[Samba] XP Pro problem/change to root user uid=0 gid=0 ????
mike_a at speakeasy.net
mike_a at speakeasy.net
Tue Aug 31 21:48:51 GMT 2004
Hi All,
I'm running 3.0.5 on Redhat as member server using winbind connecting to a mixed mode win2k domain. secret are good, getent & wbinfo -u work fine. but
a user running xp pro cannot access the share, but can access subdirectories therein. the client log file (log level is at 10) is repetitive and is full of the following "Primary group is 0 and contains 0 supplementary groups
[2004/08/31 13:17:29, 5] smbd/uid.c:change_to_root_user(281)
change_to_root_user: now uid=(0,0) gid=(0,0)"
I'm a bit lost after seeing him connect to subdirectories but not the share. Now we've removed and re-added his workstation to the domain and I'm out of ideas. Below is my nsswitch.conf, pam.d/login and my smb.conf
I'm very grateful for any assistance.
Mike
#############################
nsswitch..conf
#passwd: files nisplus winbind
passwd: files winbind
shadow: files nisplus # winbind
#shadow: files winbind
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns winbind
##############################
pam.d/login
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so use_first_pass likeauth nullok
auth required /lib/security/pam_deny.so
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
#############################
smb.conf
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = SLANT
allow trusted domains = no
# WINS service
#winbind uid = 10000-20000 deprectaed in 3.x
winbind uid = 10000-20000
idmap uid = 10000-20000
winbind gid = 10000-20000
;winbind gid = 10000-20000 deprectaed in 3.x
idmap gid = 10000-20000
;winbind enum users = yes deprectaed in 3.x
winbind enum users = yes
;winbind enum groups = yes deprecated in 3.x
winbind enum groups = yes
#winbind enable local accounts = no
# passdb backend = tdbsam guest
;winbind separator ="\"
;wins proxy = Yes
#wins support = Yes
#wins server = hqdhcp1
#wins server = zldc2
wins server = 172.16.211.44
# server string is the equivalent of the NT Description field
server string = NASBKUP1
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
;guest account = guest
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Put a capping on the size of the log files (in Kb).
max log size = 10000
# Logging Verbosity
log level = 10
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = domain
;auth methods = guest sam ntdomain
# obey pam restrictions = yes
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
password server = *
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
; smb passwd file = /etc/samba/smbpasswd
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
dns proxy = no
#============================ Share Definitions ==============================
# A publicly writable directory by anyone authenticated via SLANT domain
[UnixBackups]
comment = Unix Backups
path = /d1/unix
;public = yes
;guest ok = yes
writable = no
;write list = @staff
printable = no
valid users = @SLANT\Lockup2, @backup
[Lockup]
comment = Lockup uploads
path = /d1/lockup
;public = yes
;guest ok = yes
writable = yes
printable = no
valid users = @SLANT\Lockup2 @SLANT\Tech_Support
;force user = nobody
;force group = nobody
[WindowsBackups]
comment = Windows Backups
path = /d1/windows
;public = yes
;guest ok = yes
writable = yes
printable = no
write list = SLANT\rwilson
valid users = SLANT\rwilson SLANT\harry
[OracleBackups]
comment = Oracle Backups
path = /d1/oracle
;public = yes
;writable = yes
guest ok = yes
printable = no
write list = @staff
valid users = SLANT\harry
[WebLogs]
comment = Web Logs
path = /d1/logs
;public = yes
;guest ok = yes
writable = yes
printable = no
write list = @staff
valid users = SLANT\harry
[MiscBackups]
comment = Misc Backups
path = /d1/misc
;public = yes
writable = yes
;guest ok = yes
printable = no
valid users = SLANT\ SLANT\svawter SLANT\dneely SLANT\jharty SLANT\rhainer
;valid users = SLANT\Unix-Admin
#write list = @staff
More information about the samba
mailing list