[Samba] Re: Admin users, file operations and file ownership
Pete Eide
petter.eide at gmail.com
Sun Feb 13 17:28:15 GMT 2005
Here is the configuration:
[global]
server string = Linux DC (%h)
netbios name = xxx
display charset = iso-8859-1
name resolve order = wins lmhosts hosts bcast
admin users = @winadm
obey pam restrictions = yes
lm announce = no
time server = yes
fake directory create times = yes
dns proxy = No
keep alive = 30
dos charset = 850
local master = yes
domain master = yes
preferred master = true
domain logons = yes
workgroup = xxx
os level = 99
update encrypted = yes
security = user
dos filetimes = yes
min protocol = NT1
client lanman auth = no
logon path = \\samba\profile
logon script = logon.bat
encrypt passwords = true
passdb backend = ldapsam:ldap://xx.xx.xx.xx
wins support = true
unix extensions = yes
dos filetime resolution = yes
unix charset = ISO8859-1
panic action = /usr/share/samba/panic-action %d
map to guest = Never
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
getwd cache = yes
log file = /var/log/samba/log.%m
max log size = 1000
log level = 1
syslog = 0
debug uid = yes
idmap gid = 500-65535
idmap uid = 500-65535
ldap admin dn = "cn=xx,dc=xx,dc=xx"
ldap server = xx.xx.xx.xx
ldap port = 389
ldap suffix = dc=xx,dc=xx
ldap delete dn = no
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=Computers
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *new*password* %n\n *new*password* %n\n
*successfully*
unix password sync = yes
ldap passwd sync = yes
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
-g 903 -c 'Workstation' -s /bin/false %u
load printers = yes
printing = cups
printcap name = cups
[homes]
comment = Home Directories
browseable = no
read only = no
valid users = %U
writeable = yes
create mode = 0640
directory mode = 0750
force create mode = 0640
force directory mode = 0750
path = /home/%U
public = no
[netlogon]
comment = Domain logon service
path = /home/samba/netlogon
public = no
read only = yes
writable = no
browsable = no
write list = @winadm
[profile]
path = /home/%U/.smb_profile
nt acl support = no
csc policy = disable
profile acls = yes
browseable = no
create mode = 0600
directory mode = 0700
read only = no
default case = lower
preserve case = no
short preserve case = no
mangle case = yes
case sensitive = no
valid users = %U
guest = ok
force user = %U
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = yes
browseable = no
public = yes
guest ok = yes
writable = no
printable = yes
printer admin = @winadm
[print$]
comment = Printer Drivers
path = /etc/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = @winadm
[share]
comment =
path = /opt/share
valid users = @users, @winadm
force group = users
read only = No
create mask = 0664
directory mask = 0775
browseable = yes
[adm]
comment = adm
path = /home/samba
valid users = @winadm
force group = winadm
read only = No
create mask = 0664
directory mask = 0775
inherit permissions = Yes
public = no
browseable = no
[cdrom]
comment = Samba server's CD-ROM
writable = no
locking = no
path = /cdrom
public = yes
preexec = /bin/mount /cdrom
postexec = /bin/umount /cdrom
Petter L. H. Eide wrote:
> Hello,
>
> When a user is defined in admin users, Samba will always do file
> operations for this user as root. In my case when these users creates
> a new file or directory root i defined as owner of the new files as
> well. When only accessing the files through windows, this isn't
> usually a problem, but once using linux again, this is a bit
> annoying..
>
> Is it supposed to be this way? Is there any possible solutions to
> avoid the problem?
>
>
> My samba-config-file is attached.
>
>
> I would be very grateful if anybody could help me with this.
>
> Best regards,
> Pete
>
More information about the samba
mailing list