[Samba] W2K Domain Users in Samba
Sean P. Elble
elbles at sessys.com
Wed Apr 19 16:42:09 GMT 2006
Jim,
My comments are within your original post to the mailing list.
--
+-------------------------------------------------+
| Sean Elble |
| Virginia Tech |
| Computer Engineering, Class of 2008 |
| Vice President, VTLUUG |
| E-Mail: elbles at sessys.com |
+-------------------------------------------------+
On Wed, 19 Apr 2006, jim_mosbey at dps.state.ny.us wrote:
> Looking for a poniter in the right direction
>
> My current configuration is
> NT4 PDC (Solaris PCnetlink)
> Samba Member server (Solaris 9 Samba ver 3.0.20b)for file and print
> sharing
> WinXp Pro Clients SP2
>
> My problem is with the Domain Users. I am able to share out file systems
> to the XP clients from my Samba server OK. I am also able to modify the
> permissions for the files in the share in Solaris using the chmod, chgrp
> and chown. This seems to work OK. When I am on the WinXp client and I look
> at the security permissions tab on the folder properties that I own, I
> cannot see the NT4 Domain Users, all I see are the \\localmachine\user
> when what I want is the \\domain\user. When I try to add a domain user in
> the secrutiy properties page I see the domain and the list of users but
> when I select a user or group and select add it does not add it to the
> folder properties. I am new to Samba -- am I missing some simple
> configuration parameter or is this how it is suppose to work.
My first question to you is how have you setup the users on this Solaris
file server? For file sharing to work properly,I'd imagine you either are
running Winbind for the user database on the server, OR you are using
username mapping, with local users on the file server as well. If you are
not, well, that is your problem right there. Samba needs to know which
UNIX user owns the files, and has the various permissions: Knowing which
user in the Windows domain would not do Samba any good, as it doesn't
maintain a permissions database for files separate of the UNIX file
permissions scheme (someone please correct me if I am wrong here).
This is quite unlike Sun's PC Netlink, which, IIRC, is a product developed
under a source code license from Microsoft, allowing for full Windows NT
4.0 PDC functionality from a Solaris server (versions were produced for
other versions of UNIX as well). However, it maintains its own database
for file permissions, and it does not require local UNIX users for every
Windows user in the domain.
As such, my recommendation would be to run Winbind on the file server,
which will allow you to authenticate local UNIX users via the PC Netlink
PDC, and allow you to do file permissions and other such things on the
UNIX level quite easily. I cannot say for sure that this is where your
problem lies, but I'd put some money on it (if I were not a poor college
student, that is :-)).
>
> alb-smb(test)# ./testparm /etc/samba/smb.conf
> Load smb config files from /etc/samba/smb.conf
> Processing section "[printers]"
> Processing section "[R]"
> Processing section "[logs]"
> Loaded services file OK.
> Server role: ROLE_DOMAIN_MEMBER
> Press enter to see a dump of your service definitions
>
> [global]
> workgroup = TESTDOM
> server string = %h - Samba Server %v
> security = DOMAIN
> password server = test-net
> log level = 4
> log file = /var/log/samba/log.%m
> max log size = 50
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> printcap name = /etc/printcap
> dns proxy = No
> wins server = 10.0.0.1
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
> [R]
> comment = R Drive
> path = /share/R
> public = yes
> writable = yes
> create mask = 0755
> guest ok = Yes
> nt acl support = true
>
> [logs]
> comment = Testing logs
> path = /share/logs
> public = yes
> writable = yes
> create mask = 0755
> guest ok = Yes
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list