[Samba] "username map" parameter not working after upgrade to SAMBA 3

rruegner robert at ruegner.org
Thu Sep 9 21:03:58 GMT 2004 

hi,
as far i know
username map is no longer valid for samba 3
(you can use
admin users = root, Administrator)

but the behavior has changed in total, so you have to use group and user 
mapping.
read the faqs samba 3 as domain member server
may help
Regards

Celeste Suliin Burris schrieb:
> I have been using the "username map" parameter for some time on various  
> versions of Samba 2, and it has worked nicely. Last week I upgraded to  
> Samba 3 and integrated with Active Directory. Since I am using Solaris  
> 8, and "nsswitch.conf" doesn't support winbindd, I am using the "add  
> user script" parameter to add users. What is happening is that users in  
> the "username map" are getting added, even though their names were  
> previously resolving correctly. Everything else works pretty well, so  
> I'm not sure what is going on. Help would be appreciated.
> 
> My "smb.conf" file follows -
> 
> # Global parameters
> [global]
>     workgroup = tacoma
>     netbios name = GEOBASE1
>     server string = TEDD Sun Server
>     interfaces = 131.191.215.40/255.255.255.0
> #    security = DOMAIN
>     security = ads
>     realm = TACOMA.LCL
>     encrypt passwords = Yes
>     min passwd length = 8
>     password server = *
>     name resolve order = host wins
>     deadtime = 30
>     preferred master = False
>     local master = No
>     domain master = False
>     wins server = 131.191.129.31
>     winbind cache time = 36000
>     printer admin = @printadm
>     create mask = 0775
>     nt acl support = yes
>     template shell = /bin/false
>     template homedir = /export/home/geobase1/%U
>     username map = /usr/local/samba/lib/users.map
>     invalid users = smsadmin1
> # separate domain and username with "/", like DOMAIN/username
>     winbind separator = /
> # use UIDs from 10000 to 20000 for domain users
>     idmap uid = 10000-20000
>     idmap gid = 10000-20000
> # allow enumeration of winbind users and groups
>     winbind enum users = yes
>     winbind enum groups = yes
>     winbind use default domain = yes
> # Allow Samba to add accounts for new users
>     winbind enable local accounts = yes
>     add user script = /usr/sbin/useradd -g nobody -d /tmp -s /bin/false 
> -m  %u
>     delete user script = /usr/sbin/userdel %u
>     print command = /usr/bin/lp -d%p -o nobanner -Traw -s %s -c; rm %s
>     veto oplock files = /*.nit/*.dat/*.dir/*.adf/
> 
> [printers]
>     path = /var/spool/smbprint
>     printable = true
>     guest ok = true
> 
> [print$]
>     comment = Windows Printer Drivers
>     path = /usr/local/samba/printdrv
>     write list = csburris, @printadm
>     guest ok = Yes
> 
> [2kprint]
>     comment = Windows NT4 Printer Drivers
>     path = /usr/local/samba/drivers/2kprint
>     write list = @printadm
>     guest ok = Yes
> 
> [tedplot3]
>     comment = TEDD HP Designjet 1055cm
>     path = /var/spool/smbprint
>     create mask = 0700
>     guest ok = Yes
>     printable = Yes
>     printer name = tedplot3
> 
> [teddlbls]
>     comment = 9th Flr Epson 2170 - Labels Only
>     path = /var/spool/smbprint
>     create mask = 0700
>     guest ok = Yes
>     printable = Yes
>     printer name = teddlbls
> 
> [pdgmtrn1]
>     comment = TEDD HP 4m near NGY's desk
>     path = /var/spool/smbprint
>     create mask = 0700
>     guest ok = Yes
>     printable = Yes
>     printer name = pdgmtrn1_2
> 
> [pdsuis1]
>     comment = DataProducts Printer in equipment room
>     path = /var/spool/smbprint
>     create mask = 0700
>     guest ok = Yes
>     printable = Yes
>     printer name = pdsuis1
> 
> [pdshpplt]
>     comment = TEDD HP Designjet 755cm in equipment room
>     path = /var/spool/smbprint
>     create mask = 0700
>     guest ok = Yes
>     printable = Yes
>     printer name = PDS_HPPlt_2
> 
> [gisinstl]
>     comment = ESRI Install Point
>     path = /gis_install/gisinstl
>     browseable = No
>     write list = @sysadmin
> 
> [homes]
>     comment = Home Directories
>     read only = No
>     create mask = 0755
>     browseable = No
>     veto files =  
> /ADMIN.DLL/LOAD.EXE/MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [pdsshare]
>     comment = TEDD Production Data
>     path = /pdsshare
>     read only = No
>     create mask = 0775
>     guest ok = Yes
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [pdsstaff]
>     comment = TEDD Only Nonshared
>     path = /pdsstaff
>     write list = @staff @pweng
>     create mask = 0755
>     read only = No
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [teddplan]
>     comment = TEDD Staff-Only Share
>     path = /teddplan/teddplan
>     write list = @staff @planners
>     create mask = 0755
>     read only = No
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [orthopho]
>     comment = Niess Orthophotos
>     path = /orthopho
>     write list = @sysadmin
>     guest ok = Yes
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [business]
>     comment = Business Analyst
>     path = /business/business
>     write list = @bizanal
>     guest ok = Yes
>     veto files =  
> /*.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [esri]
>     comment = Arc Info Libraries and License Files
>     path = /esri
>     valid users = @staff
>     create mask = 0755
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
>     browseable = No
> 
> [pierce]
>     comment = Pierce County Parcel Library
>     path = /pcounty/bonanza/libs
>     read only = Yes
>     guest ok = Yes
> 
> [pub]
>     comment = TEDD World Share
>     path = /pub/pub
>     read only = No
>     create mask = 0777
>     guest ok = Yes
> 
> [syswork]
>     comment = system administration
>     path = /syswork
>     valid users = @sysadmin
>     read only = No
>     browseable = No
> 
> [images]
>     comment = TEDD Graphics Repository Share
>     path = /images/images
>     write list = @images
>     read only = No
>     create mask = 0775
>     guest ok = Yes
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [mrsidwrk]
>     comment = TEDD mrsid compression area
>     path = /mrsid/mrsidwrk
>     write list = @staff
>     create mask = 0755
>     read only = No
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ 
> MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
> 
> [arcviewt]
>     comment = Arcview Tutorial
>     path = /esri/arcviewtut
>     read only = No
>     guest ok = Yes
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/
> 
> [intranetdev]
>     comment = TEDD Intranet Pages
>     path = /intranetdev/webintern
>     write list = @webintrn
>     read only = No
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/
> 
> [webintrn]
>     comment = Web Intern Work Area
>     path = /intranetdev/webintern
>     write list = @sysadmin @webintrn
>     read only = No
>     veto files =  
> /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ 
> *~?.???/*:*/Network Trash  
> Folder/resource.frk/.AppleDesktop/DesktopFolderDB/
> 
> [arc]
>     comment = GIS Project ARC/Info applications and data
>     path = /gisfs1/gis/arc
>     write list = ptang sroberts
>     guest ok = Yes
> 
> [arcexe71]
>     comment = Arc/INFO 7.1 Executables
>     path = /gisfs1/arcexe71
>     guest ok = Yes
> 
> [gis_maps]
>     comment = GIS Project maps - Autocad format
>     path = /gisfs1/gis/maps
>     write list = @gisprcl
>     read only = No
>     guest ok = Yes
> 
> - end smb.conf
> 
> Celeste Suliin Burris
> Systems Administrator
> Tacoma Economic Development Department
> Email - csburris at ci.tacoma.wa.us
>

More information about the samba mailing list