[Samba] 3 questions

Alexey Toptygin alexeyt at freeshell.org
Wed Sep 15 18:18:39 GMT 2004 

I've set up a Samba 3.0.6-3 (Debian/testing) server as a member of a Win2k 
ADS domain. Everything is working fine, except for 3 nagging issues:

1) For some reason, although I have:
 	map to guest = Bad User
 	guest account = stguest

people who give bad user names get mapped to `nobody` (as seen by ps -ef). 
stguest has a valid entry in /etc/passwd (with no password and shell 
/bin/false)

2) Using the windows explorer client, I have to manually hit refresh to 
see status changes, even when I cause them with that client. I.E. if I 
create a new folder, nothing shows up until I hit refresh, at which point 
I see a new folder named "New Folder". The same thing happens for all 
other file operations. What do I need to change to fix this?

3) I'm in a 2k ADS realm which was upgraded from an NT4 domain. The 
'workgroup' name is TECORE while the realm is called INTERNAL.TECORE.COM
I see lots of errors in the logs about invalid users from the 
INTERNAL.TECORE.COM domain, alhough I think all of the clients are 
retrying with the other domain name and getting accepted. Is there some 
way to tell smbclient to treat the two domains as identical for 
authentication purposes?

Any help would be appreciated. Here's the output of tesparm:

Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[systemtest]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions

# Global parameters
[global]
         workgroup = TECORE
         realm = INTERNAL.TECORE.COM
         server string = System Test Server
         security = ADS
         map to guest = Bad User
         obey pam restrictions = Yes
         password server = 192.168.1.2
         passdb backend = tdbsam
         guest account = stguest
         syslog = 0
         log file = /var/log/samba/log.%m
         max log size = 100
         name resolve order = wins bcast
         deadtime = 15
         dns proxy = No
         panic action = /usr/share/samba/panic-action %d
         invalid users = root

[homes]
         comment = Home Directories
         read only = No
         create mask = 0750
         directory mask = 0750
         browseable = No

[systemtest]
         comment = System Test Share
         path = /home/systemtest
         read only = No
         create mask = 0750
         directory mask = 0750
         guest ok = Yes

 			Alexey

More information about the samba mailing list