I've been watching this thread because I have several shares where like Felipe I'll do
valid users = user1, user2, user3 force user = user4 so if there is actually some sort of problem as Felipe is describing, it concerns me. As far as reading the WHATSNEW.txt file, I've gone through it again and maybe its just me but I can't figure out what John might be referring to that could be causing Felipe's issue. I'm speculating John is referring to the way it may now be necessary to include the domain portion in the valid users parameter, ie something along the lines of.. valid users = mydomain\user1, mydomain\user2, mydomain\user3 (actually I've taken to creating a username map with entries like user1=mydomain\user1 user2=mydomain\user2 user3=mydomain\user3 user4=mydomain\user4 and leaving the valid users parameters as they where) Not having the domain portion could cause users Felipe intends allowing to be denied. But, he is having the exact opposite problem, users he intends denying are being allowed. Also, he says that downgrading to 3.0.22 and using the same smb.conf fixes his problem. Personally I can't replicate his issue, although I use domain level security instead of user level level like he is so perhaps thats part of it. Also, I'm curious about what his username map file might be and wonder if the issue could be in there. Tom Schaefer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John H Terpstra Sent: Monday, February 05, 2007 7:31 PM To: samba@lists.samba.org Subject: Re: [Samba] Valid users not working on 3.0.23d On Monday 05 February 2007 11:05, Papo Napolitano wrote: > Felipe Augusto van de Wiel wrote: > > On 02/02/2007 01:08 PM, Papo Napolitano wrote: > >> Any one still having problems with "valid users" on 3.0.23d? > >> I'm working in "security = USER" mode and with local users only. > >> > >> Share configuration : > >> > >> [private] > >> path = /home/private > >> valid users = papo > >> force user = root > >> force group = root > >> read only = No > >> create mask = 0600 > >> directory mask = 0700 > > > > [...] > > > >> Second test, using a valid but not listed user : > >> > >> [EMAIL PROTECTED] /]# smbclient //julieta/private -U administrator > >> Password: > >> Domain=[JULIETA] OS=[Unix] Server=[Samba 3.0.23d] > >> smb: \> mkdir 1 > >> smb: \> rmdir 1 > >> smb: \> quit > >> > >> This is wrong, administrator shouldn't write, not even connect to > >> the share. "invalid users" seems to work ok though. > >> I can provide debug logs for both versions if needed. > >> Any hints? > > > > Is your administrator in the list of 'admin users'? > > > >> Thanks.- > > > > Kind regards, > > No, 'admin users' is empty. > Anyway, I'm observing the same behaviour with any account. > Downgrading to 3.0.22 and using the same smb.conf works, I'm going to > try 3.0.24 in the next couple of days just to be sure. > > Thanks.- Please read the WHATSNEW.txt file that ships with Samba-3.0.x. You'll see that the semantics of "valid users" was changed around 3.0.8. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba