Re: [Samba] local users in a domain...
I think, if you have samba to talk with ldap there is as far as I know no feature to make samba talk to your local users too. A long time ago I remember there was a hack with samba 2 but this is history. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Christ Schlacta Gesendet: Mittwoch, 29. Dezember 2010 02:39 An: samba@lists.samba.org Betreff: [Samba] local users in a domain... so I have some local users that I'd like to show up in my samba domain a bit more properly, but it's infeasable to add their accounts to the ldap directory proper. I've tried to create an idmap entry (probably wrong) and a structural SID with a sam account pointing to the numeric UID and a proper name for the unix account, but it still shows up as UNIX-USER/accountname. what am I in need of doing to make this show up as a user in the domain short of adding an actual user for it? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] local users in a domain...
Hello, Use smbldap-tools. It also contains the script to migrate system users to ldap. --- wbr, Denis. On Wed, Dec 29, 2010 at 7:38 AM, Christ Schlacta wrote: > so I have some local users that I'd like to show up in my samba domain a > bit more properly, but it's infeasable to add their accounts to the ldap > directory proper. > > I've tried to create an idmap entry (probably wrong) and a structural SID > with a sam account pointing to the numeric UID and a proper name for the > unix account, but it still shows up as UNIX-USER/accountname. what am I in > need of doing to make this show up as a user in the domain short of adding > an actual user for it? > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
On Tue, Dec 28, 2010 at 10:12 PM, John Drescher wrote: > On Tue, Dec 28, 2010 at 5:25 PM, Hodges, Robert CTR USAF AFMC 520 > SMXS/MXDEC wrote: >> Excellent information, thank you. >> >> Unfortunately, none of it solved my problem. >> > > Do you have a valid NETBIOS domain or workstation name? I mean less > than 16 characters and absolutely no . in the name. > Also make sure that nmbd is running on the linux box. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
On Tue, Dec 28, 2010 at 5:25 PM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC wrote: > Excellent information, thank you. > > Unfortunately, none of it solved my problem. > Do you have a valid NETBIOS domain or workstation name? I mean less than 16 characters and absolutely no . in the name. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] local users in a domain...
so I have some local users that I'd like to show up in my samba domain a bit more properly, but it's infeasable to add their accounts to the ldap directory proper. I've tried to create an idmap entry (probably wrong) and a structural SID with a sam account pointing to the numeric UID and a proper name for the unix account, but it still shows up as UNIX-USER/accountname. what am I in need of doing to make this show up as a user in the domain short of adding an actual user for it? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Missing Samba documentation pages: migration
Hello, There is a small document, which (I hope) useful to others samba user to avoid mistakes, wrong path, that i take, to reach my goal. This document is covered by license: xkcd501[12]. 1. Target 2. Situation 2.1. Software versions 2.2. Software setup 3. Data migration 3.1. alternatives 3.1.1. robocopy 3.1.2. xcopy 3.1.3. net 3.1.4. smbfs/cifs 4. Migration 4.1. Start samba 4.2. ACL vs ACL 4.3. mount.cifs 4.4. copy using xcopy 4.5. copy using robocopy 4.6. documentation ... 4.7. net rpc share 4.8. NT_STATUS_MEDIA_WRITE_PROTECTED 4.9. share_info.tdb 4.10. ACL test using WINXP on DST 4.11. documentation ... 4.12. Searching for root 4.13. Samba works 4.14. Samba compiling 4.15. Limitations of net rpc share migrate 5. Migrations isn't migration 5.1. How to do better? References 1. Target = Goal is to migrate shares from old Pentium III with Windows 2003 (name it SRC) to Samba on Debian stable (name it DST). 2. Situation Both servers are inside a domain. Primary (and the only one) DC runs on Windows 2008 R2. Clients are mostly Windows Vista, Windows 7, some Linux with Samba, some Windows XP machines. SRC is used on during work hours, huge downtime isn't acceptable. Stores about 2TB data on local SATA/IDE disks on NTFS file systems. SRC has about 10 shares. And a lot of files (some times a lot of small files)... Network card is 100Mbps, but copy test shows that on large files SRC capable to make 50Mbps with near 100% CPU-kernel time. On small files speed drops, drops near 10-20 times. Having full time copy this can lead to 20 days [1] copy operation. 2.1. Software versions -- DST is run on Debian Stable 5.0 (lenny) with samba 2:3.2.5-4lenny13 with kernel 2.6.26-2-amd64 on Intel Core i7, data stored in raiserfs3 with ACL. SRC with Windows 2003 running on Pentium 3. Data stored on several NTFS partitions. 2.2. Software setup --- DST are joined into Domain. Domain name is MSHOME. This document doesn't covers, domain join part, this is described inside The Official Samba 3.5.x HOWTO and Reference Guide[5]. There I will show that DST is correctly (I hope) configured, and how to check that. Is the winbindd deamon running? DST# pidof winbindd 12111 12108 12072 12067 12064 Is winbind enabled in nsswitch.conf? DST# cat /etc/nsswitch.conf | grep winbind passwd: compat winbind group: compat winbind Is winbind working? DST# getent passwd | grep administrator administrator:*:10004:10013:Administrator:/home/MSHOME/administrator:/bin/false DST# wbinfo -u | grep -i administrator administrator DST# wbinfo -U 10004 S-1-5-21-3103004317-3667232127-1157729718-500 DST# wbinfo -s S-1-5-21-3103004317-3667232127-1157729718-500 MSHOME+Administrator 1 What /etc/samba/smb.conf is? DST# testparm -s 2>/dev/null| grep '\(workgroup\|realm\|security\|password server\|idmap\|winbind\)' workgroup = MSHOME realm = MSHOME.LOCAL security = ADS password server = 10.0.0.250 idmap uid = 1-2 idmap gid = 1-2 winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes How share is made? DST# cat /etc/samba/smb.conf | tail -n 4 [testshare] path = /srv/testshare browseable = yes writable = yes What permissions has test share? DST# ls -ld /srv/testshare/ drwxrwxrwt+ 2 root root 112 2010-12-28 07:18 /srv/testshare/ DST# getfacl /srv/testshare/ # file: srv/testshare/ # owner: root # group: root user::rwx group::rwx other::rwx Is this directory writable? DST# id uid=0(root) gid=0(root) groups=0(root) DST# touch /srv/testshare/0.txt; echo $? 0 Is this directory writable by domain Administrator? DST# su -s /bin/sh administrator -c 'id;touch /srv/install/testshare/10004.txt;echo $?' uid=10004(administrator) gid=10013(rtchsdomainservices) groups=10002(BUILTIN+administrators),10006(domain admins),10008(schema admins),10009(enterprise admins),10010(denied rodc password replication group),10013(rtchsdomainservices),10014(group policy creator owners),10018(rtc server local group) 0 3. Data migration = To reach our goal, we need to move data from one server/storage to another one, file by file, share by share. And by doing that we need to make sure that: - data is in sync - ACL are copied - minimal downtime. Every service migration (how good it will be) needs data copy part. Lets make a little discus about it. 3.1. alternatives - After some unsuccessful try, and some searches I found some hints how to do this "in samba way". [2] [3] 3.1.1. robocopy ^^^ Robocopy tool from Microsoft. Tool witch was made by some one inside of corporation, and seems by mistake was discovered by sales people... After that was some made the ugly part (added Robocopy GUI). Distribution scheme of this tools is also confused. This can be found inside resource kit (these days it's possible free do
Re: [Samba] Newbie : bad uid in the smbpasswd file ?
Le 28/12/2010 20:29, Gary Dale a écrit : > Bonjour Francois. One question is why are you using smbpasswd instead of > tdb for the backend? As I said in the title of my post, I'm a newbie and I'm just learning Samba and at the moment I'm just trying a few basic shares. I have seen that "tdb backend" is better than "smbpasswd backend" but to begin I thought It was clearer for me to use plain text file for the storage of the users'accounts. And I met this problem of uid that annoys me and I would like to understand. > I suggest that you remove (purge) your samba implementation and > reinstall it with the defaults. I have tried this: # apt-get update # apt-get purge samba # apt-get install samba But, with the smb.conf file that I have posted in my first message, I have exactly the same problem: #-- # smbpasswd -a francois -D 10 | grep -i 'uid' New SMB password: Retype new SMB password: getsmbfilepwent: returning passwd entry for user francois, uid 0 getsmbfilepwent: returning passwd entry for user francois, uid 0 # cat smbpasswd francois:0: [snip] # cat /etc/passwd | grep francois francois:x:1000:1000:francois,,,:/home/francois:/bin/bash #-- I'd really like to understand the problem. > Next use swat to configure things. Is it not better to edit smb.conf with a simple editor? > You need to consider the role the server plays, I highly recommend that > you make it a domain controller unless you already have one. If you have > a domain controller then join the server to the domain. If you don't > have a domain controller, then use your samba server as domain controller. > > Once you have your server's role established, add and enable the > accounts using swat. > > If this is a workstation that you are simply trying to share a folder > from, then consider whether that is really a good idea. Sharing files > exposes your machine unnecessarily. It is far better to set up a server > with a shared folder. > > You can get all kinds of network storage devices quite cheaply that will > do the job. Or you can use an old computer and set it up as domain > controller/file server. You can even share printers, scanners, etc. from > it. > > However, if you must use a workstation to share files, then use swat to > configure it as a standalone or domain member server with whatever > access rights you want. However, I strongly advise against using your > account to provide guest access. Set up a real guest account that has no > login rights (e.g. set the login shell to /bin/false). Thanks for the pieces of advice. At the moment, I'm just learning with my computer (Ubuntu 10.04) and client XP (Virtual machine with VirtualBox). Francois Lafont -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
2010/12/29 Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC : > Refresh: This error happens when you try to browse using "My Network Places" > in the desktop. Mapping works fine, access works fine. Browsing is what > fails in XP. I need this to work or I'm looking at a huge and expensive > documentation change effort that few would understand. Windows XP should work well as a browsing client. Most of problems around browsing are recently cause by firewall or anti-virus functions. Do you disable your firewall or anti-virus which blocks incoming UDP traffic (137/udp and 138/udp)? Or using sniffer as tms3 said below. 2010/12/29 : > Start sniffing the machine as you do a "Network Neighborhood" search. You > might also check and see just where and how lookups are being done for > NETBios from an XP box command terminal > > nbtstat -r > > which will tell you how lookups are being done. Might lead you to a > culprit. --- TAKAHASHI Motonobu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
Excellent information, thank you. Unfortunately, none of it solved my problem. Start sniffing the machine as you do a "Network Neighborhood" search. You might also check and see just where and how lookups are being done for NETBios from an XP box command terminal nbtstat -r which will tell you how lookups are being done. Might lead you to a culprit. I see a lot of "The specified network name is no longer available" error messages all over the internet from Linux users, and none of the very few solutions I have come across have worked for me. Anybody else able to chime in and take a guess as why my XP box is having a problem talking to my Solaris/Samba box? Again, Win2K has no problems talking to the Samba box - it's just XP. Refresh: This error happens when you try to browse using "My Network Places" in the desktop. Mapping works fine, access works fine. Browsing is what fails in XP. I need this to work or I'm looking at a huge and expensive documentation change effort that few would understand. Still desperate for help on this. This problem happens with WinXP right out of the box, we have nothing weird installed. Help! -Original Message- From: Chris Smith [mailto:smb...@chrissmith.org] Sent: Tuesday, December 28, 2010 12:45 PM To: Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC Cc: John Drescher; samba@lists.samba.org Subject: Re: [Samba] Need Help Getting Windows XP To Use Samba Properly On Tue, Dec 28, 2010 at 2:23 PM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC wrote: Other details: I do not use a DNS server, I use the hosts file in XP. Yes, but NetBIOS desires the lmhosts file. See my ancient (but still valid) scribblings here: http://realcomputerguy.com/networksetup.htm#hosts Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
Excellent information, thank you. Unfortunately, none of it solved my problem. I see a lot of "The specified network name is no longer available" error messages all over the internet from Linux users, and none of the very few solutions I have come across have worked for me. Anybody else able to chime in and take a guess as why my XP box is having a problem talking to my Solaris/Samba box? Again, Win2K has no problems talking to the Samba box - it's just XP. Refresh: This error happens when you try to browse using "My Network Places" in the desktop. Mapping works fine, access works fine. Browsing is what fails in XP. I need this to work or I'm looking at a huge and expensive documentation change effort that few would understand. Still desperate for help on this. This problem happens with WinXP right out of the box, we have nothing weird installed. Help! -Original Message- From: Chris Smith [mailto:smb...@chrissmith.org] Sent: Tuesday, December 28, 2010 12:45 PM To: Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC Cc: John Drescher; samba@lists.samba.org Subject: Re: [Samba] Need Help Getting Windows XP To Use Samba Properly On Tue, Dec 28, 2010 at 2:23 PM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC wrote: > Other details: I do not use a DNS server, I use the hosts file in XP. Yes, but NetBIOS desires the lmhosts file. See my ancient (but still valid) scribblings here: http://realcomputerguy.com/networksetup.htm#hosts Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
On Tue, Dec 28, 2010 at 2:23 PM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC wrote: > Other details: I do not use a DNS server, I use the hosts file in XP. Yes, but NetBIOS desires the lmhosts file. See my ancient (but still valid) scribblings here: http://realcomputerguy.com/networksetup.htm#hosts Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Newbie : bad uid in the smbpasswd file ?
On 28/12/10 06:44 AM, Francois Lafont wrote: Hello everybody, I don't understand why the uid isn't correct in the /etc/samba/smbpasswd file. My OS is Ubuntu 10.04. Some precise explanations below: #--- # smbd -V Version 3.4.7 # testparm -s /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section "[PARTAGE]" Loaded services file OK. Server role: ROLE_STANDALONE [global] workgroup = MON-DOMAINE netbios name = SAMBA-SRV server string = "" map to guest = Bad User passdb backend = smbpasswd guest account = francois lanman auth = Yes log level = 1 max log size = 10 wins support = Yes [PARTAGE] comment = Pour faire des tests path = /resteDisque1/dossier read only = No guest ok = Yes # service smbd restart smbd start/running, process 6638 # service nmbd restart nmbd start/running, process 6650 # cat /etc/samba/smbpasswd # no output, the file is empty # pdbedit -L # no result, no samba user # smbpasswd -a francois # I create the user francois New SMB password: Retype new SMB password: Added user francois. # cat /etc/samba/smbpasswd # In this file, the uid is 0, like root ?! francois:0:96E3B942381CBE5BAAD3B435B51404EE:BBB4013EC9D4E3D7A88CA89C2519DB11:[U ]:LCT-4D116896: # pdbedit -L # With this command, the uid is 1000 ?! francois:1000:francois # cat /etc/passwd | grep francois # 1000 is the *real* uid of francois francois:x:1000:1000:francois,,,:/home/francois:/bin/bash #--- The real uid of francois is 1000. Why is the uid equal to 0 in the smbpasswd file ? Thanks in advance for your help. Bonjour Francois. One question is why are you using smbpasswd instead of tdb for the backend? I suggest that you remove (purge) your samba implementation and reinstall it with the defaults. Next use swat to configure things. You need to consider the role the server plays, I highly recommend that you make it a domain controller unless you already have one. If you have a domain controller then join the server to the domain. If you don't have a domain controller, then use your samba server as domain controller. Once you have your server's role established, add and enable the accounts using swat. If this is a workstation that you are simply trying to share a folder from, then consider whether that is really a good idea. Sharing files exposes your machine unnecessarily. It is far better to set up a server with a shared folder. You can get all kinds of network storage devices quite cheaply that will do the job. Or you can use an old computer and set it up as domain controller/file server. You can even share printers, scanners, etc. from it. However, if you must use a workstation to share files, then use swat to configure it as a standalone or domain member server with whatever access rights you want. However, I strongly advise against using your account to provide guest access. Set up a real guest account that has no login rights (e.g. set the login shell to /bin/false). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
John, First, thank you for the response. I'll take any help I can get. Yes, I do have WINS enabled on the Samba box. Do I set WinXP to use the Samba box as the WINS server? If so, then I have already tried this and it didn't work. Other details: I do not use a DNS server, I use the hosts file in XP. The Samba box and the WinXP box simply share a worgroup name. Trying to keep this as simplistic as possible. Also, the "Computer Browser" service is disabled in XP - this is to force WinXP to use the Samba server as the master browser, and is the method I used in Win2K which worked great. In XP, however, it produces the error "Network name is no longer available". Enabling the service causes XP to elect itself as the master browser and ignore the Samba box (which I want to be master browser like it was with Win2K). This improves things SOMETIMES - the "Network name" error still pops up half the time, meaning network browsing of the Samba box from XP went from "100% broken" to "Cross your fingers". REALLY desperate to get this working. MAJOR thanks to anyone who can help me with this, especially since the internet is loaded with people who have posted for help on this problem and no solutions follow. -Original Message- From: John Drescher [mailto:dresche...@gmail.com] Sent: Tuesday, December 28, 2010 12:01 PM To: Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC Cc: samba@lists.samba.org Subject: Re: [Samba] Need Help Getting Windows XP To Use Samba Properly On Tue, Dec 28, 2010 at 1:39 PM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC wrote: > Hi everyone, new to the list. > > My apologies if this issue has already been covered, but I am having the > following problem with Samba: > > Using Windows XP as a client, I am trying to see a Solaris system as a > server. Solaris is running Samba 2.4.2, and Windows 2000 sees it as a > server without any problems. > > Windows XP, however, generates the error "The network name is no longer > available" when trying to browse to shares on the Solaris box. Browsing > is what produces the error - otherwise, I can map to and access > resources directly with "\\servername\share". > > Running the command "browstat status" on the WinXP box shows that the > Windows machine is not able to pull the server list from the Solaris > box. Again, Windows 2000, however, works fine and does not have this > problem. > > Desperate for help to get this resolved. Did you enable WINS on the samba server and set that up on the XP box? Usually that fixes a lot of windows browsing problems. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
On Tue, Dec 28, 2010 at 1:39 PM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC wrote: > Hi everyone, new to the list. > > My apologies if this issue has already been covered, but I am having the > following problem with Samba: > > Using Windows XP as a client, I am trying to see a Solaris system as a > server. Solaris is running Samba 2.4.2, and Windows 2000 sees it as a > server without any problems. > > Windows XP, however, generates the error "The network name is no longer > available" when trying to browse to shares on the Solaris box. Browsing > is what produces the error - otherwise, I can map to and access > resources directly with "\\servername\share". > > Running the command "browstat status" on the WinXP box shows that the > Windows machine is not able to pull the server list from the Solaris > box. Again, Windows 2000, however, works fine and does not have this > problem. > > Desperate for help to get this resolved. Did you enable WINS on the samba server and set that up on the XP box? Usually that fixes a lot of windows browsing problems. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Need Help Getting Windows XP To Use Samba Properly
Hi everyone, new to the list. My apologies if this issue has already been covered, but I am having the following problem with Samba: Using Windows XP as a client, I am trying to see a Solaris system as a server. Solaris is running Samba 2.4.2, and Windows 2000 sees it as a server without any problems. Windows XP, however, generates the error "The network name is no longer available" when trying to browse to shares on the Solaris box. Browsing is what produces the error - otherwise, I can map to and access resources directly with "\\servername\share". Running the command "browstat status" on the WinXP box shows that the Windows machine is not able to pull the server list from the Solaris box. Again, Windows 2000, however, works fine and does not have this problem. Desperate for help to get this resolved. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly
My apologies, it's Samba 3.4.2 that I'm running on Solaris. -Original Message- From: Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC Sent: Tuesday, December 28, 2010 11:39 AM To: 'samba@lists.samba.org' Subject: Need Help Getting Windows XP To Use Samba Properly Hi everyone, new to the list. My apologies if this issue has already been covered, but I am having the following problem with Samba: Using Windows XP as a client, I am trying to see a Solaris system as a server. Solaris is running Samba 2.4.2, and Windows 2000 sees it as a server without any problems. Windows XP, however, generates the error "The network name is no longer available" when trying to browse to shares on the Solaris box. Browsing is what produces the error - otherwise, I can map to and access resources directly with "\\servername\share". Running the command "browstat status" on the WinXP box shows that the Windows machine is not able to pull the server list from the Solaris box. Again, Windows 2000, however, works fine and does not have this problem. Desperate for help to get this resolved. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem Roaming Profile
Hello. I have configured PDC (Primary domain controler) with samba 3.2.5 and LDAP. The workstation has installed Windows XP Service Pack 3. When i log in to the server its work perfectly, i create files and when i log out these files are created on the server correctly. But if i log in with the same account from other computer, it doesn't load the files that belongs to this account. When i log in i can see the message (Loading the personal configuration...) and finish without alerts. My smb.conf file: [global] dos charset = 850 Unix charset = ISO8859-1 workgroup = ASESORIA realm = skynetlink.com server string = %h server map to guest = Bad User username map = /etc/samba/smbusers passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=skynetlink,dc=com ldap delete dn = Yes ldap group suffix = ou=group ldap idmap suffix = ou=idmap ldap machine suffix = ou=computer ldap suffix = dc=skynetlink,dc=com ldap ssl = no ldap user suffix = ou=people add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8182 interfaces = eth0 lo hosts allow = 127.0.0.1, 192.168.1.0/24 hosts deny = 0.0.0.0 smb ports = 139 445 bind interfaces only = Yes name resolve order = wins hosts lmhosts bcast remote announce = 192.168.1.255 pam password change = Yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* logon script = 'logon.bat %U' logon path = \\%N\profiles\%U logon drive = U: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case sensitive = No hide unreadable = Yes unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = Yes map hidden = Yes map system = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0611 directory mask = 0711 browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0611 directory mask = 0711 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers create mask = 0611 directory mask = 0711 [netlogon] path = /var/lib/samba/netlogon browseable = No create mask = 0611 directory mask = 0711 [profiles] path = /var/lib/samba/profiles force user = %U read only = No create mask = 0611 directory mask = 0711 guest ok = Yes profile acls = Yes browseable = No csc policy = disable writeable = Yes [public] path = /tmp read only = No guest ok = Yes create mask = 0611 directory mask = 0711 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Newbie : bad uid in the smbpasswd file ?
Hello everybody, I don't understand why the uid isn't correct in the /etc/samba/smbpasswd file. My OS is Ubuntu 10.04. Some precise explanations below: #--- # smbd -V Version 3.4.7 # testparm -s /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section "[PARTAGE]" Loaded services file OK. Server role: ROLE_STANDALONE [global] workgroup = MON-DOMAINE netbios name = SAMBA-SRV server string = "" map to guest = Bad User passdb backend = smbpasswd guest account = francois lanman auth = Yes log level = 1 max log size = 10 wins support = Yes [PARTAGE] comment = Pour faire des tests path = /resteDisque1/dossier read only = No guest ok = Yes # service smbd restart smbd start/running, process 6638 # service nmbd restart nmbd start/running, process 6650 # cat /etc/samba/smbpasswd # no output, the file is empty # pdbedit -L # no result, no samba user # smbpasswd -a francois # I create the user francois New SMB password: Retype new SMB password: Added user francois. # cat /etc/samba/smbpasswd # In this file, the uid is 0, like root ?! francois:0:96E3B942381CBE5BAAD3B435B51404EE:BBB4013EC9D4E3D7A88CA89C2519DB11:[U ]:LCT-4D116896: # pdbedit -L # With this command, the uid is 1000 ?! francois:1000:francois # cat /etc/passwd | grep francois # 1000 is the *real* uid of francois francois:x:1000:1000:francois,,,:/home/francois:/bin/bash #--- The real uid of francois is 1000. Why is the uid equal to 0 in the smbpasswd file ? Thanks in advance for your help. -- Francois Lafont -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] solaris 10 winbind authentication with ADS
On Mon, Dec 27, 2010 at 08:10:16AM -0700, CJ Keist wrote: > Thank you. > ./wbinfo -n login_name works. But the wbinfo -i doesn't work, > "Could not get info for user COLOSTATE\login". > So windbind is working partially? Could there be something on the > Windows domain controller that isn't allowing the information to my > samba server? That's unlikely. Try wbinfo -n login_name and use the resulting SID to try wbinfo --sid-to-uid If the latter step fails, your id mapping does not work. If that works and the wbinfo -n still does not work, we need winbind debug level 10 logs. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
