[Samba] problem with samba 3.0 beta

Fri Sep 5 01:40:43 GMT 2003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Linux (or Unix in general) needs to have a UID for everyone who is
accessing files/system resources.

If your Samba user is not in /etc/passwd, then Linux doesn't know who he
is, and won't let him do anything.

If you add ldap to nsswitch.conf, then even though the user isn't in
/etc/passwd he will show up if you run:

getent passwd

and then Samba will be happy to let him access.

The only other option is to force everyone to be root; which is not a
good option at all.

- -Tom

nitin at netcore.co.in wrote:
| Hi!
| I am using samba 3.0 beta as a PDC with ldap authentication.
| I am able to login to win 98 machine with samba as PDC.
| The problem i am facing is samba requires /etc/passwd entry of user in
addition
| to ldap entry. I am pasting my smb.conf for ref.
| Is it possible to use only ldap account so that i do not have to add
/etc/passwd
| entry.
|
| I have not added ldap entry in /etc/nsswitch.conf file.
|
| please mail a cc at nitin at netcore.co.in.
|
| any help really appreciated.
| thanks in advance.
|
|
|
| ------------------ smb.conf--------------------------------
| global]
| 	workgroup = SMBDOMAIN
| 	netbios name = LINUX72SVR
| 	server string = Samba-LDAP PDC running %v
| 	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
|
| 	os level = 64
| 	preferred master = Yes
| 	local master = Yes
| 	domain master = Yes
| 	wins support = Yes
|
| 	security = user
| 	encrypt passwords = yes
| 	log file = /var/log/samba/log.%m
| 	log level = 2
| 	max log size = 50
| 	hosts allow = 127.0.0.1 192.168.2.0/255.255.255.0
|
| 	passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
| 	passwd chat = *New*password* %n\n *Retype*New*password* %n\n
| *passwd:*all*authentication*tokens*updated*
| 	unix password sync = Yes
| 	
| 	ldap admin dn = cn=Manager,dc=smbdomain,dc=com
| 	ldap server = localhost
| 	ldap port = 389
| 	ldap ssl = no
| 	ldap suffix = "ou=Users,dc=smbdomain,dc=com"
|
| 	logon home = \\%L\%U\
| 	logon drive = Y:
| 	logon path = \\%L\samba\profiles\%U
| 	logon scripts = netlogon.bat
|
| 	add user script = /usr/local/sbin/smbldap-useradd.pl -m -d /dev/null
- -g computers
| -s /bin/false
| 	domain logons = Yes
|
|
| [homes]
| 	comment = Home Directories
| 	valid users = %S
| 	browseable = No
| 	writable = yes
| 	create mask = 0664
| 	directory mask = 0775
|
| [printers]
| 	comment = All Printers
| 	path = /var/spool/samba
| 	printable = Yes
| 	browseable = No
|
| [profiles]
| 	path = /home/samba/profiles
| 	writable = yes
| 	browseable = no
| 	create mask = 0600
| 	directory mask = 0700
|
| [netlogon]
| 	comment = Network Logon Service
| 	path = /home/netlogon
| 	read only = yes
| 	browseable = no
| 	write list = nitin
|
| ------------------------------------------------------------------
|
| ----------------------------------------------------------------
|
| NETCORE SOLUTIONS *** Ph: +91 22 5662 8000 Fax: +91 22 5662 8134
|
| MailServ: Email, IM, Proxy, Firewall, Anti-Virus, LDAP
| Fleximail: Mail Storage, Management and Relaying
| http://netcore.co.in
|
| Emergic Freedom: Linux-based Thin Client-Thick Server Computing
| http://www.emergic.com
|
| BlogStreet: Top Blogs, Neighborhoods, Search and Utilities
| http://www.blogstreet.com
|
| Rajesh Jain's Weblog on Technology: http://www.emergic.org
| ----------------------------------------------------------------
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/V+mbRliD/69byygRAkr7AJ9FPJvD2/ryn1EkAznmxG/0u3m5rQCfYPBB
G4TexV2rHA8mwdzmompqdTg=
=uZpA
-----END PGP SIGNATURE-----