[Samba] Winbind and user-mapping

David Edward Shapiro David.Edward.Shapiro at btitele.com
Mon Feb 25 05:41:04 GMT 2002 

What are the permissions on the directory?  

Do getent passwd | grep -i <windows user>

Note the group number and user id.  That group number/user id need to have
permissions to write/read in the all share.  You can use the "force group ="
option to make the creation of files get set to its group.  I noted that
domain users got the gid of 1000, so in /etc/group I made a group called
users with gid of 1000.  I set force group = users and gave that group the
appropriate permissions.

David

-----Original Message-----
From: Glatzel Tino [mailto:tino.glatzel at badenIT.de]
Sent: Monday, February 25, 2002 7:28 AM
To: 'samba at lists.samba.org'
Subject: [Samba] Winbind and user-mapping


Winbindd can see the NT-user, but samba can't work with the NT-user.

My System: 	SuSE Linux 7.2 Enterprise Server
		Samba-2.2.3a

I have install samba by the following steps:

1.	./configure --prefix=/opt/samba-2.2.3a --with-winbind
2.	make
3.	make install
4.	cp /tmp/samba-2.2.3a/source/nsswitch/libnss_winbind.so /lib
5.	ln -s /lib/libnss_winbind.so /lib/libnss_winbind.so.2
6.	vi /etc/nsswitch.conf

	passwd: compat winbind
	group:  compat winbind

7.	/sbin/ldconfig -v | grep winbind   --> I can see it!
8.	vi /opt/samba-2.2.3a/lib/smb.conf

	[global]
	workgroup = test
        	netbios name = SAMBA
        	encrypt passwords = yes
        	server string = SAMBA %v
        	load printers = no
        	security = DOMAIN
        	password server = *
        	keepalive = 30
        	winbind uid = 1000-2000
        	winbind gid = 3000-8000
        	winbind enum users = yes
        	winbind enum groups = yes
        	template shell = /bin/bash
        	winbind separator = +
        	winbind cache time = 10

	[all]
        	comment = For all users
        	path = /all
        	guest ok = Yes
        	writeable = Yes
        	create mode = 0770
        	directory mode = 0770
        	browseable = Yes
        	write ok = Yes

9.	smbpasswd -j test -r pdc -U admin  --> It works

And now the Problem:
With /opt/samba-2.2.3a/bin/wbinfo -u, i can see the DOMAIN-USERS
With /opt/samba-2.2.3a/bin/wbinfo -g, i can see the DOMAIN-GROUPS

If a Windows-user creates a file at the "all"-share, the owner of the file
is  nobody and the group is nogroup.
Why ??
What is wrong ??



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list