[Samba] NT doesn't like that, you should fix it
Fajar Priyanto
fajarpri at arinet.org
Fri Jul 9 09:12:59 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear all,
I have this in my /var/log/messages (pls mind the line wrap):
smbd3[3660]: [2004/07/09 15:31:26, 0]
rpc_server/srv_util.c:get_domain_user_groups(372)
smbd3[3660]: get_domain_user_groups: primary gid of user [fajar] is not a
Domain group !
smbd3[3660]: get_domain_user_groups: You should fix it, NT doesn't like that
Why is that? However, the operation is normal, I can logon into the domain,
download the profiles, etc.
This is my smb.conf:
[global]
workgroup = samba3
netbios name = centrino
server string = Samba Server %v
message command = /usr/bin/linpopup "%f" "%m" %s; rm %s
printcap name = cups
load printers = yes
printing = cups
printer admin = @adm
log file = /var/log/samba3/log.%m
log level = 3
map to guest = bad user
security = user
encrypt passwords = yes
smb passwd file = /etc/samba3/smbpasswd
unix password sync = Yes
pam password change = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \
*passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba3/smbusers
include = /etc/samba3/smb.conf.%m
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
winbind use default domain = yes
template homedir = /home/%D/%U
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
remote announce = 192.168.0.255
local master = yes
os level = 33
domain master = yes
preferred master = yes
domain logons = yes
logon script = %m.bat
logon script = %U.bat
logon path = \\%L\Profiles\%U
logon home = \\%L\%U\.profile
add user script = /usr/sbin/useradd -s /bin/false '%u'
delete user script = /usr/sbin/userdel '%s'
add user to group script = /usr/bin/gpasswd -a '%u' '%g'
delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
set primary group script = /usr/sbin/usermod -g '%g' '%u'
add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print
$3}'
delete group script = /usr/sbin/groupdel '%g'
add machine script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine
Account' -s /bin/false -M %u
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
# You can enable VFS recycle bin on a per share basis:
# Uncomment the next 2 lines (make sure you create a
# .recycle folder in the base of the share and ensure
# all users will have write access to it. See
# examples/VFS/recycle/REAME in samba-doc for details
; vfs object = /usr/lib/samba3/vfs/recycle.so
# Un-comment the following and create the netlogon directory for Domain Logons
[netlogon]
comment = Network Logon Service
path = /var/lib/samba3/netlogon
guest ok = yes
writable = yes
browseable = no
#Uncomment the following 2 lines if you would like your login scripts to
#be created dynamically by ntlogon (check that you have it in the correct
#location (the default of the ntlogon rpm available in contribs)
;root preexec = /usr/bin/ntlogon -u %U -g %G -o %a -d /var/lib/samba3/netlogon
;root postexec = rm -f /var/lib/samba3/netlogon/%U.bat
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
[Profiles]
path = /var/lib/samba3/profiles
browseable = no
guest ok = yes
writable = yes
# This script can be enabled to create profile directories on the fly
# You may want to turn off guest acces if you enable this, as it
# hasn't been thoroughly tested.
root preexec = PROFILE=/var/lib/samba3/profiles/%u; if [ ! -e $PROFILE ]; \
then mkdir -pm700 $PROFILE; chown %u.%g $PROFILE;fi
# NOTE: If you have a CUPS print system there is no need to
# specifically define each individual printer.
# You must configure the samba printers with the appropriate Windows
# drivers on your Windows clients or upload the printer driver to the
# server from Windows (NT/2000/XP). On the Samba server no filtering is
# done. If you wish that the server provides the driver and the clients
# send PostScript ("Generic PostScript Printer" under Windows), you have
# to use 'printcap name = cups' or swap the 'print command' line below
# with the commented one. Note that print commands only work if not using
# 'printing=cups'
[printers]
comment = All Printers
path = /var/spool/samba3
browseable = no
# to allow user 'guest account' to print.
guest ok = yes
writable = no
printable = yes
create mode = 0700
# =====================================
# print command: see above for details.
# =====================================
print command = lpr-cups -P %p -o raw %s -r # using client side printer
drivers.
; print command = lpr-cups -P %p %s # using cups own drivers (use generic
PostScript on clients).
# This share is used for Windows NT-style point-and-print support.
# To be able to install drivers, you need to be either root, or listed
# in the printer admin parameter above. Note that you also need write access
# to the directory and share definition to be able to upload the drivers.
# For more information on this, please see the Printing Support Section of
# /usr/share/doc/samba3-<version>/docs/Samba-HOWTO-Collection.pdf
#
# A special case is using the CUPS Windows Postscript driver, which allows
# all features available via CUPS on the client, by publishing the ppd file
# and the cups driver by using the 'cupsaddsmb' tool. This requires the
# installation of the CUPS driver (http://www.cups.org/windows.php)
# on the server, but doesn't require you to use Windows at all :-).
[print$]
path = /var/lib/samba3/printers
browseable = yes
write list = @adm root
guest ok = yes
inherit permissions = yes
# Settings suitable for Winbind:
; write list = @"Domain Admins" root
; force group = +@"Domain Admins"
# A useful application of samba is to make a PDF-generation service
# To streamline this, install windows postscript drivers (preferably colour)
# on the samba server, so that clients can automatically install them.
# Note that this only works if 'printing' is *not* set to 'cups'
[pdf-generator]
path = /var/tmp
guest ok = No
printable = Yes
comment = PDF Generator (only valid users)
#print command = /usr/share/samba3/scripts/print-pdf file path win_path
recipient IP &
print command = /usr/share/samba3/scripts/print-pdf %s ~%u //%L/%u %m %I
"%J" &
# This one is useful for people to share files
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
[public]
comment = Public Stuff
path = /home/samba3/public
public = yes
writable = no
write list = @staff
[fredsprn]
comment = Fred's Printer
valid users = fred
path = /homes/fred
printer = freds_printer
public = no
writable = no
printable = yes
[fredsdir]
comment = Fred's Service
path = /usr/somewhere/private
valid users = fred
public = no
writable = yes
printable = no
[pchome]
comment = PC Directories
path = /usr/pc/%m
public = no
writable = yes
[public]
path = /usr/somewhere/else/public
public = yes
only guest = yes
writable = yes
printable = no
[myshare]
comment = Mary's and Fred's stuff
path = /usr/somewhere/shared
valid users = mary fred
public = no
writable = yes
printable = no
create mask = 0765
[netware]
path = /var/lib/samba3/netware-bpk
public = no
valid users = test1 test2
writable = yes
browseable = no
Thanks
- --
Fajar Priyanto | Reg'd Linux User #327841 | http://linux.arinet.org
15:56:13 up 8:00, Mandrake Linux release 9.2 (FiveStar) for i586
public key: https://www.arinet.org/fajar-pub.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFA7mGdkp5CsIXuxqURAnBXAKCAltfB45HLXx3YO2RlQdbfvD0uwACfclEi
836egEZFISG6YmPWwa1TsY4=
=Ixss
-----END PGP SIGNATURE-----
More information about the samba
mailing list