problemns with samba and w2k3

Alexei Dalenkov alexeiad at gmail.com
Wed Jul 13 10:59:21 GMT 2005 

Hi,

Im new to this list...

Ive got a problem running Samba against a ADS on W2k3 SP1. It simply
doesnt work. If you enter domain user and password you get access to
your home folder, but not to those supposedly shared by your group.
Same permission policy was used in both kind of folders, using domain
users and groups. With 'wbinfo -u -g' both domain users and groups are
listed correctly, so where could error be?

When listing folders with 'll' owners names are not shown but their
uIDs instead (actual UIDs, I checked it with wbinfo). Is it relevant?

Here is a list of folders, my smb.conf, a part of nsswitch.conf and krb5.conf.


drwxrwx---   2 root 9013 4096 jun 24 09:33 administracion
drwxrwx---   2 root 9000 4096 jul 11 10:01 comun
drwxrwx---   2 root 9003 4096 jun 24 09:33 electricidad
drwxrwx---   2 root 9011 4096 jun 27 16:48 gerencia
drwxrwx---  14 root 9003 4096 jul 12 17:20 informatica
drwxrwx---   2 root 9012 4096 jun 24 12:48 ingenieria

smb.conf

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2005/07/13 11:44:26

# Global parameters
[global]
	workgroup = domain
	realm = domain.COM
	security = ADS
	password server = tolkien.domain.com
	max protocol = LANMAN2
	preferred master = No
	local master = No
	ldap ssl = no
	idmap uid = 100000-200000
	idmap gid = 100000-200000
	template homedir = /home/%U
	template shell = /bin/bash
	winbind separator = +
	username = @
	read only = No
	map hidden = Yes

[informatica]
	preserve case = No
	path = /domain/informatica
	only user = yes
	force group = domain+informatica
	comment = Carpeta intercambio informatica
	hide dot files = No
	user = @domain+informatica
	create mode = 0775
	directory mode = 0775

[gerencia]
	path = /domain/gerencia
	username = @domain+gerencia
	create mask = 0775
	directory mask = 0775

[comun]
	comment = Carpeta comun
	path = /domain/comun
	force group = domain+Usuarios del dominio
	create mask = 0775
	directory mask = 0775

[ingenieria]
	path = /domain/ingenieria
	username = @domain+ingenieria
	force group = domain+ingenieria
	create mask = 0775
	directory mask = 0775

[electricidad]
	path = /domain/electricidad
	force group = domain+electricidad
	create mask = 0775
	directory mask = 0775

[homes]
	comment = Carpeta Personal
	path = /home/%U
	username = %u,@"domain+Usuarios del dominio"
	create mask = 0700
	directory mask = 0700

nsswitch.conf:

passwd:     files winbind
shadow:     files winbind
group:      files winbind
protocols   files winbind
services    files winbind
netgroup    files windind
automount   files winbind

krb5.conf

[libdefaults]
        default_realm = DOMAIN.COM

[realms]
        DOMAIN.COM = {
        kdc = tolkien.domain.com
        }

[domain_realms]
        .DOMAIN.COM = DOMAIN.COM


-- 
"El mundo está lleno de inteligentes q lo disimulan, o de imbéciles q
no se recatan de serlo..."

More information about the samba-technical mailing list