
force group = gis
read only = no
create mask = 0660
directory mask = 0770
force unknown acl user = yes
acl check permissions = no
ea support = yes
store dos attributes = yes
map readonly = no
map archive = no
map system = no
vfs objects = zfsacl
nfs4: mode = special
nfs4: acedup = merge
Thanks in advance
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
