username map behavior
Levi Ruiz
lruiz at pnicorp.com
Tue Oct 16 07:29:14 GMT 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Is there a way in samba 2.2.2-pre (SAMBA_2_2 latest CVS) to grant a user
privileges as another user instead of just remapping the user to another
user? I set the "username map = /etc/samba/user.map" configuration option
and added:
root = "DOMAIN+ at Domain Admins"
to the user.map file but whenever I create a file it is owned by root
instead of my username...is there any way around this? I would like to
grant Domain Admins privileged access to the samba shares but still be able
to make new files and folders as their own account.
I am using Red Hat 7.1 with kernel 2.4.9 with the ACL patch version 0.7.16.
I am using winbindd to enumerate users and groups from the PDC which is
running NT4 SP6a with all current security patches. My workstation I am
doing my testing from is Windows 2000 SP2 also with all current security
patches.
Please send any responses directly to my e-mail as I am not currently
subscribed to the list.
Thank you
<begin smb.conf>
[global]
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/profiles/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
workgroup = DOMAIN
server string = Network Storage
security = DOMAIN
encrypt passwords = Yes
password server = *
domain logons = no
local master = no
domain master = no
preferred master = no
log file = /var/log/samba/%m.log
max log size = 0
name resolve order = wins lmhosts bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
dns proxy = No
wins server = 10.1.1.5
remote announce = 10.1.1.255
remote browse sync = 10.1.1.2
hosts allow = 10.1.1. 127.
printing = lprng
add user script = /usr/sbin/useradd -g domain -d /home/samba -s
/dev/null -c %u %u
delete user script = /usr/sbin/userdel %u
username map = /etc/samba/users.map
[public]
comment = Public Stuff
path = /home/samba
writeable = Yes
guest ok = No
createmode = 740
directory mode = 740
[public2]
comment = Test share
path = /usr/local/src
writeable = Yes
guest ok = No
[profiles]
comment = User Profiles
path = /home/profiles
create mask =0600
directory mask = 0700
; restrict acl with mask = yes
force directory mode = 0700
force create mode = 0600
restrict acl with mask = yes
map hidden = yes
map system = yes
writeable = Yes
guest ok = No
[archives]
comment = Archives
path = /home/archives
writeable = Yes
guest ok = No
[forms]
comment = Forms
path = /home/forms
writeable = Yes
guest ok = No
[Test]
comment = Test
path = /tmp
writeable = Yes
guest ok = No
<end smb.conf>
.·°·»---------------------------------------------------------«·°·.
-If everyone throws in their two cents worth, -
-but its a penny for your thoughts...who keeps the profit?-
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1
iQA/AwUBO8xCBcbgHXR4hb1iEQJtEgCgj2Nov00+Frg9CT9O4Tgb/Qzn9WUAoNGw
5sF/t9QJzoh21giTOLqLQv2G
=PLvD
-----END PGP SIGNATURE-----
More information about the samba
mailing list