[Samba] SAMBA PDC User Permissions, Admin Settings, and Logon?

Rob Savage samba1 at shaw.ca
Tue Feb 25 06:30:16 GMT 2003 

Hey Nolan,

I can easily give you an answer to I3

>Issue 3: This is my main frustration - I cannot seem to block access to
>other peoples shares! EG user chrisg can access the nolan share, etc.
>
>
>[homes]
>        comment = Home Directory for %u
>        read only = No
>        create mask = 0660
>        directory mask = 0770
>        browseable = No
>        oplocks = No
>        level2 oplocks = No

Try adding these:

Valid users = %U
Path = /home/%u
Guest ok = No
---
Have an excellent day,

Rob Savage




-----Original Message-----
From: samba-bounces+samba1=shaw.ca at lists.samba.org
[mailto:samba-bounces+samba1=shaw.ca at lists.samba.org]On Behalf Of Nolan
Garrett
Sent: February 24, 2003 11:49 AM
To: samba at lists.samba.org
Subject: [Samba] SAMBA PDC User Permissions, Admin Settings, and Logon?

Hi all! First off, I'd like to thank you for the help you've previously
given me. I'd like to state a few of the problems I am now experiencing,
and you all can provide insight. I've read all the documentation I can find
and have surfed the archives for this newsgroup, but to no avail. Any help
would be greatly appreciated!

(I am using SAMBA 2.2.7)

Issue 1: If I don't have every user listed in the admin users = section that
I want to allow logon access, they cannot log on. I usually get a domain
unavailable error.

Issue 2: If I don't set up each user account (w/ domain) on the WinXP
machine I want to logon to, I get some kind of very, very limited logon. It
almost seems to be corrupted.

Issue 3: This is my main frustration - I cannot seem to block access to
other peoples shares! EG user chrisg can access the nolan share, etc.

Final Issue: Not a big problem, but I can't figure out how to set up the
CUPS drivers for the pdf-generator.

Is it a winbind problem, bad config, or am I just a moron?

Attached is my smb.conf

# Samba config file created using SWAT
# from gridlock.workgroup.net (192.168.0.5)
# Date: 2003/02/24 18:08:30

# Global parameters
[global]
        netbios name = MAIN
        server string = Samba Server %v
        encrypt passwords = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password
* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *p
asswd: *all*authentication*tokens*updated*succesfully*
        unix password sync = Yes
        log level = 1
        log file = /var/log/samba/log.%m
        max log size = 50
        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBU
F=8192 SO_SNDBUF=8192
        printcap name = cups
        domain admin group = @admins
        add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin
/false -M %u
        logon script = %U.bat
        logon path = \\main\profiles\%U
        logon drive = Z:
        logon home = \\main\%U\.profile
        domain logons = Yes
        os level = 99
        domain master = Yes
        dns proxy = No
        wins support = Yes
        winbind uid = 10000-20000
        winbind gid = 10000-20000
;       valid users = ahayes root danielleg chrisg rickg nolan
        admin users = root nolan chrisg rickg danielleg alyssag
        printer admin = nolan root
        hosts allow = 192.168.0. 127.
;       profile acls = Yes
        printing = cups

[homes]
        comment = Home Directory for %u
        read only = No
        create mask = 0660
        directory mask = 0770
        browseable = No
        oplocks = No
        level2 oplocks = No

[netlogon]
        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        write list = root nolan

[profiles]
        path = /var/lib/samba/profiles
        read only = No
        create mask = 0600
        directory mask = 0700
        guest ok = Yes
        browseable = No
        csc policy = disable

[printers]
        comment = All Printers
        path = /var/spool/samba
        printer admin = root nolan
        guest ok = Yes
        printable = Yes
        browseable = No

[print$]
        comment = Printer Drivers
        path = /etc/samba/drivers
        write list = root nolan

[pdf-generator]
        comment = PDF Generator (only valid users!)
        path = /var/tmp
        printable = Yes
        print command = /usr/share/samba/scripts/print-pdf %s ~%u \\\\\\\\%L
\\\\%u %m &

[public]
        comment = Public
        path = /home/samba/public
        read only = No
        guest ok = Yes



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list