Sun Solaris 10 (under SPARC) local users in /etc/passwd
samba 3.4.2 from sunfreeware.com getent passwd *ramana:x:100:1::/export/home/ramana:/bin/sh teju:x:101:1::/export/home/teju:/bin/sh user1:x:102:1::/export/home/user1:/bin/sh ben:x:103:1::/home/ben:/bin/sh *like this* ** *Thanks Ben.T.George* * On Thu, Sep 30, 2010 at 5:45 PM, Gaiseric Vandal <gaiseric.van...@gmail.com>wrote: > Then it sounds like you need the AD integration. If the user's also login > to the linux workstation directly (or via ssh) then you will need to > configure winbind and nsswitch to support unix logins. > > Why does nsswitch.conf include ldap? Is this the only linux/unix machine? > Are local users in ldap or /etc/passwd? > > What version of samba? What version of linux? > > Ideally "getent passwd" woudl show something like > > > > ben:*:10001:10001:Ben George:/export/Home/SRE/ben/:bin/tcsh > > or > > SRE+ben:*:10001:10001:Ben George:/export/Home/SRE/ben:/bin/bash > > > > I don't think you need a huge amount of AD experience to make this work but > I think you have to have general understanding of what WIndows domains are > about. > > You should also review the smb.conf man page for the section on idmap_ad. > > > > > > On 09/30/2010 09:24 AM, Ben George wrote: > > > > Thanks for your replay.. > > yes my client told me like this that's Y..and the manager gave that work to > newly joined me.. :( > > i don't have any AD and core unix experience..i have only experience in > linux.not much > > may this project will affect my job.. :( > > my nsswitch.conf > > *passwd: files ldap winbind > group: files ldap winbind > hosts: dns files > ipnodes: dns files* > > > "*nsswitch+winbind (which I do) or the smb pam module*"..? :( > > i don't know..my client's need is he has a linux machine..also a ADS..from > the unix machine, he want to share secure folder's to the AD user's..so eash > user can only access that particular shared folder..when the password of > user changed in AD, that will affect to the smbpassword...means without > changing that particular user's smb password in the unix machine.. > > for this need which method is useful..from your experience > > "*Does "getent passwd" show the windows users?*" > > please check the output ..i think getent password only shows unix system > password > > *bash-3.00# getent passwd > root:x:0:0:Super-User:/:/sbin/sh > daemon:x:1:1::/: > bin:x:2:2::/usr/bin: > sys:x:3:3::/: > adm:x:4:4:Admin:/var/adm: > lp:x:71:8:Line Printer Admin:/usr/spool/lp: > uucp:x:5:5:uucp Admin:/usr/lib/uucp: > nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico > smmsp:x:25:25:SendMail Message Submission Program:/: > listen:x:37:4:Network Admin:/usr/net/nls: > gdm:x:50:50:GDM Reserved UID:/: > webservd:x:80:80:WebServer Reserved UID:/: > postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh > svctag:x:95:12:Service Tag UID:/: > nobody:x:60001:60001:NFS Anonymous Access User:/: > noaccess:x:60002:60002:No Access User:/: > nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/: > ramana:x:100:1::/export/home/ramana:/bin/sh > teju:x:101:1::/export/home/teju:/bin/sh > user1:x:102:1::/export/home/user1:/bin/sh > ben:x:103:1::/home/ben:/bin/sh* > > > "you already have a "unix" ben and a "ADS" ben defined?" > > Yes i defined the ben user in Unix and ADS...bcoz i don't have much > knowledge about that sorry > > Hope u will help me > Thanks > Ben.T.George > > > On Thu, Sep 30, 2010 at 3:59 PM, Gaiseric Vandal < > gaiseric.van...@gmail.com> wrote: > >> >> disclaimer: I don't use Samba as an ADS member server. I use samba as PDC >> with trusts to an ADS domain. So my observations may not be valuid. >> >> Did you try updating nsswitch.conf >> >> >> passwd: files winbind >> group: files winbind >> >> >> If you are using a Windows domain and have a user defined in the domain, >> you generally don't want to add the user as a local user. Since the >> underlying unix OS needs to know about the domain users you need to either >> use nsswitch+winbind (which I do) or the smb pam module (which I don't use, >> and not sure if it really is the correct approach.) >> >> If you use nsswitch.conf+winbind you can then also OPTIONALLY allow >> "windows" users "unix" access like ssh. My samba server is a PDC- I have >> a domain trust with windows domains BUT the default shell is "/bin/false." >> (It is still a little flaky...) >> >> Does "getent passwd" show the windows users? It should show something >> like >> >> ben:*:10001:10001:Ben George:/home/SRE/ben/bin/false >> >> or >> >> SRE+ben:*:10001:10001:Ben George:/home/SRE/ben/bin/false >> >> >> >> It looks like = you already have a "unix" ben and a "ADS" ben defined? >> >> "wbinfo -s" and "wbinfo -n" are also useful for making sure that the >> name-to-sid and sid-to-name mappings are correct for domain users. >> > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba