Fixed: [Samba] 3.0.1pre1 broke my 'valid users' on one share
Aaron_Colichia at Dell.com
Aaron_Colichia at Dell.com
Sun Oct 26 15:08:57 GMT 2003
Setting 'winbind use default domain = no' and adjusting my share access to
use the DOMAIN+ prefix fixed the problem.
There must be some portions of samba which are not friendly with this
option, yet.
The main reason why I like this option being, when ADS user's login to my
server via ssh they can use the username alone, instead of prepending
'DOMAIN+'
-----Original Message-----
From: Colichia, Aaron
Sent: Friday, October 24, 2003 9:34 AM
To: 'Gerald (Jerry) Carter'
Subject: RE: [Samba] 3.0.1pre1 broke my 'valid users' on one share
I assume I can't set this on a per share basis, which will break other
shares.
My other access lists make use of the ADS groups, like "@Domain Users"
When I specify the domain with these, would that be "@EST+Domain Users" ? or
something else ?
Due to the ridiculous spam I now receive since signing up two months ago, I
am now off this list permanently.
If you do reply, please send direct.
Thanks for the suggestion,
Aaron Colichia
-----Original Message-----
From: Gerald (Jerry) Carter [mailto:jerry at samba.org]
Sent: Friday, October 24, 2003 9:14 AM
To: Colichia, Aaron
Cc: samba at lists.samba.org
Subject: Re: [Samba] 3.0.1pre1 broke my 'valid users' on one share
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aaron_Colichia at Dell.com wrote:
| Before updating to 3.0.1pre1, the following smb.conf worked. Now when
| users try to hit the [broke] share they are denied access. Winbind has
| no problem finding the users and groups for the domain. I've verified
| filesystem permissions, "Domain Users" have full RW access. I do not
| seeing anything coming across my smbd log files.
Try setting "winbindd use default domain = no" and let me know. (Have I said
how much I hate that parameter today?).
cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard ------------------------- http://www.hp.com
~ SAMBA Team ---------------------- http://www.samba.org
~ GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop there."
~ --John Cusack - "Grosse Point Blank" (1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/mTO4IR7qMdg1EfYRAmOvAJwIlv4Vr3sW7KeYgyAe5f5zEK8zOACgpsHx
KJXjdlsqjHDCPDDiew+lvpo=
=rPp2
-----END PGP SIGNATURE-----
More information about the samba
mailing list