[Samba] Re: Hi need some understanding

John H Terpstra jht at samba.org
Wed Jun 25 04:02:01 GMT 2003 

Richard,

Sorry. Samba does NOT support having No Unix Account (NUA) for users and
groups. We tried to implement this but there are way too many issue that
caused us to remove it before Samba-3.0.0Beta1.

Bottom line: You need Unix accounts.

PS: Some would argue that if you put all your accounts in an LDAP backend
then you have No Unix Accounts. :)

- John T.

On Mon, 23 Jun 2003, RJPvT wrote:

> Gémes Géza wrote:
> > RJPvT írta:
> >
> >> Hi guys,
> >>
> >> (sorry for my typos, i'm dutch :-) )
> >>
> >> First I would like to congratulate you all for a job wel done, the
> >> samba 3.0 looks and works great.
> >>
> >> I have got a question neverteless,
> >>
> >> I want to use the user manager for winnt for my users and group admin.
> >> but i also want to stay off the linux accounts since i don't want
> >> everyone to be able to login to various programs
> >>
> >> i am using the tdbsam backend with the idmap, but i cannot create
> >> users with the user manager, nor can i create groups.
> >>
> >> i know i will have to user net group and pdbedit to make these
> >> but i cannot figure out the right syntaxes with the add user, add
> >> group scripts in smb.conf
> >>
> >> also I cannot use more then 1 group per user, and would like te be
> >> able to change this.
> >>
> >> Could you give me some pointers, or possible the commands for
> >> add user, add group, delete user from, add user to, etc. ?
> >>
> >> this is my current smb.conf :
> >>
> >> [global]
> >>         workgroup = RJPCNET
> >>         netbios name = RJPC-srv1
> >>         server string = Samba3
> >>         passdb backend = tdbsam, guest
> >>         password level = 8
> >>         username level = 8
> >>         syslog = 0
> >>         log file = /var/log/samba/%m
> >>         name resolve order = wins bcast hosts
> >>         time server = Yes
> >>         socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192
> >> O_RCVBUF=8192
> >>         disable spoolss = Yes
> >>         domain logons = Yes
> >>         os level = 35
> >>         preferred master = Yes
> >>         domain master = Yes
> >>         wins support = Yes
> >>         utmp = Yes
> >>         idmap uid = 15000-20000
> >>         idmap gid = 15000-20000
> >>         comment = Samba 3.0.0
> >>         printing = cups
> >>
> >>
> >> [homes]
> >>         comment = Home Directories
> >>         valid users = %S
> >>         read only = No
> >>         browseable = No
> >>
> >>
> >> [netlogon]
> >>         comment = Network Logon Service
> >>         path = /var/lib/samba/netlogon
> >>         admin users = root
> >>         guest ok = Yes
> >>         nt acl support = No
> >>         browseable = No
> >>         blocking locks = No
> >>         csc policy = disable
> >>         locking = No
> >>         oplocks = No
> >>         level2 oplocks = No
> >>         posix locking = No
> >>         strict locking = No
> >>         share modes = No
> >>
> >>
> >> [simple]
> >>         comment = simple share
> >>         path = /tmp
> >>         read only = No
> >>
> >>
> > I would suggest you to look at jht at samba.org 's smb.conf sent to the
> > list two days ago , you will find it attached to this mail
> >
> > Good Luck
> >
> > Geza Gemes
> [..]
> > 	unix password sync = Yes
> > 	log level = 1
> > 	syslog = 0
> > 	log file = /var/log/samba/%m
> > 	smb ports = 139 445
> > 	name resolve order = wins bcast hosts
> > 	time server = Yes
> > 	socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192
> > 	printcap name = CUPS
> > 	disable spoolss = Yes
> > 	add user script = /usr/sbin/useradd -m %u
> > 	delete user script = /usr/sbin/userdel -r %u
> > 	add group script = /usr/sbin/groupadd %g
> > 	delete group script = /usr/sbin/groupadd %g
> > 	add user to group script = /usr/sbin/usermod -G %g %u
> > 	add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
> > 	shutdown script = /var/lib/samba/scripts/shutdown.sh
> > 	abort shutdown script = /sbin/shutdown -c
> > 	logon script = scripts\logon.bat
> [...]
>
> I already used that one to create mine, but as I understand the
> useradd/userdel command, this creates linux accounts that samba creates,
> and that is exactly what I don't want to do
>
> I want users to be created only for samba, without a linux account.
>
> But thanks for the thinking.
>
> Greetz, Richard
>
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list