[Samba] not working : valid users = @"DOM+USER"
Charles Bueche
charles at bueche.ch
Mon Jun 7 18:26:18 GMT 2004
Hi Steve,
strange... so it just fallback to Win groups if it doesn't find local
groups ?
I ahve studied the source, mainly lib/username.c and friends. I have
seen that it try to look up the name without the domain prefix, which
fail (same effect as in wbinfo).
I'm now away from this customer site, I will have to wait tomorrow to
test again. I will report my results.
Am I right to assume that I don't need pam for this ? My goal is to use
AD for Samba, but local passwd/groups for the logins.
Charles
On Mon, 07 Jun 2004 15:47:40 +0100
Spaceboy <spaceboy at spaceboy.co.uk> wrote:
> Charles,
> I've just done this here on Solaris 8.
>
> I have found slightly odd behaviour in that wbinfo -u and wbinfo -g
> only return the actual usernames and groups rather than
> "DOMAIN+Username" and "DOMAIN+Groupname".
>
> So in my smb.conf file I needed:-
> valid users = @Groupname
>
> without the DOMAIN+ part.
>
> And yes I've set winbind seperator = + as well.
>
> Just a thought.
> Steve
>
> Charles Bueche wrote:
>
> >Hi,
> >
> >I have Samba 3.0.4 on Solaris 9, recent patches applied. Samba is
> >integrated in domain (security = domain). I have compiled and
> >configured winbind, but not pam and no ldap. Ncsd is stopped.
> >
> >Winbind works OK, I can connect to share and users get mapped
> >on-the-fly to UNIX uids and gids in the ranges specified in smb.conf.
> >My config is included below with some tweaks to protect the innocent.
> >
> >---
> >
> >My goal : I want to create a share and restrict its access based on
> >the membership of a Windows group.
> >
> >I have successfuly used :
> >
> > valid users = DOM+user1 DOM+user2 DOM+user3
> >
> >but when I try :
> >
> > valid users = @DOM+wingroup
> >
> >or :
> >
> > valid users = +DOM+wingroup
> >
> >It refuses me access to the share, even if I'm member of the Windows
> >group.
> >
> >What do I do wrong ? How should I write the groupnames ? Help
> >wanted...
> >
> >
> >
> >
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
--
Charles Bueche <charles at bueche.ch>
sand, snow, wave, wind and net -surfer
More information about the samba
mailing list