[Samba] Problem with admin users

Luiz Fernando Aguiar Leme billy at tol.net.br
Mon Dec 15 14:09:50 GMT 2003


Hi all,

on my smb.conf, contents the following lines:

admin users = root claudio roberto
security = server

when this users save  or write files on shared folders, they saves with
root:wheels.

How do i force this users to save your own user:group and not root:wheels???

On the shared folders contents the following lines, for example:

[publico]
   comment = Diretorio publico
   path = /usuarios/publico
   public = yes
   writable = yes
   security mask = 770
   create mask = 0770
   force create mode = 770
   force directory mode = 770
   force security mode = 770
   printable = no

thanks!

----- Original Message ----- 
From: "Dragan Krnic" <dkrnic at lycos.com>
To: <Bill.Light at kp.org>
Cc: <samba at lists.samba.org>
Sent: Monday, December 15, 2003 10:48 AM
Subject: [Samba] Re: Profile privelege problem


> > ...
> > I used the latest and greatest SuSE 9.0 Professional...
> > I then installed all the latest patches via YaST.  That
> > gives me a kernel of 2.4.21 (-144 in SuSE speak) and
> > Samba 2.2.8a
> >
> > I had the configuration backed up on another box, so I
> > used that as the base for Samba 2.2.8a.  I have tried
> > chmod, chown of various directories, making profile
> > world readable, writeable, executeable, all to no avail.
> > have tried commenting out various lines as suggested by
> > other posts...also to no avail.
> >
> > W2K reports it can not find roaming profile, and then
> > also reports it can not find a local profile, and signs
> > the user (any user) on with a "temp" profile.  All drive
> > mappings are available, just no profiles, recent lists, etc...
> >
> > Samba log is showing:  api_samr_set_userinfo: Unable to
> > unmarshall SAMR_SET_Q_USERINFO
> >
> > bumping the samba log level, verifies that I am going after
> > the user profile and I am "dying" because of lack of
> > priveleges....yet I can ssh into the box as a user and read
> > or touch or execute anything I want !?
>
> Must be something trivial, but whoever wants to help you will
> need your smb.conf to see how you set it up. I can suggest
> relevant options how I handle the profiles:
>
> [global]
>    ...
>    logon path = \\p90.p1.n.d.d\profiles\%U
>    domain logons = Yes
>    create mask = 0664
>    directory mask = 0775
>    ...
>
> [profiles]
>    path = /local/profiles
>    valid users = %U
>    read only = No
>    inherit permissions = No
>    security mask = 0777
>    directory security mask = 0777
>    browseable = No
>    csc policy = disable
>
>
> My Samba server is a PDC for the domain with wins and all.
> It runs SuSE 8.2 (kernel 2.4.20-86) but that shouldn't matter.
> The permissions on user profile directories are all "drwx--S--".
> All directories belong to individual users, group "users".
>
> If you can't recognize what your problem is, enclose smb.conf
> next time.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>



More information about the samba mailing list