[Samba] winbind and bad permissions mapping from NT to Samba
Mauro Saitta
mauro.saitta at opentex.it
Mon Mar 24 16:49:41 GMT 2003
I'm installed Samba 2.2.8 with the intetion of use it as file share for
a NT Domain.
I have also an interest to the use of extended ACL so I recompiled the
kernel (2.4.20) with the acl patch and I added to my system acl, attr,
e2fsprogs and fileutils packages.
After all I join the samba server into the NT domain:
smbpasswd -j SAMBATEST -r SAMBA-SRV -U Administrator
where SAMBATEST is the NT domain and SAMBA-SRV is the PDC .
Then I configured winbind and pam to permit of use domain user on the
file sharing system.
So, if I log on to an NT4 workstation with the domain user Mauro which
is not administrator and I create a file named pippo.txt on the shared
partition, I observe that its permissions on the NT system are :
Everyone Special Access (RX)*
LAB5/Administrators Special Access (All)*
LAB5/Users Special Access (All)(All)
while on SAMBA-SRV if I run the command "ls -la" I observe that th
epermissions are correct:
-rwxr--r-- 1 SAMBATEST+Mauro SAMBATEST+Domain Users 0 03-21 17:52
pippo.txt
Why the domain user is not mapped correctly on both the systems?
Below I add my configurations:
1) smb.conf
[global]
workgroup = SAMBATEST
netbios name = LAB5
server string = Samba Server
security = DOMAIN
encrypt passwords = Yes
hosts equiv = SAMBA-SRV
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain admin group = root @sys
domain guest group = nobody @gust
add user script = /usr/local/samba/bin/adduser -d /dev/null -s
/bin/false -M %u delete user script =
/usr/local/samba/bin/yserdel %u
winbind uid = 10000-20000
winbind gid = 10000-20000
template shell = /bin/bash
.
.
.
[SHARE1]
comment = Risorsa Share
path = /opt/share1
admin users = root
read only = No
profile acls = Yes
2) /etc/pam.d/samba
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_pwdb.so use_first_pass
shadow nullok
account required /lib/security/pam_winbind.so
3) /etc/nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files nisplus dns wins
That's all.
Have you got any suggestions on what coud be the problem?
Thanks in advance for any help.
Mauro.
More information about the samba
mailing list