Insider query

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Fri Sep 14 07:57:04 GMT 2001 

Hi Steve,
that's correct.  Any samba server that a windows client connects to as a
windows username
MUST either access the file server as 'guest' or the linux/*ux machine MUST
have a valid unix user name in the /etc/passwd or nis database that matches
this windows username (or is 'mapped' to the username via usermap file).
That's why your "PDC" access is working, but your 'fileserver' access on the
other box is not.  When samba accesses files, the access is controlled by
the uid/gid pair of some VALID unix user.  If there IS not valid unix user
mapped to the windows user trying to access the file, SAMBA has no idea
whether the user should be able to access the file or not.  Samba avoids
that whole issue by checking to see if the username that is passed in the
smbsessionsetup is mapped (or equal) to a valid UNIX user before it even
lets him connect in the first place.  if he DOESN't, then depending on your
smb.conf parameters, he may connect him as whatever the 'guest account'
parameter says the unix guest account is; by default this is the 'nobody'
account.

Make sense?

Bottom line, you need to reproduce your linux user structure you are using
on your 'pdc' to your other fileserver as well...
Hope this helps,
Don

-----Original Message-----
From: Steve [mailto:steve at videogroup.com]
Sent: Friday, September 14, 2001 10:32 AM
To: samba at lists.samba.org
Subject: Insider query


Hi there,

I'm trying to locate some information to understand what is going on, hoping

that you can point me in the right direction. It seems that I have a very 
unusual situation.

(My KMail has over 5000 messages from the samba list, but I cannot find what

I'm looking for. Maybe too many : ) I read the help files, bought "Linux 
Samba Server Administration" by Smith, but cannot find an answer there 
either.)


Version 2.2.1a is running on three SuSE 7.2 boxes. 
One is the "PDC" for w98 clients. The other is a plain file server. The
third 
is not online yet. (They used to be all NT servers, but I'm moving one at a 
time to Linux.)

A remaining NT server (the backup DC) is also running a critical company app

that has not been moved onto Linux yet.

All users exists as a Linux user without pwd, and as smbusers with pwd, on 
the PDC.

The SuSE file server has no non admin type users at all.

If I add any user to the file server the mappings becomes unavailable for 
that user (from w98). I cannot easily get new shares to work without giving 
them guest access with full file rights on the server.

It seems one is supposed to have a Linux user too for samba to work.

What's up?
-- 
 
Steve Szmidt
V.P. Information
Video Group Distributors, Inc.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list