Fixed: [Samba] 3.0.1pre1 broke my 'valid users' on one share

Aaron_Colichia at Dell.com Aaron_Colichia at Dell.com
Sun Oct 26 15:08:57 GMT 2003 

Setting 'winbind use default domain = no' and adjusting my share access to
use the DOMAIN+ prefix fixed the problem.

There must be some portions of samba which are not friendly with this
option, yet.

The main reason why I like this option being, when ADS user's login to my
server via ssh they can use the username alone, instead of prepending
'DOMAIN+'


-----Original Message-----
From: Colichia, Aaron 
Sent: Friday, October 24, 2003 9:34 AM
To: 'Gerald (Jerry) Carter'
Subject: RE: [Samba] 3.0.1pre1 broke my 'valid users' on one share


I assume I can't set this on a per share basis, which will break other
shares.

My other access lists make use of the ADS groups, like "@Domain Users"

When I specify the domain with these, would that be "@EST+Domain Users" ? or
something else ?

Due to the ridiculous spam I now receive since signing up two months ago, I
am now off this list permanently.

If you do reply, please send direct.

Thanks for the suggestion,

Aaron Colichia


-----Original Message-----
From: Gerald (Jerry) Carter [mailto:jerry at samba.org] 
Sent: Friday, October 24, 2003 9:14 AM
To: Colichia, Aaron
Cc: samba at lists.samba.org
Subject: Re: [Samba] 3.0.1pre1 broke my 'valid users' on one share


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aaron_Colichia at Dell.com wrote:

| Before updating to 3.0.1pre1, the following smb.conf worked. Now when
| users try to hit the [broke] share they are denied access. Winbind has 
| no problem finding the users and groups for the domain. I've verified 
| filesystem permissions, "Domain Users" have full RW access. I do not 
| seeing anything coming across my smbd log files.

Try setting "winbindd use default domain = no" and let me know. (Have I said
how much I hate that parameter today?).




cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard            ------------------------- http://www.hp.com
~ SAMBA Team                 ---------------------- http://www.samba.org
~ GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop there."
~                            --John Cusack - "Grosse Point Blank" (1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/mTO4IR7qMdg1EfYRAmOvAJwIlv4Vr3sW7KeYgyAe5f5zEK8zOACgpsHx
KJXjdlsqjHDCPDDiew+lvpo=
=rPp2
-----END PGP SIGNATURE-----

More information about the samba mailing list