Users can map shares without password in domain-security mode

[Christian Seip]

Once again! :-)

Jeffry Smith schrieb:: 

> > [public]
> >         path = /shares/public
> >         read only = No
> >         browseable = Yes
> >         guest ok = Yes
> I assume /shares/public is on the shared storage

Your assumption is correct.

> > [pub]
> >         path = /home/public
> >         read only = No
> >         browseable = Yes
> >         guest ok = yes
> same assumption

The same is true for this one.

> Since it works with one, but not with the cluster, my guess would be
> that the two machines in the cluster are not seeing things the same.

I'm still in testing mode, so the cluster software is disabled and I
start samba
manually. So far it's a single standard samba server.

> You're running useradd on one machine, so it knows about the person,
> but not on the other.  I'll have to do some testing, see what happens.

If the other node doesn't know the person connecting, it creates the
account. That's
why I use the "add user script". The result is a bad mixture of UIDs.
The same UID
can belong to different user accounts on the nodes. I said that before
and I'm going
to fix that with some sort of "mypasswd" on the shared storage.

> Suspect it would need a script to copy the passwd file to the second
> node, or run useradd on the second node (preference would be some kind
> of copying, to ensure the systems see the same passwd file, but I
> don't know about the effect of changing the passwd file under a
> running system).

I'll modify the smb_useradd.pl in order to keep both userlists
synchronized.
Actually, I won't create a user on both nodes at the same time. That
will work most
of the time but not if the second node is down. I'll keep a list with
usernames and
UIDs in which I look up a username to get its existing UID. Sorry, it's
badly
explained but I think you get the picture.

Regards,

Christian (same person, different mail-address)