username map behavior

Levi Ruiz lruiz at
Tue Oct 16 07:29:14 GMT 2001

Hash: SHA1

Is there a way in samba 2.2.2-pre (SAMBA_2_2 latest CVS) to grant a user
privileges as another user instead of just remapping the user to another
user?  I set the "username map = /etc/samba/" configuration option
and added:

root = "DOMAIN+ at Domain Admins"

to the file but whenever I create a file it is owned by root
instead of my there any way around this?  I would like to
grant Domain Admins privileged access to the samba shares but still be able
to make new files and folders as their own account.

I am using Red Hat 7.1 with kernel 2.4.9 with the ACL patch version 0.7.16.
I am using winbindd to enumerate users and groups from the PDC which is
running NT4 SP6a with all current security patches.  My workstation I am
doing my testing from is Windows 2000 SP2 also with all current security

Please send any responses directly to my e-mail as I am not currently
subscribed to the list.

Thank you

<begin smb.conf>

        winbind separator = +
        winbind enum users = yes
        winbind enum groups = yes
        winbind cache time = 10
        template shell = /bin/bash
        template homedir = /home/profiles/%U
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        workgroup = DOMAIN
        server string = Network Storage
        security = DOMAIN
        encrypt passwords = Yes
        password server = *
        domain logons = no
        local master = no
        domain master = no
        preferred master = no
        log file = /var/log/samba/%m.log
        max log size = 0
        name resolve order = wins lmhosts bcast
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        load printers = No
        dns proxy = No
        wins server =
        remote announce =
        remote browse sync =
        hosts allow = 10.1.1. 127.
        printing = lprng
        add user script = /usr/sbin/useradd -g domain -d /home/samba -s
/dev/null -c %u %u
        delete user script = /usr/sbin/userdel %u
        username map = /etc/samba/

        comment = Public Stuff
        path = /home/samba
        writeable = Yes
        guest ok = No
        createmode = 740
        directory mode = 740

        comment = Test share
        path = /usr/local/src
        writeable = Yes
        guest ok = No

        comment = User Profiles
        path = /home/profiles
        create mask =0600
        directory mask = 0700
;       restrict acl with mask = yes
        force directory mode = 0700
        force create mode = 0600
        restrict acl with mask = yes
        map hidden = yes
        map system = yes
        writeable = Yes
        guest ok = No

        comment = Archives
        path = /home/archives
        writeable = Yes
        guest ok = No

        comment = Forms
        path = /home/forms
        writeable = Yes
        guest ok = No

        comment = Test
        path = /tmp
        writeable = Yes
        guest ok = No

<end smb.conf>

    -If everyone throws in their two cents worth,             -     
    -but its a penny for your thoughts...who keeps the profit?-

Version: PGP 7.0.1


More information about the samba mailing list