username map behavior

Levi Ruiz lruiz at pnicorp.com
Tue Oct 16 07:29:14 GMT 2001


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is there a way in samba 2.2.2-pre (SAMBA_2_2 latest CVS) to grant a user
privileges as another user instead of just remapping the user to another
user?  I set the "username map = /etc/samba/user.map" configuration option
and added:

root = "DOMAIN+ at Domain Admins"

to the user.map file but whenever I create a file it is owned by root
instead of my username...is there any way around this?  I would like to
grant Domain Admins privileged access to the samba shares but still be able
to make new files and folders as their own account.

I am using Red Hat 7.1 with kernel 2.4.9 with the ACL patch version 0.7.16.
I am using winbindd to enumerate users and groups from the PDC which is
running NT4 SP6a with all current security patches.  My workstation I am
doing my testing from is Windows 2000 SP2 also with all current security
patches.

Please send any responses directly to my e-mail as I am not currently
subscribed to the list.

Thank you

<begin smb.conf>

[global]
        winbind separator = +
        winbind enum users = yes
        winbind enum groups = yes
        winbind cache time = 10
        template shell = /bin/bash
        template homedir = /home/profiles/%U
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        workgroup = DOMAIN
        server string = Network Storage
        security = DOMAIN
        encrypt passwords = Yes
        password server = *
        domain logons = no
        local master = no
        domain master = no
        preferred master = no
        log file = /var/log/samba/%m.log
        max log size = 0
        name resolve order = wins lmhosts bcast
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        load printers = No
        dns proxy = No
        wins server = 10.1.1.5
        remote announce = 10.1.1.255
        remote browse sync = 10.1.1.2
        hosts allow = 10.1.1. 127.
        printing = lprng
        add user script = /usr/sbin/useradd -g domain -d /home/samba -s
/dev/null -c %u %u
        delete user script = /usr/sbin/userdel %u
        username map = /etc/samba/users.map

[public]
        comment = Public Stuff
        path = /home/samba
        writeable = Yes
        guest ok = No
        createmode = 740
        directory mode = 740

[public2]
        comment = Test share
        path = /usr/local/src
        writeable = Yes
        guest ok = No

[profiles]
        comment = User Profiles
        path = /home/profiles
        create mask =0600
        directory mask = 0700
;       restrict acl with mask = yes
        force directory mode = 0700
        force create mode = 0600
        restrict acl with mask = yes
        map hidden = yes
        map system = yes
        writeable = Yes
        guest ok = No

[archives]
        comment = Archives
        path = /home/archives
        writeable = Yes
        guest ok = No

[forms]
        comment = Forms
        path = /home/forms
        writeable = Yes
        guest ok = No

[Test]
        comment = Test
        path = /tmp
        writeable = Yes
        guest ok = No

<end smb.conf>

.·°·»---------------------------------------------------------«·°·.
    -If everyone throws in their two cents worth,             -     
    -but its a penny for your thoughts...who keeps the profit?-


-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBO8xCBcbgHXR4hb1iEQJtEgCgj2Nov00+Frg9CT9O4Tgb/Qzn9WUAoNGw
5sF/t9QJzoh21giTOLqLQv2G
=PLvD
-----END PGP SIGNATURE-----




More information about the samba mailing list