[Samba] Winbind + Space in Group Name = Not working

L/\le mannini at email.it
Sun Mar 17 07:33:02 GMT 2002 

----- Original Message -----
From: "Matt Pavlovich" <mpav at algx.net>
To: <samba at lists.samba.org>
Sent: Wednesday, March 13, 2002 10:57 PM
Subject: [Samba] Winbind + Space in Group Name = Not working


> Using Samba 2.2.3a, w/ winbind on Debian woody, and Solaris 8.
>
> A share configured to only allow users within a group is not working
> because the group name has a space in it.  I have tried the syntax
> posted here a while back:
>
> http://lists.samba.org/pipermail/samba/2001-October/059612.html
>      Try->   valid users = " "@Domain Users" "
>
> But that does not work.  A group such as "Domain Users" in domain
> "Domain" returns an error in log.smbd:
>
> user_in_winbind_group_list: winbind_lookup_name for group DOMAIN+Domain
> failed.
>
> wbinfo -t returns: Secret is good
> getent passwd: Returns user list
> getent group: Returns group list
>
> smb.conf looks like:
>
> [global]
> workgroup = DOMAIN
> netbios name = SAMBATEST
> server string = Samba Test Server (Samba %v)
> security = domain
> encrypt passwords = Yes
> update encrypted = Yes
> obey pam restrictions = no
>         password server = *
> unix password sync = no
> invalid users = root
> syslog = 0
> max log size = 1000
> name resolve order = wins bcast host lmhosts
> socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096
> SO_RCVBUF=4096
> load printers = No
> add user script = /usr/sbin/useradd -p %u %u
> preferred master = False
> local master = No
> domain master = False
> dns proxy = No
> wins server = 10.10.20.20
> # Winbind Options
> winbind uid = 10000-20000
> winbind gid = 10000-20000
>         winbind separator = +
> template shell = /bin/false
>         template homedir = /export/home/samba/%D/%U
>
> [homes]
> comment = Home Directories
> create mask = 0700
> directory mask = 0700
> browseable = yes
>         writeable = yes
>
> [files]
> comment = User1 writes, everyone else reads
> path = /export/home/samba/files
> force user = DOMAIN+user1
> force group = DOMAIN+Domain Users
> read only = No
> create mask = 0750
> force create mode = 0750
>         directory mask = 0750
>         inherit permissions = yes
>         write list = Domain+user1
> browseable = yes
>
> #  ***** PROBLEM HERE ******
>         valid users = " "@DOMAIN+Domain Users" "

I had the same problem and allowed the access with

       valid users = @'DOMAIN+Domain Users'

Now it works fine but in the log messages i always obtain:

user_in_winbind_group_list: winbind_lookup_name for group DOMAIN+Domain
failed.



Why?

                    Bye all

                                /\lessandro




--
Prendi GRATIS l'email universale che... risparmia: http://www.email.it/f

Sponsor:
Notizie, Rumors, Approfondimenti, Quotazioni?
L'informazione finanziaria in tempo più che reale: 

Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=242&d=17-3

More information about the samba mailing list