Samba 3.0.23pre1 Available for Download

Gerald (Jerry) Carter jerry at samba.org
Mon Apr 24 21:26:36 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ken Stone wrote:
>> ok.  I'll need a level 10 log file.  This could be changes
>> to how we generate the local unmapped Unix groups.
> 
> Here ya go ... yell if you need info on how its setup or more logs.
> 
>   -- Ken

The problem is this:

  Processing section "[homes]"
  add_a_service: Creating snum = 0 for homes
  hash_a_service: creating tdb servicehash
  hash_a_service: hashing index 0 for service name homes
  doing parameter preexec = touch %H/.llog
  doing parameter comment = Home Directories
  doing parameter valid users = ken, allyn, disser, cliff
  doing parameter browseable = no
  doing parameter writeable = yes
  doing parameter create mask = 0664
  doing parameter directory mask = 0775
  ....
  User ken no in 'valid users'
  user 'ken' (from session setup) not permitted to access
      this share (ken)
  error packet at smbd/reply.c(674) cmd=117 (SMBtconX)
      NT_STATUS_ACCESS_DENIED

You mapped to a local unix user.  The valid users is now
handled by a token based check.  However, lookup_names("ken")
is not resolving in the passdb (only exists in /etc/passwd)
so smbd is not makking the match between your NT token
and the Unix users 'ken'.  I'll have to dig a little deeper
on this.

Volker,  the key factors are 'security = domain' and no
winbindd.




=====================================================================
I live in a Reply-to-All world.               -----------------------
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFETUJWIR7qMdg1EfYRAsWaAJ4h35Wy7oiY36NL/92GVADYyjEiiACglZfR
2oIKJ5y+T2+k9YX7S/FMVWw=
=lbVf
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list