[Samba] MS Word and Samba File Permissions Problem: probablysolved

Chris Aitken chris at ion-dreams.com
Wed Feb 4 10:09:29 GMT 2004


> > > + Groupmapping:
> > > - Domain Admins -> root
> > > - Domain Users -> domuser
> > > - Domain Guests -> nogroup
>
> For the "add group script" I use what is given as an example in the Samba
> HowTo:
> http://de.samba.org/samba/docs/man/groupmapping.html#smbgrpadd.sh
>
> The "add user script" is just the normal "useradd"-comand:
> - /usr/sbin/useradd -d /home/"%u" -c "DomainUser" -s /bin/false  "%u"
>
> That only worked correctly when I omitted the "-g whateverPrimaryGroup" .
>
> Apparently Samba adds the user to the group later:
> - set primary group script = /usr/sbin/usermod -g "%g" "%u"
>
> Giving passwords to users only worked after I adapted the "passwd
> chat" to the Debian passwd program: passwd chat = "*new*password*" %n\\n
"*new*password*" %n\\n "*updated*"
>
> New compis are added to the group "nogroup" in my config:
> - add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false -c
> "DomainMachines" -g nogroup "%u"
>
> And (nearly) finally all that only worked after I did set the
> rights right:
> Groupmapping: see above
> smb.conf: see above and " valid users = +root, +domuser, +nogroup"

Hi Alexander,

With this set up of yours, when you add users, do you have to manually add
the home directories & profile directories in usrmgr, or does that work
automatically? And what backend are you using? I am using tbdsam.

I have had limited success - either I have to add them myself, or they
automatically appear as "\\basilisk\%u" and "\\basilisk\profiles\%u" i.e.
the %L is expanded correctly to the machine name, but the %u is not expanded
correctly - and a %u directory apprears in \\basilisk\profiles!

Maybe one of the samba team can tell me what the expected behaviour should
be (with tbdsam/usrmgr). To recall I am using samba 3.0.0final, compiled
from the debian testing source, with-quotas. Would the expected behaviour
change if one was to use pam password change = yes, instead of passwd
program = /usr/bin/passwd %u.

Cheers

Chris


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the samba mailing list