[Samba] 'valid users' does not accept my users, but my groups
Markus Fischer
markus at fischer.name
Wed Apr 27 09:19:41 GMT 2005
Hi,
I'm using Version 3.0.10-Debian and have winbindd running for auth
against our W2K TEST-DOM. I've set up shares which only some groups have
access granted. System is runnig fine a few weeks when I now discovered
when I want grant access to only one user, it doesn't work.
The configuration for this share is:
[testshare]
path = /data/test
public = no
writeable = yes
browseable = yes
create mode = 0777
force directory mode = 0775
force create mode = 0666
force user = www-data
force group = www-data
valid users = mfischer
The logfile tells me:
[2005/04/27 10:44:05, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [mfischer] ->
[mfischer] -> [TEST-DOM"mfischer] succeeded
[2005/04/27 10:44:05, 2] smbd/service.c:make_connection_snum(314)
user 'TEST-DOM"mfischer' (from session setup) not permitted to access
this share (testshare)
When I use groups, e.g.
valid users = @development
and my user 'mfischer' is in this group, it works without problems.
I've tried different syntaxes like
TEST-DOM\mfischer
TEST-DOM"mfischer (because it's written this way in the logfile)
TEST-DOM+mfischer (because of the winbind separator)
TEST-DOM/mfischer
none of them worked.
My pam.d/samba looks like:
# from common-auth
auth sufficient pam_winbind.so
auth sufficient pam_unix.so nullok_secure use_first_pass
# from common-account
account required pam_unix.so
# from common-session
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0002
any suggestions or other information I can provide?
thanks,
- Markus
More information about the samba
mailing list