[Samba] Cannot access/write to shares, samba appears not to convert group names to SIDs
Hi All, I cannot access/write to shares so I turned the logging level up to 3. This is the error from the 'test' share while attempting to create a new folder: [2009/09/29 09:57:45, 3] lib/util_sid.c:string_to_sid(223) string_to_sid: Sid @domain users does not start with 'S-'. I am using samba 3.0.36 on gentoo smb.conf server string = Samba Server %v log level = 3 log file = /var/log/samba/log.%m max log size = 50 interfaces = lo eth0 bind interfaces only = yes hosts allow = 10.4.1. 172.16.142. 127. hosts deny = 0.0.0.0/0 encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no security = ADS idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes winbind use default domain = yes restrict anonymous = 2 domain master = no local master = no preferred master = no os level = 10 disable netbios = no # dos charset = ASCII # unix charset = UTF8 # display charset = UTF8 preserve case = yes short preserve case = yes # printer admin = root, @Domain Admins printing = cups printcap name = cups # printcap = /etc/printcap load printers = yes default devmode = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes # admin users = root, @Domain Admins, @Printer Admins, @Domain Power Users [print$] # comment = Printer Drivers path = /var/lib/samba/printers guest ok = no browseable = yes # read only = yes write list = @domain admins [daily backups] comment = DGHYP Daily Backups path = /backup/set1 valid users = @domain admins read only = Yes [tech] comment = IT Files path = /backup/tech write list = @domain admins force create mode = 0770 [test] comment = test path = /backup/test write list = @domain users, @domain users, @domain admins, @domain admins Thanks, Charlie Page -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot access/write to shares
write list = @domain users, @domain users, @domain admins, I don't know the exact syntax, but have you tried other variations? @DOMAIN\Domain Users is probably the main one, as this is how you have to specify groups if you use winbindd (e.g. chgrp 'MYDOMAIN\My Group' myfile) Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Cannot access/write to shares
Hi All, I cannot access/write to shares (depending on what level domain users groups become relevant to access) so I turned the logging level up to 3. This is the error from the 'test' share while attempting to create a new folder: [2009/09/29 09:57:45, 3] lib/util_sid.c:string_to_sid(223) string_to_sid: Sid @domain users does not start with 'S-'. Which I believe (from reading other posts), at the point this function is called Samba should have converted the text name of the group into a text SID for the string_to_sid function. Other logging lines indicate that Samba is turning groups into SIDs. I am using samba 3.0.36 on gentoo linx-2.6.28 glib-2.20.5 smb.conf server string = Samba Server %v log level = 3 log file = /var/log/samba/log.%m max log size = 50 interfaces = lo eth0 bind interfaces only = yes hosts allow = 10.4.1. 172.16.142. 127. hosts deny = 0.0.0.0/0 encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no security = ADS idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes winbind use default domain = yes restrict anonymous = 2 domain master = no local master = no preferred master = no os level = 10 disable netbios = no # dos charset = ASCII # unix charset = UTF8 # display charset = UTF8 preserve case = yes short preserve case = yes # printer admin = root, @Domain Admins printing = cups printcap name = cups # printcap = /etc/printcap load printers = yes default devmode = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes # admin users = root, @Domain Admins, @Printer Admins, @Domain Power Users [print$] # comment = Printer Drivers path = /var/lib/samba/printers guest ok = no browseable = yes # read only = yes write list = @domain admins [daily backups] comment = DGHYP Daily Backups path = /backup/set1 valid users = @domain admins read only = Yes [tech] comment = IT Files path = /backup/tech write list = @domain admins force create mode = 0770 [test] comment = test path = /backup/test write list = @domain users, @domain users, @domain admins, @domain admins Thanks, Charlie Page -- Charlie Page Core Business Services - Your Business Technology Partner (o)646-837-7798 (c)203-918-3645 www.corebizserv.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
