Spaces in groupname and winbind
MCCALL,DON (HP-USA,ex1)
don_mccall at hp.com
Tue Mar 19 16:15:02 GMT 2002
Hi Matt - this looks familiar.
What version of samba are you using?
-----Original Message-----
From: Matt Pavlovich [mailto:mpav at algx.net]
Sent: Tuesday, March 19, 2002 5:02 PM
To: MCCALL,DON (HP-USA,ex1)
Subject: RE: Spaces in groupname and winbind
Don-
Any ideas on the return of groups?
Got another one--
getent passwd returns weirdness:
# getent passwd | grep mpav
mpav:x:1001:10::/export/home/mpav:/usr/bin/bash
ATI_DOM+mpavlovi:x,mpavlovi:10000:10000:Pavlovich, Matthew
R.:/export/home/samba/ATI_DOM/mpavlovi:/bin/false
mpav is a local unix account w/ /etc/passwd entries.. ATI_DOM+mpavlovi
is the NT domain account.. look at the password filed: "x,mpavlovi". I
am having problems authenticating to the server... is this an issue?
Thanks,
Matt Pavlovich
On Mon, 2002-03-18 at 15:15, MCCALL,DON (HP-USA,ex1) wrote:
> Hi Matt,
> Do you have a LARGE user and/or group base in the NT domain you are
querying
> against?
> Does getent group ALWAYS return the same subset of groups, or does the
> output differ each time you do it?
> Is there anything outstandingly different between the groups that show up
> with getent group and the ones that don't (but do with wbinfo -g)?
> Don
>
> -----Original Message-----
> From: Matt Pavlovich [mailto:mpav at algx.net]
> Sent: Monday, March 18, 2002 11:03 AM
> To: MCCALL,DON (HP-USA,ex1)
> Cc: samba-technical at lists.samba.org
> Subject: RE: Spaces in groupname and winbind
>
>
> Don-
>
> Thanks for the clarification. That seems to work. My only problem now
> is that only a few groups are being returned w/ 'getent group'. I can
> get a full list of groups by doing a wbinfo -g, but not through the name
> service. Anything that does a group ID -> group Name mapping, like
> "ls", etc, are severely slowed down, and remote authentication isn't
> working in some cases. Presumably due to the inability to map 'valid
> users = @GROUPNAME' b/c the groupname isn't coming through getgrp().
>
> Anyone else see this on Solaris 8?
>
> Matt Pavlovich
>
> On Fri, 2002-03-15 at 14:52, MCCALL,DON (HP-USA,ex1) wrote:
> > Sorry Matt (inherent danger of cutting and pasting from someone elses
> > message - Lin Li, in this case, who was using the domain separator "\"),
> > use the domain separator you have defined in your smb.conf
> > file.
> > Don
> >
> > -----Original Message-----
> > From: Matt Pavlovich [mailto:mpav at algx.net]
> > Sent: Friday, March 15, 2002 3:30 PM
> > To: MCCALL,DON (HP-USA,ex1)
> > Cc: samba-technical at lists.samba.org
> > Subject: RE: Spaces in groupname and winbind
> >
> >
> > Don-
> >
> > Would I use "\" or the domain separator, in my case "+"? I see winbind
> > does a translation at one point.. but I do not know the order of
> > operation.
> >
> > Matt Pavlovich
> >
> > On Fri, 2002-03-15 at 14:26, MCCALL,DON (HP-USA,ex1) wrote:
> > > Hi Matt,
> > > I haven't tried this myself, but someone else on the list swears that
> this
> > > will work:
> > > quote:
> > >
> > > I just find use valid users = ' @"DOMAIN\Domain Users" ' will work.
> > > endquote.
> > >
> > > Hope this helps,
> > > Don
> > >
> > > -----Original Message-----
> > > From: Matt Pavlovich [mailto:mpav at algx.net]
> > > Sent: Friday, March 15, 2002 3:09 PM
> > > To: samba-technical at lists.samba.org
> > > Subject: Spaces in groupname and winbind
> > >
> > >
> > > When trying to limit access to a share with the parameter:
> > > valid users= @DOMAIN+group name, winbind has problems parsing that
name.
> > >
> > > Is the group is "Ras Users" --
> > >
> > > log.winbind
> > > [2002/03/15 14:04:50, 5] rpc_parse/parse_prs.c:dbg_rw_punival(730)
> > > 0030 buffer : . at .D.O.M.A.I.N.\.R.a.s.
> > >
> > > I also tried the suggested fix of:
> > >
> > > valid users= " "@DOMAIN+Group name" "
> > >
> > > What would be the valid syntax to escape the space with winbind?
> > >
> > > Matt Pavlovich
> >
>
More information about the samba-technical
mailing list