Re: [Samba] Valid users directive
-- Forwarded message -- From: Nicolas Kassis [EMAIL PROTECTED] Date: May 23, 2006 11:49 PM Subject: Re: [Samba] Valid users directive To: [EMAIL PROTECTED] Gary Dale wrote: Nicolas Kassis wrote: Hi Everyone I'm new to samba and I have been trying in vein to find a solution to this problem. I am setting up a linux samba server as a domain member server. It is part of the MAINT workgroup. Winbind and Samba authenticate correctly. The issue arises when I try to limit the users who are allowed to use a my share folder. Most of the information I have lookup seem to say that I should set up the Valid Users directive like this : valid users = '@MAINT\nkassis', '@MAINT\aburns' Of course this dosen't work. Can anyone point me to a place where I can find information about this or any indepth explanation of how to define users in this directive ? Nic If you look in the smb.conf man page, you will find (under invalid users) the following: A name starting with a '@' is interpreted as an NIS netgroup first (if your system supports NIS), and then as a UNIX group if the name was not found in the NIS netgroup database. A name starting with '+' is interpreted only by looking in the UNIX group database. A name starting with '' is interpreted only by looking in the NIS netgroup database (this requires NIS to be working on your system). The characters '+' and '' may be used at the start of the name in either order so the value /|+group|/ means check the UNIX group database, followed by the NIS netgroup database, and the value /|+group|/ means check the NIS netgroup database, followed by the UNIX group database (the same as the '@' prefix). Since NIS not being used, your valid users group has to be the Unix/Linux group that the Domain group maps to. From what I understand the Group they belong to is Domain Users but specifying the following +Domain Users and also trying again using quotes around it is still incorrect. One thing I should mention. When I list the users with the command wbinfo -u the users are listed only by theyre users name not with the domain like this: MAINT\nkassis is this correct ? Nic -- Nicolas Kassis http://www.nickassis.net http://www.nickassis.net/blog -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Valid users directive
Gary Dale wrote: Nicolas Kassis wrote: -- Forwarded message -- From: Nicolas Kassis [EMAIL PROTECTED] Date: May 23, 2006 11:49 PM Subject: Re: [Samba] Valid users directive To: [EMAIL PROTECTED] Gary Dale wrote: Nicolas Kassis wrote: Hi Everyone I'm new to samba and I have been trying in vein to find a solution to this problem. I am setting up a linux samba server as a domain member server. It is part of the MAINT workgroup. Winbind and Samba authenticate correctly. The issue arises when I try to limit the users who are allowed to use a my share folder. Most of the information I have lookup seem to say that I should set up the Valid Users directive like this : valid users = '@MAINT\nkassis', '@MAINT\aburns' Of course this dosen't work. Can anyone point me to a place where I can find information about this or any indepth explanation of how to define users in this directive ? Nic If you look in the smb.conf man page, you will find (under invalid users) the following: A name starting with a '@' is interpreted as an NIS netgroup first (if your system supports NIS), and then as a UNIX group if the name was not found in the NIS netgroup database. A name starting with '+' is interpreted only by looking in the UNIX group database. A name starting with '' is interpreted only by looking in the NIS netgroup database (this requires NIS to be working on your system). The characters '+' and '' may be used at the start of the name in either order so the value /|+group|/ means check the UNIX group database, followed by the NIS netgroup database, and the value /|+group|/ means check the NIS netgroup database, followed by the UNIX group database (the same as the '@' prefix). Since NIS not being used, your valid users group has to be the Unix/Linux group that the Domain group maps to. From what I understand the Group they belong to is Domain Users but specifying the following +Domain Users and also trying again using quotes around it is still incorrect. One thing I should mention. When I list the users with the command wbinfo -u the users are listed only by theyre users name not with the domain like this: MAINT\nkassis is this correct ? Nic You're not listening. :) Domain users is a Windows group. It should be mapped to a local Unix group. The local Unix group is what you put in smb.conf. oooh!!! I thought that was done automagically by winbind ? Nic -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Valid users directive
Hi Everyone I'm new to samba and I have been trying in vein to find a solution to this problem. I am setting up a linux samba server as a domain member server. It is part of the MAINT workgroup. Winbind and Samba authenticate correctly. The issue arises when I try to limit the users who are allowed to use a my share folder. Most of the information I have lookup seem to say that I should set up the Valid Users directive like this : valid users = '@MAINT\nkassis', '@MAINT\aburns' Of course this dosen't work. Can anyone point me to a place where I can find information about this or any indepth explanation of how to define users in this directive ? Nic -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba