[Samba] windows security of files and folders

aux aux at gawab.com
Fri Jul 29 15:37:24 GMT 2005


Hi, i have a samba 3.0.12 PDC (LDAP) with many windows clients. All 
works correctly but when i show properties (security) of one file or 
folder many times i see the SID and not the user or group. I can't 
assign the perms with the windows because i don't see the groups of ldap.

My configuration:


1 samba-3 PDC-LDAP (scripts, bats, etc. This scripts mount shares of 
other samba)
In this samba, if i mount a share and click security of a file i see the 
users but not the groups

1 Samba-3 (other samba, server FS) (shares, data, etc)
In this samba, if i mount a share and click security of a file i don't 
see users and groups)

My groupmap:

# net groupmap list
Domain Computers (S-1-5-21-3984604316-2900431957-2958281145-515) -> 
maquinaspdc
Domain Admins (S-1-5-21-3984604316-2900431957-2958281145-512) -> domadmin
Domain Users (S-1-5-21-3984604316-2900431957-2958281145-513) -> domuser

PDC configuration:

[global]
         workgroup = LDAP
         server string = Servidor LDAP
         netbios name = serverldap
         os level = 128
         time server = Yes
         unix extensions = Yes
         encrypt passwords = Yes
         add user script = /etc/samba/idealx/smbldap-useradd -m "%u"
         add machine script = /etc/samba/idealx/smbldap-useradd -w "%u"
         add group script = /etc/samba/idealx/smbldap-groupadd -p "%g"
         add user to group script = /etc/samba/idealx/smbldap-groupmod 
-m "%u" "%g"
         delete user from group script = 
/etc/samba/idealx/smbldap-groupmod -x "%u" "%g"
         set primary group script = /etc/samba/idealx/smbldap-usermod -g 
"%g" "%u"
         username map = /etc/samba/smbusers
         map to guest = Bad User
         security = user
         include = /etc/samba/dhcp.conf
         ;LDAP
         passdb backend = ldapsam:"ldap://127.0.0.1"
         ldap suffix = o=root
         ldap admin dn = cn=Manager, o=root
         idmap backend = ldap:ldap://127.0.0.1
         ldap idmap suffix = o=root
         ldap passwd sync = yes
         idmap uid = 1000-30000
         idmap gid = 1000-30000
         hosts allow = 192.168. 192.9.200. 127. localhost
         remote announce = 192.9.200.146
         remote browse sync = 192.9.200.146
         local master = yes
         preferred master = yes
         domain master = yes
         domain logons = yes
         wins support = yes
         name resolve order = wins hosts lmhosts bcast
         time server = yes
#       log level = 10


[netlogon]

         path = /opt/samba/netlogon
         guest ok = Yes

[...]


The other smb configuration (FS server):
[global]
         workgroup = LDAP
         server string = Servidor FICHEROS
         netbios name = serversamba
         os level = 65
         unix extensions = Yes
         encrypt passwords = Yes
         username map = /etc/samba/smbusers
         map to guest = Bad User
         security = user
#        include = /etc/samba/dhcp.conf
         ;LDAP
         passdb backend = ldapsam:"ldap://192.168.1.146"
         ldap suffix = o=root
         ldap admin dn = cn=Manager, o=root
         idmap backend = ldap:ldap://192.168.1.146
         ldap idmap suffix = o=root
         ldap passwd sync = yes
         idmap uid = 1000-30000
         idmap gid = 1000-30000
         hosts allow = 192.168. 192.9.200. 127. localhost
#       remote announce = 192.9.200.146
#       remote browse sync = 192.9.200.146
         wins support = no
         wins server = 192.168.1.146
         name resolve order = wins hosts lmhosts bcast
         acl compatibility = Win2k

[shares definition]
[...]


before i had samba-2 in two samba and the users and groups i saw them

anyone help me please?

thanks


More information about the samba mailing list