[Samba] RE: SAMBA PDC User Permissions, Admin Settings, and Logon?

Nolan Garrett confed16 at myexcel.com
Tue Feb 25 00:11:54 GMT 2003 

Thank you! This definitely fixed the mapping problem. Now if I could only 
make my logons TRULY roaming...

Nolan

Rob Savage wrote:

> Hey Nolan,
> 
> I can easily give you an answer to I3
> 
>>Issue 3: This is my main frustration - I cannot seem to block access to
>>other peoples shares! EG user chrisg can access the nolan share, etc.
>>
>>
>>[homes]
>>        comment = Home Directory for %u
>>        read only = No
>>        create mask = 0660
>>        directory mask = 0770
>>        browseable = No
>>        oplocks = No
>>        level2 oplocks = No
> 
> Try adding these:
> 
> Valid users = %U
> Path = /home/%u
> Guest ok = No
> ---
> Have an excellent day,
> 
> Rob Savage
> 
> 
> 
> 
> -----Original Message-----
> From: samba-bounces+samba1=shaw.ca at lists.samba.org
> [mailto:samba-bounces+samba1=shaw.ca at lists.samba.org]On Behalf Of Nolan
> Garrett
> Sent: February 24, 2003 11:49 AM
> To: samba at lists.samba.org
> Subject: [Samba] SAMBA PDC User Permissions, Admin Settings, and Logon?
> 
> Hi all! First off, I'd like to thank you for the help you've previously
> given me. I'd like to state a few of the problems I am now experiencing,
> and you all can provide insight. I've read all the documentation I can
> find and have surfed the archives for this newsgroup, but to no avail. Any
> help would be greatly appreciated!
> 
> (I am using SAMBA 2.2.7)
> 
> Issue 1: If I don't have every user listed in the admin users = section
> that I want to allow logon access, they cannot log on. I usually get a
> domain unavailable error.
> 
> Issue 2: If I don't set up each user account (w/ domain) on the WinXP
> machine I want to logon to, I get some kind of very, very limited logon.
> It almost seems to be corrupted.
> 
> Issue 3: This is my main frustration - I cannot seem to block access to
> other peoples shares! EG user chrisg can access the nolan share, etc.
> 
> Final Issue: Not a big problem, but I can't figure out how to set up the
> CUPS drivers for the pdf-generator.
> 
> Is it a winbind problem, bad config, or am I just a moron?
> 
> Attached is my smb.conf
> 
> # Samba config file created using SWAT
> # from gridlock.workgroup.net (192.168.0.5)
> # Date: 2003/02/24 18:08:30
> 
> # Global parameters
> [global]
>         netbios name = MAIN
>         server string = Samba Server %v
>         encrypt passwords = Yes
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password
> * %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *p
> asswd: *all*authentication*tokens*updated*succesfully*
>         unix password sync = Yes
>         log level = 1
>         log file = /var/log/samba/log.%m
>         max log size = 50
>         socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBU
> F=8192 SO_SNDBUF=8192
>         printcap name = cups
>         domain admin group = @admins
>         add user script = /usr/sbin/useradd -d /dev/null -g machines -s
>         /bin
> /false -M %u
>         logon script = %U.bat
>         logon path = \\main\profiles\%U
>         logon drive = Z:
>         logon home = \\main\%U\.profile
>         domain logons = Yes
>         os level = 99
>         domain master = Yes
>         dns proxy = No
>         wins support = Yes
>         winbind uid = 10000-20000
>         winbind gid = 10000-20000
> ;       valid users = ahayes root danielleg chrisg rickg nolan
>         admin users = root nolan chrisg rickg danielleg alyssag
>         printer admin = nolan root
>         hosts allow = 192.168.0. 127.
> ;       profile acls = Yes
>         printing = cups
> 
> [homes]
>         comment = Home Directory for %u
>         read only = No
>         create mask = 0660
>         directory mask = 0770
>         browseable = No
>         oplocks = No
>         level2 oplocks = No
> 
> [netlogon]
>         comment = Network Logon Service
>         path = /var/lib/samba/netlogon
>         write list = root nolan
> 
> [profiles]
>         path = /var/lib/samba/profiles
>         read only = No
>         create mask = 0600
>         directory mask = 0700
>         guest ok = Yes
>         browseable = No
>         csc policy = disable
> 
> [printers]
>         comment = All Printers
>         path = /var/spool/samba
>         printer admin = root nolan
>         guest ok = Yes
>         printable = Yes
>         browseable = No
> 
> [print$]
>         comment = Printer Drivers
>         path = /etc/samba/drivers
>         write list = root nolan
> 
> [pdf-generator]
>         comment = PDF Generator (only valid users!)
>         path = /var/tmp
>         printable = Yes
>         print command = /usr/share/samba/scripts/print-pdf %s ~%u
>         \\\\\\\\%L
> \\\\%u %m &
> 
> [public]
>         comment = Public
>         path = /home/samba/public
>         read only = No
>         guest ok = Yes
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list