[Samba] Samba 3 and MMC (Microsoft Management Console)
rruegner
robowarp at gmx.de
Fri Nov 7 11:16:52 GMT 2003
Hi nils , to use usmgr you have to need valid entries in your smb.conf
this is example conf for suse 8.2 samba 3 , study the entries, and
look after their relatency in man smb.conf
you can create and delete users and groups, and modify group membership for
users
machine creation is done in the example on the fly in a group Machines
you have to do a group match between linux and win
you should update to samba 3, and make a group mapping from unix root group
to domain administrators and local administrators
i use this script i.e.
#!/bin/bash
net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nobody
net groupmap modify ntgroup="Administrators" unixgroup=ntadmin
net groupmap modify ntgroup="Users" unixgroup=users
net groupmap modify ntgroup="Guests" unixgroup=nobody
net groupmap modify ntgroup="System Operators" unixgroup=sys
net groupmap modify ntgroup="Account Operators" unixgroup=ntadmin
net groupmap modify ntgroup="Backup Operators" unixgroup=bin
net groupmap modify ntgroup="Print Operators" unixgroup=lp
net groupmap modify ntgroup="Replicators" unixgroup=daemon
net groupmap modify ntgroup="Power Users" unixgroup=sys
glibc-locale has to be installed
and if you have this in /etc/sysconfig/language for german umlauts !
## Path: System/Environment/Language
## Description:
## Type:
string(POSIX,ca_ES.ISO-8859-1,ca_ES.UTF-8,cs_CZ.ISO-8859-2,cs_CZ.UTF-8,da_DE
@euro,da_DK.ISO-8859-1,da_DK.UTF-8,de_DE at euro,de_DE.ISO-8859-1,de_DE.UTF-8,e
l_GR.ISO-8859-7,el_GR.UTF-8,en_GB.ISO-8859-1,en_GB.UTF-8,en_IE at euro,en_IE.IS
O-8859-1,en_US.ISO-8859-1,es_ES at euro,es_ES.ISO-8859-1,es_ES.UTF-8,fr_FR at euro
,fr_FR.ISO-8859-1,fr_FR.UTF-8,gl_ES at euro,gl_ES.ISO-8859-1,gl_ES.utf-8,hr_HR.
ISO-8859-2,hu_HU.ISO-8859-2,hu_HU.UTF-8,it_IT at euro,it_IT.ISO-8859-1,it_IT.UT
F-8,ja_JP.eucJP,ja_JP.UTF-8,lt_LT.ISO-8859-13,lt_LT.UTF-8,nl_NL at euro,nl_NL.I
SO-8859-1,nl_NL.UTF-8,ru_RU.ISO-8859-5,ru_RU.KOI8R,ru_RU.UTF-8,sk_SK.ISO-885
9-2,sk_SK.UTF-8,tr_TR.ISO-8859-9,tr_TR.UTF-8,ko_KR.eucKR,ko_KR.UTF-8,zh_TW.B
ig5,zh_TW.UTF-8,zh_CN.GB2312,zh_CN.UTF-8)
## Default: ""
#
#
# Local users will get RC_LANG as their default language, i.e. the
# environment variable $LANG . $LANG is the default of all $LC_*-variables,
# as long as $LC_ALL is not set, which overrides all $LC_-variables.
# Root uses this variable only if ROOT_USES_LANG is set to "yes".
#
RC_LANG="de_DE at euro"
## Type: string
## Default: ""
#
# This variable will override all LC-variables!!
# Again, ROOT_USES_LANG must be set to "yes", if an effect on the superuser
# account is desired.
#
RC_LC_ALL="de_DE at euro"
## Type: string
## Default: ""
#
# This defines the locale in which messages of programs and
# libraries with i18n-support should appear if a translated
# message catalog for the library or the program is installed.
# This also provides localized yes/no answers.
#
RC_LC_MESSAGES=""
## Type: string
## Default: ""
#
# This defines the locale for character handling and classification.
# The libc uses this value in language dependent function calls, such
# as e.g. uppercase/lowercase mapping of foreign characters.
#
RC_LC_CTYPE=""
## Type: string(POSIX)
## Default: POSIX
#
# This defines the locale for sorting strings and characters.
# It is used by the libc to obtain the alphabetical order of characters
# (e.g. for string comparisons).
#
# To keep bash and possibly other apps from misbehaviour, you should
# probably keep this at POSIX and set it only for the apps that need it.
#
RC_LC_COLLATE=""
## Type: string
## Default: ""
#
# This defines the locale for date and time output formats.
# i.e.: 06/09/1999 vs. 09.06.1999
#
RC_LC_TIME=""
## Type: string
## Default: ""
#
# This defines the locale for formatting and reading numbers.
# i.e.: 1,234.56 vs. 1.234,56
#
RC_LC_NUMERIC=""
## Type: string
## Default: ""
#
# This defines the locale for formatting and reading money values.
#
RC_LC_MONETARY=""
## Type: string(ctype)
## Default: ctype
#
# This defines if the user "root" should use the locale settings
# which are defined here.
# Value "ctype" means that root uses just LC_CTYPE.
#
ROOT_USES_LANG="yes"
installed the packs like this (from Ftp suse.com people gd )
rpm -U --force --nodeps ldapsmb-1.2-0.noarch.rpm
rpm -U --force --nodeps libsmbclient-3.0.0-0.i586.rpm
rpm -U --force --nodeps libsmbclient-devel-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-3.0.0-0.src.rpm
rpm -U --force --nodeps samba3-cifsmount-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-client-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-doc-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-pdb-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-python-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-utils-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-vscan-0.3.4-0.i586.rpm
rpm -U --force --nodeps samba3-winbind-3.0.0-0.i586.rpm
rpm -U --force --nodeps samba3-wrepld-3.0.0-0.i586.rpm
#act as pdc
# Generated by
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
#
[global]
browseable = no
largereadwrite = yes
passwdprogram = /usr/bin/passwd %u
logonscript = login.bat
logonhome = \\%L\%u
bindinterfacesonly = Yes
netbiosname = musi
nameresolveorder = wins bcast hosts
addsharecommand =
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
ntaclsupport = yes
deletesharecommand =
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
usernamemap = /etc/samba/smbusers
idmapuid = 15000-20000
winshook = /usr/share/doc/packages/samba3/examples/wins_hook/dns_update
addmachinescript = /usr/sbin/useradd -g Machines -c Machine -d /dev/null -s
/bin/false %u
hostmsdfs = Yes
printcapname = cups
deleteuserscript = /usr/sbin/userdel -r %u
domainlogons = yes
shutdownscript = /sbin/shutdown
logfile = /var/log/samba/%m
socketoptions = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF
winsproxy = Yes
logondrive = Z:
addusertogroupscript = /usr/bin/gpasswd -a %u %g
workgroup = MUSI
pampasswordchange = Yes
idmapgid = 15000-20000
domainmaster = yes
adminusers = root, Administrator
timeserver = yes
ldapssl = no
displaycharset = ISO8859-1
addgroupscript = /usr/sbin/groupadd -r %g
abortshutdownscript = /sbin/shutdown -c
deleteuserfromgroupscript = /usr/bin/gpasswd -d %u %g
vetofiles =
/*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network
Trash Folder/.*/
delete veto files = yes
loglevel = 2
adduserscript = /usr/sbin/useradd -m %u
hidedotfiles = yes
setprimarygroupscript = /usr/sbin/usermod -g '%g' '%u'
usesendfile = Yes
unixcharset = ISO8859-1
interfaces = lo, eth1, eth2
hidefiles = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
hostsallow = 127., 10.10.10.
keepalive = 255
passdbbackend = smbpasswd:/etc/samba/smbpasswd, guest
deletegroupscript = /usr/sbin/groupdel %g
loadprinters = No
serverschannel = Yes
localmaster = yes
unixpasswordsync = Yes
winssupport = Yes
logonpath = \\%L\%U\profile
passwdchat = *password* %n\n *password* %n\n *changed*
changesharecommand =
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
doscharset = CP850
syslog = 0
utmp = Yes
oslevel = 255
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [files]
[files]
readonly = No
cscpolicy = disable
comment = public files
browseable = yes
writeable = yes
path = /files/pub
guestok = yes
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [homes]
[homes]
readonly = No
comment = Home Directories
browseable = No
cscpolicy = disable
guest ok = No
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [netlogon]
[netlogon]
sharemodes = No
rootpreexec = /var/lib/samba/netlogon/login.pl %U %G %m %L
comment = Netlogon Share
browseable = No
path = /var/lib/samba/netlogon
guestok = Yes
writelist = @ntadmin
locking = no
public = no
cscpolicy = disable
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [smbmonitor]
[smbmonitor]
readonly = No
cscpolicy = disable
comment = security smb logs
browseable = no
writeable = yes
path = /smbmonitor
guestok = yes
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [wincd]
[wincd]
readonly = No
cscpolicy = disable
comment = security smb logs
browseable = no
path = /wincd/win2k/mnt
writelist = @ntadmin
guestok = yes
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
##########################################################
#use this if you want profiles in a seperate share
#[profiles]
# comment = Roaming Profile Share
# path = /files/profiles
# read only = No
# browseable = No
#
# end of generated smb.conf
#
----- Original Message -----
From: "Nils Kalchhauser" <nils.kalchhauser at vollwerbung.at>
To: <samba at lists.samba.org>
Sent: Friday, November 07, 2003 10:13 AM
Subject: Re: [Samba] Samba 3 and MMC (Microsoft Management Console)
> "rruegner" <robowarp at gmx.de> wrote (Thu, 6 Nov 2003 23:44:30 +0100):
> > It works in parts but not in a whole cause its to deep inbound in active
> > directory.
> > So giving advice to use them would be no real advice for a stable use of
> > samba
> > Samba 3 can act as win nt 4 pdc and admined via
> > with usrmgr and srvmgr without trouble
>
> thanks for your answers...
>
> I tried srvtools.exe too, but the user manager has "New User..." greyed
> out and editing an existing user just does not work. however, listing the
> exsting users with their real names works.
>
> now some of you suggest that the nt4 usermgr really works nice... what can
> be done with it?
>
>
> thanks,
> Nils
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list